Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Pc lento Opzioni
Fleccer
Inviato: Friday, February 21, 2014 9:12:29 AM
Rank: AiutAmico

Iscritto dal : 5/19/2005
Posts: 566
Ciao a tutti Come da titolo da un po di giorni il pc fa fatica a compiere anche le operazioni piu semplici specialmente i due browswer Firefox e Crome.
Ho gia provveduto a tutte le pulizie che di solito si fanno in questi casi cc cleaner, malwarebytes e adwcleaner. In effetti qualche miglioramento l'hanno dato ma dopo due giorni tutto torna come prima.
Posto una scansione con hjckthis sperando di risolvere definitivamente il problema
Grazie a ciao.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:15:23 PM, on 2/21/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) - Unknown owner - C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5213 bytes
Sponsor
Inviato: Friday, February 21, 2014 9:12:29 AM

 
shapiro
Inviato: Friday, February 21, 2014 10:21:28 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


ciao Fleccer puoi allegare i log delle scansioni ? ricorda di aggiornare I.E. quello che hai e' obsoleto

Internet Explorer v6.00


fai questa scansione


scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)

Allegali insieme agli altri

Fleccer
Inviato: Saturday, February 22, 2014 11:42:40 AM
Rank: AiutAmico

Iscritto dal : 5/19/2005
Posts: 566
Eccomi: ci ho messo un po perche' ho rifatto tutte le scansioni in modo da avere un quadro aggiornato.
OTL mi ha rilasciato solo il log OTL.txt.
Riguardo a Explorer lo so che e' obsoleto ma ma tanto non lo uso mai.
Adesso dopo queste pulizie il pc va bene speriamo che duri.
Ad ogni modo ti posto i log di Malwarebytes, Adwcleaner e OTL
Grazie e Ciao

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.02.22.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Administrator :: MICROSOF-6253F9 [amministratore]

2/22/2014 3:25:36 PM
mbam-log-2014-02-22 (15-25-36).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 267674
Tempo impiegato: 1 ore, 48 minuti, 40 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 5
C:\Documents and Settings\Administrator\My Documents\Downloads\Non confermato 999626.crdownload (PUP.Optional.InstallIQ) -> Spostato in quarantena ed eliminato con successo.
C:\Documents and Settings\Administrator\My Documents\Downloads\coretemp_d7632790.exe (PUP.Optional.InstallIQ) -> Spostato in quarantena ed eliminato con successo.
C:\Documents and Settings\Administrator\My Documents\Downloads\cpuz-1.67.exe (PUP.Optional.OpenCandy) -> Spostato in quarantena ed eliminato con successo.
C:\System Volume Information\_restore{25032486-68DD-4E06-8473-795D1423C5E6}\RP166\A0065511.exe (PUP.Optional.InstallMonetizer) -> Spostato in quarantena ed eliminato con successo.
D:\System Volume Information\_restore{25032486-68DD-4E06-8473-795D1423C5E6}\RP188\A0069253.exe (Trojan.Agent.CK) -> Spostato in quarantena ed eliminato con successo.

(fine)


___________________________________________________________________________________________________________________________________________________________________________________



# AdwCleaner v3.019 - Report created 22/02/2014 at 17:23:46
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - MICROSOF-6253F9
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v26.0 (it)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7iwmjwdy.default-1389954047390\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3355 octets] - [21/10/2013 21:57:17]
AdwCleaner[R1].txt - [3243 octets] - [21/10/2013 22:04:07]
AdwCleaner[R2].txt - [5101 octets] - [25/10/2013 13:41:44]
AdwCleaner[R3].txt - [1567 octets] - [18/01/2014 12:47:48]
AdwCleaner[R4].txt - [1509 octets] - [15/02/2014 17:08:00]
AdwCleaner[R5].txt - [1629 octets] - [22/02/2014 17:22:44]
AdwCleaner[S0].txt - [3443 octets] - [21/10/2013 21:59:58]
AdwCleaner[S1].txt - [3422 octets] - [25/10/2013 13:45:20]
AdwCleaner[S2].txt - [3875 octets] - [02/12/2013 23:16:12]
AdwCleaner[S3].txt - [1634 octets] - [18/01/2014 12:54:28]
AdwCleaner[S4].txt - [1570 octets] - [15/02/2014 17:09:15]
AdwCleaner[S5].txt - [1550 octets] - [22/02/2014 17:23:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1610 octets] ##########

______________________________________________________________________________________________________________________________________________________________________________________



OTL logfile created on: 2/22/2014 5:27:43 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.47 Mb Total Physical Memory | 447.96 Mb Available Physical Memory | 58.37% Memory free
1.83 Gb Paging File | 1.54 Gb Available in Paging File | 84.08% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.67 Gb Total Space | 64.85 Gb Free Space | 66.40% Space Free | Partition Type: NTFS
Drive D: | 51.38 Gb Total Space | 26.40 Gb Free Space | 51.38% Space Free | Partition Type: NTFS

Computer Name: MICROSOF-6253F9 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe (IObit)
PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
PRC - C:\WINDOWS\system32\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\TaskSwitch.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll ()
MOD - C:\Program Files\IObit\Smart Defrag 3\webres.dll ()
MOD - C:\WINDOWS\system32\TaskSwitch.exe ()


========== Services (SafeList) ==========

SRV - (PCFasterSvc_{PCFaster_3.7.0.0}) -- C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (PCFApiUtil) -- C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (esgiguard) -- File not found
DRV - (cpuz136) -- File not found
DRV - (Changer) -- File not found
DRV - (avvyrv0p) -- File not found
DRV - (avgtp) -- File not found
DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys (IObit)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (BprotectEx) -- C:\WINDOWS\system32\drivers\BprotectEx.sys (Baidu, Inc.)
DRV - (Bhbase) -- C:\WINDOWS\system32\drivers\Bhbase.sys (Baidu, Inc.)
DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)
DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)
DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)
DRV - (ip100xp) -- C:\WINDOWS\system32\drivers\ipfnd51.sys (IC Plus Corp. )
DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (pctNdisMP) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (pctNdis) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTERFXFX.SYS) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTERFXFX) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX.SYS) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX.SYS) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (COMMONFX.SYS) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV - (COMMONFX) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/10/01 17:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2014/02/15 18:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7iwmjwdy.default-1389954047390\extensions
[2014/01/22 15:20:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7iwmjwdy.default-1389954047390\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/02/15 18:57:11 | 000,940,775 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7iwmjwdy.default-1389954047390\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/14 13:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/14 13:51:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2014/02/22 13:26:20 | 000,000,033 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UseDesktopIniCache = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-1383384898-1060284298-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CEC1C2B-3EF0-42EA-BBEE-42DAB37F25A8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/01 14:01:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013/07/31 13:08:14 | 000,661,184 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autoruns.exe -- [ NTFS ]
O32 - AutoRun File - [2013/07/31 13:08:16 | 000,579,264 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autorunsc.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/02/22 13:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2014/02/21 23:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/02/21 23:25:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Recent
[2014/02/21 23:24:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2014/02/21 23:24:40 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2014/02/21 23:24:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/02/20 22:20:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\My Documents\My Webs
[2014/02/20 18:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\HiJackThis
[2014/02/20 18:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2014/02/20 17:33:55 | 002,493,452 | ---- | C] (Enrico Lai) -- C:\Documents and Settings\Administrator\My Documents\FVP_SA.exe
[2014/02/20 15:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/02/20 15:06:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\rmi
[2014/02/14 13:50:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/30 14:51:44 | 000,031,008 | ---- | C] (IObit) -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2014/01/30 14:51:07 | 000,103,424 | ---- | C] (IObit) -- C:\WINDOWS\System32\IObitSmartDefragExtension.dll
[2014/01/30 14:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2014/01/30 14:50:52 | 000,015,808 | ---- | C] (IObit) -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2014/01/30 14:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3
[2014/01/30 14:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2014/01/17 18:19:07 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/01/17 18:19:07 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/01/17 18:18:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/01/17 18:18:34 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/01/17 18:18:34 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/01/17 17:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Adobe CS4
[2014/01/17 17:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014/01/17 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/01/17 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/01/17 17:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Dati precedenti di Firefox
[2014/01/17 17:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(2)
[2014/01/17 17:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java(3)
[2014/01/15 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\Generazione Codice Fiscale
[2014/01/15 19:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Palmlex
[2014/01/15 19:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\Codice Fiscale
[2014/01/14 17:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Iscrizione Ipasvi
[2014/01/06 22:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\eMule
[2014/01/06 22:31:12 | 011,713,733 | ---- | C] (Morph team ) -- C:\Documents and Settings\Administrator\My Documents\eMulev0.50a.-MorphXTv12.4-installer.exe
[2014/01/06 22:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DeepBurner
[2014/01/06 22:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DeepBurner
[2014/01/06 22:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Astonsoft
[7 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/02/22 17:25:22 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/22 17:25:21 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag3_Update.job
[2014/02/22 17:25:19 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag3_Startup.job
[2014/02/22 17:25:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/22 17:25:12 | 804,818,944 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/22 17:24:30 | 000,031,488 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-00000010-00001102-00000004-00401102}.rfx
[2014/02/22 17:24:30 | 000,031,488 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-00000010-00001102-00000004-00401102}.rfx
[2014/02/22 17:24:30 | 000,028,032 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-00000010-00001102-00000004-00401102}.rfx
[2014/02/22 17:24:30 | 000,028,032 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-00000010-00001102-00000004-00401102}.rfx
[2014/02/22 17:24:30 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-00000010-00001102-00000004-00401102}.rfx
[2014/02/22 17:20:10 | 003,162,278 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-00000010-00001102-00000004-00401102}.CDF
[2014/02/22 17:20:10 | 003,162,278 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-00000010-00001102-00000004-00401102}.BAK
[2014/02/22 17:18:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/22 16:52:02 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/22 13:48:08 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Adobe Photoshop CS4.lnk
[2014/02/22 13:26:20 | 000,000,033 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/02/22 12:23:21 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/02/22 00:08:27 | 086,624,398 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\530791CD.flv
[2014/02/21 23:25:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/02/21 23:25:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/02/21 19:54:23 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/02/21 19:18:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/02/21 19:18:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/02/21 15:15:09 | 000,002,463 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2014/02/20 17:33:06 | 023,601,293 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\5305E616.flv
[2014/02/20 13:48:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/14 22:36:03 | 046,705,739 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\xvideos.com_7701a6568414a6e4b7038b1675d06085.flv
[2014/02/07 00:02:29 | 668,440,613 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Man_of_Steel_2013_mp4_-_Google_Drive.flv
[2014/02/02 15:12:49 | 025,854,053 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\f2dfe4e72e94c83.mp4
[2014/01/30 14:50:46 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag 3.lnk
[2014/01/30 00:37:56 | 000,474,911 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Jam1.jpg
[2014/01/28 22:46:13 | 000,642,839 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Jam.jpg
[2014/01/28 22:41:54 | 000,127,606 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1148906_412141088896117_1616478284_n.jpg
[2014/01/28 22:40:35 | 000,213,685 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1150242_411718285605064_576405288_n.jpg
[2014/01/22 19:18:51 | 547,696,714 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Total_Recall_mp4_-_Google_Drive.flv
[2014/01/22 17:23:56 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2014/01/17 18:18:18 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/01/17 18:18:16 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/01/17 18:18:16 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/01/17 18:18:16 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/01/17 18:18:15 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/01/16 17:42:55 | 003,934,735 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Iscrizione Ipasvi fotocopie.rar
[2014/01/15 23:15:52 | 000,101,020 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Codice fiscale.jpg
[2014/01/15 23:14:55 | 000,085,872 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Noname2.jpg
[2014/01/15 23:06:58 | 000,086,656 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Noname1.jpg
[2014/01/15 23:05:41 | 000,048,316 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Noname.jpg
[2014/01/15 22:39:55 | 000,127,450 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\untitled.jpg
[2014/01/15 22:14:26 | 006,220,854 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\untitled.bmp
[2014/01/15 19:15:42 | 003,277,044 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Codice-Fiscale-WINDOWS-2.0.zip
[2014/01/14 17:49:29 | 001,238,959 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Iscrizione Ipasvi.rar
[2014/01/14 17:34:25 | 001,479,452 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Document.zip
[2014/01/14 14:07:51 | 000,035,784 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\P140114_12.38ss
[2014/01/14 14:04:56 | 000,036,800 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\P140114_12.38s
[2014/01/14 13:50:24 | 000,167,362 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\P140114_12.38.JPG
[2014/01/14 00:24:44 | 000,642,470 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Camp-Nou-Stadium-FC-Barcelona-Football-Wallpapers-HD.jpg
[2014/01/14 00:19:21 | 000,132,850 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\funky-wallpaper-hd.jpg
[2014/01/14 00:15:33 | 000,243,370 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\3d-wallpaper-hd-3.jpg
[2014/01/14 00:14:57 | 001,243,672 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\75023.jpg
[2014/01/12 21:54:28 | 000,426,043 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Camera360_2014_1_12_063553.jpg
[2014/01/12 21:54:04 | 001,381,318 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\WP_20140112_002.jpg
[2014/01/09 00:16:03 | 000,412,414 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\landscapes nature trees photography houses lakes hdr photography 1440x900 wallpaper_www.wallpaperfo.com_93.jpg
[2014/01/07 14:00:36 | 000,253,989 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1512826_1389144678007308_157710824_n.jpg
[2014/01/06 22:32:01 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\eMule.lnk
[2014/01/06 22:24:09 | 000,000,764 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk
[2014/01/06 22:24:09 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DeepBurner.lnk
[2014/01/03 02:00:30 | 000,159,951 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\P030114_01.57.JPG
[7 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/22 13:48:08 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Adobe Photoshop CS4.lnk
[2014/02/22 13:46:13 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge CS4.lnk
[2014/02/21 23:50:22 | 086,624,398 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\530791CD.flv
[2014/02/21 23:28:12 | 804,818,944 | -HS- | C] () -- C:\hiberfil.sys
[2014/02/20 18:22:00 | 000,002,463 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2014/02/20 17:33:00 | 023,601,293 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\5305E616.flv
[2014/02/18 15:01:22 | 003,162,278 | ---- | C] () -- C:\WINDOWS\{00000000-00000000-00000010-00001102-00000004-00401102}.BAK
[2014/02/14 22:33:58 | 046,705,739 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\xvideos.com_7701a6568414a6e4b7038b1675d06085.flv
[2014/02/06 22:33:49 | 668,440,613 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Man_of_Steel_2013_mp4_-_Google_Drive.flv
[2014/02/02 15:12:47 | 025,854,053 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\f2dfe4e72e94c83.mp4
[2014/01/30 14:51:47 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag3_Startup.job
[2014/01/30 14:51:44 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag3_Update.job
[2014/01/30 14:50:46 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag 3.lnk
[2014/01/30 00:37:54 | 000,474,911 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Jam1.jpg
[2014/01/28 22:46:11 | 000,642,839 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Jam.jpg
[2014/01/28 22:41:53 | 000,127,606 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1148906_412141088896117_1616478284_n.jpg
[2014/01/28 22:40:33 | 000,213,685 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1150242_411718285605064_576405288_n.jpg
[2014/01/22 18:08:08 | 547,696,714 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Total_Recall_mp4_-_Google_Drive.flv
[2014/01/16 17:43:53 | 003,934,735 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Iscrizione Ipasvi fotocopie.rar
[2014/01/15 23:15:50 | 000,101,020 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Codice fiscale.jpg
[2014/01/15 23:14:54 | 000,085,872 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Noname2.jpg
[2014/01/15 23:06:56 | 000,086,656 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Noname1.jpg
[2014/01/15 23:05:41 | 000,048,316 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Noname.jpg
[2014/01/15 22:18:28 | 000,127,450 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\untitled.jpg
[2014/01/15 22:14:25 | 006,220,854 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\untitled.bmp
[2014/01/15 19:15:20 | 003,277,044 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Codice-Fiscale-WINDOWS-2.0.zip
[2014/01/14 17:49:27 | 001,238,959 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Iscrizione Ipasvi.rar
[2014/01/14 17:35:40 | 001,479,452 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Document.zip
[2014/01/14 14:07:49 | 000,035,784 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\P140114_12.38ss
[2014/01/14 14:04:54 | 000,036,800 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\P140114_12.38s
[2014/01/14 00:24:43 | 000,642,470 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Camp-Nou-Stadium-FC-Barcelona-Football-Wallpapers-HD.jpg
[2014/01/14 00:19:20 | 000,132,850 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\funky-wallpaper-hd.jpg
[2014/01/14 00:15:33 | 000,243,370 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\3d-wallpaper-hd-3.jpg
[2014/01/14 00:14:55 | 001,243,672 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\75023.jpg
[2014/01/09 00:15:58 | 000,412,414 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\landscapes nature trees photography houses lakes hdr photography 1440x900 wallpaper_www.wallpaperfo.com_93.jpg
[2014/01/06 22:32:01 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\eMule.lnk
[2014/01/06 22:24:09 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk
[2014/01/06 22:24:09 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DeepBurner.lnk
[2014/01/06 02:30:15 | 000,253,989 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1512826_1389144678007308_157710824_n.jpg
[2013/11/25 13:58:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\TempWmicBatchFile.bat
[2013/11/25 13:00:23 | 000,217,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013/11/04 00:30:31 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/01 21:47:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/10/01 20:51:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/10/01 20:49:18 | 000,179,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/01 14:04:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/10/01 13:58:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013/10/01 14:06:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/25 12:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Baidu Security
[2013/11/25 18:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Christofer Persson
[2013/10/01 21:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
[2013/11/24 23:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2013/10/01 21:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Pro
[2014/01/06 22:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DeepBurner
[2013/10/01 17:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Foxit
[2014/01/30 14:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IObit
[2013/11/25 13:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MPC-HC
[2014/01/15 19:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Palmlex
[2013/10/01 17:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PCToolsFirewallPlus
[2014/02/20 15:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\rmi
[2014/02/18 15:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2013/11/13 13:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
[2013/11/25 12:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Baidu Security
[2013/10/01 14:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BF8051E7-626F-4a11-AF7A-625A7B555862
[2013/11/27 00:26:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/01 21:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2014/01/30 14:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2014/02/22 17:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/10/01 15:39:33 | 000,000,856 | ---- | M] ()(C:\Documents and Settings\Administrator\Desktop\?Torrent.lnk) -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk
[2013/10/01 15:39:33 | 000,000,856 | ---- | C] ()(C:\Documents and Settings\Administrator\Desktop\?Torrent.lnk) -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >

Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.