cartella apparsa su desktop senza estensione "zzzzzzzzzz.zzzzzzzzzzzzzzz"

drugofighters

Utente Attivo
318
1
Salve,sono in possesso di un athlon con sistema operativo xp originale serive pack 3..ad un tratto è apparsa sul desktop una cartella senza icona con nome indecifrabile "zzzzzzzzzzzzzz.zzzzzzzzzzzzz" impossibile da cancellare..(controllare che il disco sia pieno ecc..).. dopo una ricerca su google ho riscontrato che si tratta probabilmente di un dialer che cerca di entrare nella mia rete(ho dubbio di chi possa essere)..La cartella ad un tratto è sparita da sola..Ho effettuato un log con il programma Rsit.. potreste per favore interpretarlo?
INFO.TXT log:
info.txt logfile of random's system information tool 1.09 2012-06-17 17:13:11

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Programmi\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe -maintain plugin
Adobe Reader X (10.1.0) - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"
AVG 2012-->"C:\Programmi\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{BCF75973-29C2-4245-80E3-B3C2B7E7548B}
AVG 2012-->MsiExec.exe /I{C6A09671-93A6-4548-9FAE-3BF21EB9C921}
Canon MP Navigator 3.1-->"C:\Programmi\Canon\MP Navigator 3.1\Maint.exe" /UninstallRemove C:\Programmi\Canon\MP Navigator 3.1\uninst.ini
Canon MP140 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series /L0x0010
CCleaner-->"C:\Programmi\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Programmi\CDBurnerXP\unins000.exe"
Deemaz Patch version 8.0-->"C:\Programmi\KONAMI\Pro Evolution Soccer 6\unins000.exe"
Defraggler-->"C:\Programmi\Defraggler\uninst.exe"
EVEREST Ultimate Edition v5.01-->"C:\Programmi\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Glary Utilities 2.46.0.1518-->"C:\Programmi\Glary Utilities\unins000.exe"
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Java(TM) 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
jv16 PowerTools 2012-->"C:\Programmi\jv16 PowerTools 2012\Uninstall\uninstall.exe" "/U:C:\Programmi\jv16 PowerTools 2012\Uninstall\uninstall.xml"
K-Lite Codec Pack 8.8.0 (Full)-->"C:\Programmi\K-Lite Codec Pack\unins000.exe"
Malwarebytes Anti-Malware versione 1.61.0.1400-->"C:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA-->MsiExec.exe /I{71CB2612-627C-3D58-8D82-B77444B27B6A}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programmi\File comuni\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Groove MUI (Italian) 2007-->MsiExec.exe /X{90120000-00BA-0410-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Italian) 2007-->MsiExec.exe /X{90120000-0044-0410-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Italian) 2007-->MsiExec.exe /X{90120000-00A1-0410-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox 13.0.1 (x86 it)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /X{C523D256-313D-4866-B36A-F3DE528246EF}
NVIDIA Display Control Panel-->C:\Programmi\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Programmi\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
PC Tools Firewall Plus 7.0-->C:\Programmi\PC Tools Firewall Plus\unins000.exe /LOG
Pro Evolution Soccer 6-->C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\9\Intel 32\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1040
Registrazione utente Canon MP140 series-->C:\Programmi\Canon\IJEREG\MP140 series\UNINST.EXE
Revo Uninstaller 1.94-->C:\Programmi\VS Revo Group\Revo Uninstaller\uninst.exe
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
SopCast 3.2.8-->C:\Programmi\SopCast\uninst.exe
SoundMAX-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
VLC media player 2.0.1-->C:\Programmi\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
WinRAR gestione archivi-->C:\Programmi\winrar\uninstall.exe

======Security center information======

AV: AVG Anti-Virus Free Edition 2012
FW: PC Tools Firewall Plus

======System event log======

Computer Name: GILBERTO-81EC7E
Event Code: 15007
Message: La prenotazione per lo spazio dei nomi identificato dal prefisso URL http://*:2869/ è stata aggiunta.

Record Number: 5
Source Name: HTTP
Time Written: 20120615193537.000000+120
Event Type: Informazione
User:

Computer Name: GILBERTO-81EC7E
Event Code: 6011
Message: Il nome NetBIOS e il nome host DNS del computer sono stati modificati da MACHINENAME in GILBERTO-81EC7E.

Record Number: 4
Source Name: EventLog
Time Written: 20120615193021.000000+120
Event Type: Informazione
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Nel controllo che \Device\Serial0 fosse effettivamente una porta seriale è stata rilevata una coda fifo (first in, first out). Questa verrà utilizzata.

Record Number: 3
Source Name: Serial
Time Written: 20120615212522.000000+120
Event Type: Informazione
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Il servizio Registro eventi è stato avviato.

Record Number: 2
Source Name: EventLog
Time Written: 20120615212505.000000+120
Event Type: Informazione
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20120615212505.000000+120
Event Type: Informazione
User:

=====Application event log=====

Computer Name: GILBERTO-81EC7E
Event Code: 1000
Message: I contatori delle prestazioni per il servizio MSDTC (MSDTC) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 5
Source Name: LoadPerf
Time Written: 20120615193307.000000+120
Event Type: Informazione
User:

Computer Name: GILBERTO-81EC7E
Event Code: 1000
Message: I contatori delle prestazioni per il servizio TermService (Servizi terminal) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 4
Source Name: LoadPerf
Time Written: 20120615193304.000000+120
Event Type: Informazione
User:

Computer Name: GILBERTO-81EC7E
Event Code: 1000
Message: I contatori delle prestazioni per il servizio RemoteAccess (Routing e Accesso remoto) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 3
Source Name: LoadPerf
Time Written: 20120615193057.000000+120
Event Type: Informazione
User:

Computer Name: GILBERTO-81EC7E
Event Code: 1000
Message: I contatori delle prestazioni per il servizio PSched (PSched) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 2
Source Name: LoadPerf
Time Written: 20120615193040.000000+120
Event Type: Informazione
User:

Computer Name: GILBERTO-81EC7E
Event Code: 1000
Message: I contatori delle prestazioni per il servizio RSVP (QoS RSVP) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 1
Source Name: LoadPerf
Time Written: 20120615193029.000000+120
Event Type: Informazione
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
LOG.TXT
Logfile of random's system information tool 1.09 (written by random/random)
Run by gilberto at 2012-06-17 17:12:49
Microsoft Windows XP Professional Service Pack 3
System drive C: has 144 GB (94%) free of 153 GB
Total RAM: 767 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.13.08, on 17/06/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG2012\avgwdsvc.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVG\AVG2012\avgidsagent.exe
C:\Programmi\AVG\AVG2012\avgnsx.exe
C:\Programmi\AVG\AVG2012\avgemcx.exe
C:\Programmi\AVG\AVG2012\avgrsx.exe
C:\Programmi\AVG\AVG2012\avgtray.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\Programmi\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\gilberto\Desktop\RSIT.exe
C:\Programmi\trend micro\gilberto.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Spécial élections législatives 2012, Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Spécial élections législatives 2012, Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programmi\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Programmi\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programmi\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG2012\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 4942 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\gilberto\Dati applicazioni\Mozilla\Firefox\Profiles\8a6im8ot.default

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Programmi\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Programmi\Microsoft Silverlight\npctrl.1.0.30401.0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programmi\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Programmi\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Programmi\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Programmi\Mozilla Firefox\searchplugins\
amazon-it.xml
bing.xml
eBay-it.xml
google.xml
hoepli.xml
wikipedia-it.xml
yahoo-it.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Programmi\AVG\AVG2012\avgdtiex.dll [2012-04-20 936528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Programmi\AVG\AVG2012\avgssie.dll [2012-04-13 1390672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-05-01 13672040]
"AVG_TRAY"=C:\Programmi\AVG\AVG2012\avgtray.exe [2012-04-05 2587008]
"00PCTFW"=C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe [2011-04-07 2672600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-06-28 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\AVG\AVG2012\avgnsx.exe"="C:\Programmi\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield"
"C:\Programmi\AVG\AVG2012\avgdiagex.exe"="C:\Programmi\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostica AVG 2012"
"C:\Programmi\AVG\AVG2012\avgmfapx.exe"="C:\Programmi\AVG\AVG2012\avgmfapx.exe:*:Enabled:Installazione di AVG"
"C:\Programmi\AVG\AVG2012\avgemcx.exe"="C:\Programmi\AVG\AVG2012\avgemcx.exe:*:Enabled:Scansione e-mail personale"
"C:\Programmi\uTorrent\uTorrent.exe"="C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL

======List of files/folders created in the last 1 month======

2012-06-17 17:12:49 ----D---- C:\rsit
2012-06-17 15:32:57 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
2012-06-17 13:11:53 ----D---- C:\WINDOWS\pss
2012-06-17 12:55:34 ----AD---- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2012-06-17 12:54:46 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-06-17 03:44:25 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Canneverbe Limited
2012-06-17 03:43:08 ----D---- C:\Programmi\CDBurnerXP
2012-06-17 03:01:44 ----D---- C:\Programmi\KONAMI
2012-06-16 14:58:47 ----D---- C:\Programmi\SopCast
2012-06-16 14:52:44 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\PCToolsFirewallPlus
2012-06-16 14:52:29 ----A---- C:\WINDOWS\system32\drivers\PCTCore.sys
2012-06-16 14:52:29 ----A---- C:\WINDOWS\system32\drivers\PCTAppEvent.sys
2012-06-16 14:52:26 ----A---- C:\WINDOWS\system32\drivers\pctgntdi.sys
2012-06-16 14:51:52 ----D---- C:\Programmi\File comuni\PC Tools
2012-06-16 14:51:52 ----A---- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
2012-06-16 14:51:52 ----A---- C:\WINDOWS\system32\drivers\pctNdis-DNS.sys
2012-06-16 14:51:52 ----A---- C:\WINDOWS\system32\drivers\pctNdis.sys
2012-06-16 14:51:51 ----A---- C:\WINDOWS\system32\drivers\pctplfw.sys
2012-06-16 14:51:49 ----D---- C:\Programmi\PC Tools Firewall Plus
2012-06-16 14:35:11 ----D---- C:\WINDOWS\system32\appmgmt
2012-06-16 13:13:39 ----ASH---- C:\WINDOWS\90C7D912BE2316.sys
2012-06-16 13:13:23 ----D---- C:\Programmi\jv16 PowerTools 2012
2012-06-16 12:53:07 ----D---- C:\Programmi\uTorrent
2012-06-16 12:51:41 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\uTorrent
2012-06-16 12:47:37 ----D---- C:\Programmi\Defraggler
2012-06-16 12:29:59 ----A---- C:\WINDOWS\system32\unrar.dll
2012-06-16 12:29:54 ----D---- C:\Programmi\K-Lite Codec Pack
2012-06-16 12:20:41 ----D---- C:\Programmi\File comuni\Adobe
2012-06-16 12:20:41 ----D---- C:\Programmi\Adobe
2012-06-16 12:20:15 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Adobe
2012-06-16 12:17:48 ----D---- C:\WINDOWS\system32\Adobe
2012-06-16 04:38:33 ----D---- C:\Programmi\CCleaner
2012-06-16 04:33:28 ----D---- C:\Programmi\Microsoft Works
2012-06-16 04:32:51 ----D---- C:\Programmi\Microsoft Visual Studio
2012-06-16 04:32:50 ----D---- C:\Programmi\File comuni\DESIGNER
2012-06-16 04:32:02 ----D---- C:\Programmi\Microsoft.NET
2012-06-16 04:28:02 ----D---- C:\WINDOWS\SHELLNEW
2012-06-16 04:27:21 ----D---- C:\Programmi\Microsoft Office
2012-06-16 04:27:20 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2012-06-16 04:26:53 ----RHD---- C:\MSOCache
2012-06-16 04:08:26 ----D---- C:\Programmi\Trend Micro
2012-06-16 03:35:46 ----D---- C:\WINDOWS\ie8updates
2012-06-16 03:35:36 ----HD---- C:\WINDOWS\$hf_mig$
2012-06-16 03:33:39 ----HDC---- C:\WINDOWS\ie8
2012-06-16 03:20:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-06-16 03:16:04 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Sun
2012-06-16 03:16:01 ----D---- C:\Programmi\File comuni\Java
2012-06-16 03:15:36 ----D---- C:\Programmi\Oracle
2012-06-16 03:15:33 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Oracle
2012-06-16 03:15:29 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-06-16 03:15:29 ----A---- C:\WINDOWS\system32\javaws.exe
2012-06-16 03:15:29 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-06-16 03:15:08 ----A---- C:\WINDOWS\system32\javaw.exe
2012-06-16 03:15:08 ----A---- C:\WINDOWS\system32\java.exe
2012-06-16 03:14:57 ----D---- C:\Programmi\Java
2012-06-16 03:13:58 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Sun
2012-06-16 03:04:41 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\AVG2012
2012-06-16 03:03:55 ----HD---- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
2012-06-16 03:03:28 ----HD---- C:\$AVG
2012-06-16 03:03:28 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-06-16 03:03:28 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\AVG2012
2012-06-16 03:03:01 ----D---- C:\Programmi\AVG
2012-06-16 02:57:25 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
2012-06-16 02:47:22 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\vlc
2012-06-16 02:46:56 ----D---- C:\Programmi\VideoLAN
2012-06-16 02:43:39 ----D---- C:\Programmi\Lavalys
2012-06-16 02:31:17 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Mozilla
2012-06-16 02:31:10 ----D---- C:\Programmi\Mozilla Firefox
2012-06-16 02:28:22 ----D---- C:\Programmi\VS Revo Group
2012-06-16 02:26:25 ----D---- C:\Programmi\Glary Utilities
2012-06-16 02:26:25 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\GlarySoft
2012-06-16 01:38:42 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Malwarebytes
2012-06-16 01:38:37 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2012-06-16 01:38:36 ----D---- C:\Programmi\Malwarebytes' Anti-Malware
2012-06-16 01:38:36 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-06-16 01:16:33 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Macromedia
2012-06-16 01:16:30 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Adobe
2012-06-15 21:30:14 ----A---- C:\WINDOWS\system32\h323log.txt
2012-06-15 21:29:16 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-06-15 21:29:12 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2012-06-15 21:28:23 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2012-06-15 21:27:37 ----A---- C:\WINDOWS\system32\usbui.dll
2012-06-15 21:27:30 ----A---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2012-06-15 21:26:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-06-15 21:26:11 ----D---- C:\Programmi\File comuni\ODBC
2012-06-15 21:26:11 ----A---- C:\WINDOWS\ODBCINST.INI
2012-06-15 21:26:08 ----D---- C:\Programmi\File comuni\SpeechEngines
2012-06-15 21:26:07 ----RD---- C:\Programmi
2012-06-15 21:26:07 ----D---- C:\Programmi\File comuni\Microsoft Shared
2012-06-15 21:26:07 ----D---- C:\Programmi\File comuni
2012-06-15 21:26:03 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-06-15 21:26:03 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-06-15 21:26:03 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-06-15 21:26:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-06-15 21:26:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-06-15 21:25:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-06-15 21:25:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-06-15 21:25:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-06-15 21:25:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-06-15 21:25:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-06-15 21:25:58 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2012-06-15 21:25:58 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdro.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2012-06-15 21:25:57 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2012-06-15 21:25:52 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-06-15 21:25:52 ----A---- C:\WINDOWS\system32\irclass.dll
2012-06-15 21:25:52 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-06-15 21:25:52 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-06-15 21:25:52 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-06-15 21:25:50 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-06-15 21:25:50 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2012-06-15 21:25:49 ----A---- C:\WINDOWS\system32\storprop.dll
2012-06-15 21:25:49 ----A---- C:\WINDOWS\system32\batt.dll
2012-06-15 21:25:49 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-06-15 21:25:40 ----ASH---- C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
2012-06-15 21:25:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-06-15 21:25:24 ----D---- C:\WINDOWS\system32\CatRoot
2012-06-15 21:25:18 ----SD---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft
2012-06-15 21:24:58 ----SHD---- C:\System Volume Information
2012-06-15 21:24:58 ----D---- C:\Documents and Settings
2012-06-15 21:24:19 ----SH---- C:\boot.ini
2012-06-15 21:20:27 ----SHD---- C:\WINDOWS\Installer
2012-06-15 21:20:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-06-15 21:20:27 ----RD---- C:\WINDOWS\Offline Web Pages
2012-06-15 21:20:27 ----D---- C:\WINDOWS\WBEM
2012-06-15 21:20:27 ----D---- C:\WINDOWS\system32\PreInstall
2012-06-15 21:20:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2012-06-15 21:20:27 ----D---- C:\WINDOWS\SoftwareDistribution
2012-06-15 21:20:27 ----D---- C:\WINDOWS\NLDRV
2012-06-15 21:20:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-06-15 21:20:26 ----RSD---- C:\WINDOWS\Fonts
2012-06-15 21:20:26 ----RD---- C:\WINDOWS\Web
2012-06-15 21:20:26 ----HD---- C:\WINDOWS\inf
2012-06-15 21:20:26 ----D---- C:\WINDOWS\WinSxS
2012-06-15 21:20:26 ----D---- C:\WINDOWS\twain_32
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Temp
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\wins
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\wbem
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\usmt
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\spool
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\ShellExt
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\Setup
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\ras
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\oobe
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\npp
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\mui
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\it-it
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\it
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\inetsrv
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\IME
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\icsxml
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\ias
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\export
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\drivers\etc
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\drivers
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\dhcp
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\config
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\3com_dmi
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\3076
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\2052
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1054
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1042
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1041
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1040
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1037
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1033
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1031
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1028
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32\1025
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system32
2012-06-15 21:20:26 ----D---- C:\WINDOWS\system
2012-06-15 21:20:26 ----D---- C:\WINDOWS\security
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Resources
2012-06-15 21:20:26 ----D---- C:\WINDOWS\repair
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Provisioning
2012-06-15 21:20:26 ----D---- C:\WINDOWS\PeerNet
2012-06-15 21:20:26 ----D---- C:\WINDOWS\pchealth
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Network Diagnostic
2012-06-15 21:20:26 ----D---- C:\WINDOWS\mui
2012-06-15 21:20:26 ----D---- C:\WINDOWS\msapps
2012-06-15 21:20:26 ----D---- C:\WINDOWS\msagent
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Media
2012-06-15 21:20:26 ----D---- C:\WINDOWS\L2Schemas
2012-06-15 21:20:26 ----D---- C:\WINDOWS\java
2012-06-15 21:20:26 ----D---- C:\WINDOWS\ime
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Help
2012-06-15 21:20:26 ----D---- C:\WINDOWS\ehome
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Driver Cache
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Debug
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Cursors
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Connection Wizard
2012-06-15 21:20:26 ----D---- C:\WINDOWS\Config
2012-06-15 21:20:26 ----D---- C:\WINDOWS\AppPatch
2012-06-15 21:20:26 ----D---- C:\WINDOWS\addins
2012-06-15 21:20:26 ----D---- C:\WINDOWS
2012-06-15 21:20:26 ----ASH---- C:\pagefile.sys
2012-06-15 20:38:24 ----D---- C:\Programmi\Marvell
2012-06-15 20:35:31 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2012-06-15 20:35:30 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-06-15 20:35:28 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-06-15 20:35:27 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-06-15 20:35:26 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2012-06-15 20:35:25 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-06-15 20:35:23 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-06-15 20:35:22 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-06-15 20:35:21 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-06-15 20:35:20 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-06-15 20:35:18 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-06-15 20:35:13 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-06-15 20:35:13 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-06-15 20:35:13 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-06-15 20:35:09 ----A---- C:\WINDOWS\system32\drivers\smsens.sys
2012-06-15 20:35:09 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys
2012-06-15 20:35:08 ----D---- C:\WINDOWS\VirtualEar
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\virtear.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\Syncor11.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\SMMedia.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\S11thk32.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\Audio3d.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\system32\a3d.dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\SynthCoreA.Dll
2012-06-15 20:35:08 ----A---- C:\WINDOWS\SynCor.exe
2012-06-15 20:35:07 ----HD---- C:\Programmi\InstallShield Installation Information
2012-06-15 20:35:07 ----D---- C:\Programmi\Analog Devices
2012-06-15 20:35:07 ----A---- C:\WINDOWS\system32\msssc.dll
2012-06-15 20:35:07 ----A---- C:\WINDOWS\system32\DSndUp.exe
2012-06-15 20:35:07 ----A---- C:\WINDOWS\system32\CleanUp.exe
2012-06-15 20:33:37 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\WinRAR
2012-06-15 20:32:32 ----D---- C:\Programmi\winrar
2012-06-15 20:19:56 ----SHD---- C:\RECYCLER
2012-06-15 20:11:55 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-06-15 20:06:19 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-06-15 20:06:06 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2012-06-15 20:06:02 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-06-15 20:05:08 ----A---- C:\WINDOWS\MAXLINK.INI
2012-06-15 20:05:07 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\InstallShield
2012-06-15 20:05:06 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\ScanSoft
2012-06-15 20:05:01 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
2012-06-15 20:05:00 ----D---- C:\Programmi\File comuni\ScanSoft Shared
2012-06-15 20:04:44 ----D---- C:\Programmi\ScanSoft
2012-06-15 20:04:15 ----D---- C:\Programmi\File comuni\InstallShield
2012-06-15 20:03:54 ----D---- C:\Programmi\File comuni\CANON
2012-06-15 20:03:08 ----HD---- C:\Documents and Settings\All Users\Dati applicazioni\CanonBJ
2012-06-15 20:03:03 ----A---- C:\WINDOWS\system32\CNMLM8R.DLL
2012-06-15 20:03:00 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2012-06-15 20:02:55 ----A---- C:\WINDOWS\system32\cnco140.dll
2012-06-15 20:02:54 ----A---- C:\WINDOWS\system32\CNCL140.DLL
2012-06-15 20:02:54 ----A---- C:\WINDOWS\system32\CNCI140.DLL
2012-06-15 20:02:54 ----A---- C:\WINDOWS\system32\CNCC140.DLL
2012-06-15 20:02:42 ----HD---- C:\Programmi\CanonBJ
2012-06-15 20:01:40 ----D---- C:\Programmi\Canon
2012-06-15 19:58:21 ----D---- C:\Programmi\NVIDIA Corporation
2012-06-15 19:44:39 ----D---- C:\Documents and Settings\gilberto\Dati applicazioni\Identities
2012-06-15 19:44:35 ----HD---- C:\Programmi\Uninstall Information
2012-06-15 19:44:34 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
2012-06-15 19:44:29 ----SD---- C:\Documents and Settings\gilberto\Dati applicazioni\Microsoft
2012-06-15 19:44:29 ----ASH---- C:\Documents and Settings\gilberto\Dati applicazioni\desktop.ini
2012-06-15 19:43:36 ----D---- C:\WINDOWS\Prefetch
2012-06-15 19:43:35 ----SD---- C:\WINDOWS\system32\Microsoft
2012-06-15 19:43:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-06-15 19:42:21 ----AS---- C:\WINDOWS\bootstat.dat
2012-06-15 19:39:42 ----D---- C:\WINDOWS\system32\xircom
2012-06-15 19:39:42 ----D---- C:\Programmi\xerox
2012-06-15 19:39:42 ----D---- C:\Programmi\microsoft frontpage
2012-06-15 19:39:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-06-15 19:38:24 ----RSD---- C:\WINDOWS\assembly
2012-06-15 19:38:04 ----D---- C:\WINDOWS\Microsoft.NET
2012-06-15 19:37:32 ----RASH---- C:\MSDOS.SYS
2012-06-15 19:37:32 ----RASH---- C:\IO.SYS
2012-06-15 19:37:32 ----A---- C:\WINDOWS\control.ini
2012-06-15 19:37:32 ----A---- C:\CONFIG.SYS
2012-06-15 19:37:32 ----A---- C:\AUTOEXEC.BAT
2012-06-15 19:37:08 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-06-15 19:36:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-06-15 19:35:39 ----HD---- C:\Programmi\WindowsUpdate
2012-06-15 19:35:35 ----D---- C:\Programmi\Servizi in linea
2012-06-15 19:35:21 ----D---- C:\Programmi\Windows Media Connect 2
2012-06-15 19:35:08 ----D---- C:\WINDOWS\system32\DirectX
2012-06-15 19:35:06 ----D---- C:\Programmi\Microsoft Silverlight
2012-06-15 19:34:58 ----A---- C:\WINDOWS\system32\atrace.dll
2012-06-15 19:34:56 ----A---- C:\WINDOWS\system32\desktop.ini
2012-06-15 19:34:56 ----A---- C:\WINDOWS\desktop.ini
2012-06-15 19:34:51 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-06-15 19:34:49 ----D---- C:\Programmi\File comuni\Services
2012-06-15 19:34:49 ----A---- C:\WINDOWS\system32\acctres.dll
2012-06-15 19:34:47 ----SD---- C:\WINDOWS\Tasks
2012-06-15 19:34:47 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-06-15 19:34:46 ----D---- C:\Programmi\File comuni\MSSoap
2012-06-15 19:34:42 ----D---- C:\WINDOWS\srchasst
2012-06-15 19:34:41 ----D---- C:\WINDOWS\system32\Macromed
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wups.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-06-15 19:34:38 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-06-15 19:34:37 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-06-15 19:34:34 ----D---- C:\Programmi\Movie Maker
2012-06-15 19:34:18 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-06-15 19:34:18 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-06-15 19:34:18 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-06-15 19:34:18 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-06-15 19:34:15 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-06-15 19:34:15 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-06-15 19:34:15 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-06-15 19:34:14 ----D---- C:\WINDOWS\system32\Restore
2012-06-15 19:34:14 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-06-15 19:34:14 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-06-15 19:34:14 ----A---- C:\WINDOWS\system32\srclient.dll
2012-06-15 19:34:14 ----A---- C:\WINDOWS\system32\ils.dll
2012-06-15 19:34:14 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2012-06-15 19:34:13 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-06-15 19:34:13 ----A---- C:\WINDOWS\system32\msconf.dll
2012-06-15 19:34:13 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-06-15 19:34:13 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-06-15 19:34:13 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-06-15 19:34:11 ----D---- C:\Programmi\NetMeeting
2012-06-15 19:34:11 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-06-15 19:34:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-06-15 19:34:10 ----A---- C:\WINDOWS\system32\inetres.dll
2012-06-15 19:34:09 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-06-15 19:34:08 ----D---- C:\Programmi\Outlook Express
2012-06-15 19:34:08 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-06-15 19:34:08 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-06-15 19:34:08 ----A---- C:\WINDOWS\system32\mstask.dll
2012-06-15 19:34:07 ----A---- C:\WINDOWS\system32\isign32.dll
2012-06-15 19:34:07 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-06-15 19:34:07 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-06-15 19:34:07 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-06-15 19:34:03 ----D---- C:\Programmi\File comuni\System
2012-06-15 19:34:01 ----D---- C:\Programmi\Internet Explorer
2012-06-15 19:33:25 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-06-15 19:33:17 ----D---- C:\Programmi\ComPlus Applications
2012-06-15 19:33:15 ----A---- C:\WINDOWS\vbaddin.ini
2012-06-15 19:33:15 ----A---- C:\WINDOWS\vb.ini
2012-06-15 19:33:11 ----D---- C:\WINDOWS\Registration
2012-06-15 19:33:04 ----D---- C:\Programmi\Windows Media Player
2012-06-15 19:31:49 ----D---- C:\Programmi\Windows Live
2012-06-15 19:31:41 ----D---- C:\Programmi\MSN Gaming Zone
2012-06-15 19:31:41 ----A---- C:\WINDOWS\system32\write.exe
2012-06-15 19:31:32 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-06-15 19:31:32 ----A---- C:\WINDOWS\system32\hticons.dll
2012-06-15 19:31:32 ----A---- C:\WINDOWS\system32\avwav.dll
2012-06-15 19:31:32 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-06-15 19:31:32 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-06-15 19:31:31 ----A---- C:\WINDOWS\system32\winchat.exe
2012-06-15 19:31:26 ----A---- C:\WINDOWS\system32\getuname.dll
2012-06-15 19:31:26 ----A---- C:\WINDOWS\system32\charmap.exe
2012-06-15 19:31:26 ----A---- C:\WINDOWS\system32\calc.exe
2012-06-15 19:31:25 ----A---- C:\WINDOWS\system32\winmine.exe
2012-06-15 19:31:25 ----A---- C:\WINDOWS\system32\sol.exe
2012-06-15 19:31:25 ----A---- C:\WINDOWS\system32\reset.exe
2012-06-15 19:31:25 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-06-15 19:31:25 ----A---- C:\WINDOWS\system32\freecell.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\tskill.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\tscon.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\shadow.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\regini.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\msg.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\logoff.exe
2012-06-15 19:31:24 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-06-15 19:31:23 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-06-15 19:31:18 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-06-15 19:31:18 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-06-15 19:31:17 ----D---- C:\Programmi\Windows NT
2012-06-15 19:31:17 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-06-15 19:31:17 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-06-15 19:31:17 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-06-15 19:31:17 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-06-15 19:31:16 ----A---- C:\WINDOWS\system32\spider.exe
2012-06-15 19:31:16 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-06-15 19:31:16 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-06-15 19:31:16 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-06-15 19:31:15 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-06-15 19:31:15 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-06-15 19:31:15 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-06-15 19:31:15 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-06-15 19:31:15 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-06-15 19:31:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-06-15 19:31:13 ----D---- C:\WINDOWS\system32\MsDtc
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-06-15 19:31:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-06-15 19:31:12 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-06-15 19:31:11 ----D---- C:\WINDOWS\system32\Com
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\stclient.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\colbact.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-06-15 19:31:11 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-06-15 19:31:10 ----A---- C:\WINDOWS\system32\comuid.dll
2012-06-15 19:31:10 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-06-15 19:31:10 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-06-15 19:31:10 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-06-15 19:31:04 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-06-15 19:31:04 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-06-15 19:31:04 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-06-15 19:31:04 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-06-15 19:31:01 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2012-06-15 19:31:01 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-06-15 21:26:06 ----A---- C:\WINDOWS\system.ini
2012-06-15 19:37:29 ----A---- C:\WINDOWS\win.ini
2012-06-15 19:36:34 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2012-06-03 23:35:34 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 uagp35;Filtro Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2008-06-28 117248]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2008-06-28 9216]
R1 AmdK7;Driver del processore AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-06-28 41728]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-03-19 301248]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-05-01 10308640]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNdisMP;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbuhci;Driver Miniport Controller Universal Host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-22 32384]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Driver scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Programmi\AVG\AVG2012\avgidsagent.exe [2012-04-30 5106744]
R2 avgwd;AVG WatchDog; C:\Programmi\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-05-01 154216]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Programmi\PC Tools Firewall Plus\FWService.exe [2011-01-24 286000]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; C:\Programmi\Windows Media Player\WMPNetwk.exe [2008-06-28 918528]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------
Scusate se non ho caricato i log con wikisend ma non funziona.. vi ringrazio anticipatamente
 

FDAC

Utente Attivo
1,335
194
Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● una volta avviato clicca il pulsante Accetto: conferma cliccando Ok due volte
● segui le istruzioni che verranno rilasciate per eseguire la scansione:
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
● nel caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare (clicca il pulsante No)
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato dopo l'utilizzo del programma stesso.
Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, dovrai avviarla manualmente dalle Risorse del computer.
 

Entra

oppure Accedi utilizzando

Hot: Quale crypto per il futuro?

  • Bitcoin

    Voti: 80 46.5%
  • Ethereum

    Voti: 67 39.0%
  • Cardano

    Voti: 23 13.4%
  • Polkadot

    Voti: 8 4.7%
  • Monero

    Voti: 15 8.7%
  • XRP

    Voti: 14 8.1%
  • Uniswap

    Voti: 4 2.3%
  • Litecoin

    Voti: 12 7.0%
  • Stellar

    Voti: 12 7.0%
  • Altro (Specifica)

    Voti: 25 14.5%

Discussioni Simili