Pc scattoso a tratti

Jostino · 6 Dicembre 2011

Ecco qua, premetto che fin ora non ho cancellato nulla che non mi abbia detto tu! Non ho cancellato nulla di mia iniziativa.

OTL logfile created on: 06/12/2011 18.26.40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Nicola\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

895,48 Mb Total Physical Memory | 397,66 Mb Available Physical Memory | 44,41% Memory free
2,12 Gb Paging File | 1,76 Gb Available in Paging File | 83,09% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programmi
Drive C: | 48,83 Gb Total Space | 4,09 Gb Free Space | 8,38% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 10,35 Gb Free Space | 5,63% Space Free | Partition Type: NTFS

Computer Name: CORRADIN | User Name: Nicola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/06 18.21.40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nicola\Desktop\OTL.exe
PRC - [2011/11/10 23.04.40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Programmi\Mozilla Firefox\firefox.exe
PRC - [2010/08/07 21.15.42 | 000,154,624 | ---- | M] (Dimio Corporation) -- D:\AAA Cercasi Documenti\dtaskmanager\DTaskManager\DTaskManager.exe
PRC - [2010/03/17 02.46.08 | 000,563,200 | ---- | M] () -- D:\Programmi\Lightscreen\lightscreen.exe
PRC - [2010/03/09 03.52.49 | 000,015,872 | ---- | M] () -- D:\Programmi\Unlocker\UnlockerAssistant.exe
PRC - [2010/03/04 23.38.00 | 000,071,096 | ---- | M] () -- D:\Programmi\CDBurnerXP\NMSAccessU.exe
PRC - [2008/04/13 18.14.08 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011/12/04 20.51.09 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/10 23.04.38 | 001,989,592 | ---- | M] () -- D:\Programmi\Mozilla Firefox\mozjs.dll
MOD - [2010/11/21 15.54.34 | 000,094,208 | ---- | M] () -- D:\Programmi\FileZilla FTP Client\fzshellext.dll
MOD - [2010/03/17 02.46.08 | 000,563,200 | ---- | M] () -- D:\Programmi\Lightscreen\lightscreen.exe
MOD - [2010/03/09 03.55.54 | 000,004,608 | ---- | M] () -- D:\Programmi\Unlocker\UnlockerHook.dll
MOD - [2010/03/09 03.52.49 | 000,015,872 | ---- | M] () -- D:\Programmi\Unlocker\UnlockerAssistant.exe
MOD - [2010/03/04 23.38.00 | 000,071,096 | ---- | M] () -- D:\Programmi\CDBurnerXP\NMSAccessU.exe
MOD - [2010/02/16 18.09.36 | 000,936,448 | ---- | M] () -- D:\Programmi\Lightscreen\QtCore4.dll
MOD - [2010/02/10 19.01.18 | 000,192,000 | ---- | M] () -- D:\Programmi\Lightscreen\imageformats\qjpeg4.dll
MOD - [2010/02/10 15.43.38 | 003,844,096 | ---- | M] () -- D:\Programmi\Lightscreen\QtGui4.dll
MOD - [2010/02/10 15.10.26 | 000,431,104 | ---- | M] () -- D:\Programmi\Lightscreen\QtNetwork4.dll
MOD - [2009/06/22 19.42.42 | 000,043,008 | ---- | M] () -- D:\Programmi\Lightscreen\libgcc_s_dw2-1.dll
MOD - [2009/01/10 11.32.40 | 000,011,362 | ---- | M] () -- D:\Programmi\Lightscreen\mingwm10.dll
MOD - [2006/11/17 16.29.00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2003/02/18 13.48.08 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\dcccp106.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (StarWindServiceAE)
SRV - File not found [Disabled | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (gupdate) Servizio di Google Update (gupdate)
SRV - [2011/08/31 17.00.48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- D:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/15 15.18.10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- D:\Programmi\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/15 20.14.18 | 000,093,048 | ---- | M] (Dynamic Network Services, Inc.) [Disabled | Stopped] -- D:\Programmi\DynDNS Updater\DynUpSvc.exe -- (DynDNS Updater)
SRV - [2010/12/08 13.31.06 | 000,628,736 | ---- | M] (Nokia) [Disabled | Stopped] -- D:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/22 22.52.46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- D:\Programmi\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010/08/19 10.45.52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- D:\Programmi\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/04 23.38.00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Programmi\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/12/31 00.24.34 | 000,703,488 | ---- | M] (FileZilla Project) [Disabled | Stopped] -- D:\Programmi\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2009/12/08 19.26.15 | 003,616,768 | ---- | M] (Native Instruments GmbH) [Disabled | Stopped] -- D:\Programmi\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2006/10/26 18.49.34 | 000,441,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Programmi\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 12.03.08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Programmi\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/06 15.03.28 | 000,110,592 | ---- | M] () [Disabled | Stopped] -- D:\Programmi\Sitecom\IVT BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2005/04/04 00.41.10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- D:\Programmi\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/12/13 00.05.20 | 001,527,893 | ---- | M] (The Firebird Project) [Disabled | Stopped] -- D:\Programmi\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2004/12/13 00.05.20 | 000,065,536 | ---- | M] (The Firebird Project) [Disabled | Stopped] -- D:\Programmi\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2002/11/20 17.06.46 | 000,290,816 | ---- | M] () [Disabled | Stopped] -- D:\Programmi\NMapWin\bin\nmapserv.exe -- (NMap)

========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17.00.50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/08/07 20.22.05 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/30 13.16.46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/07/30 13.16.44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/30 13.16.42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/07/30 13.16.38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/07/26 11.24.46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/07/26 11.24.42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/04/12 09.44.34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/12 14.48.56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/16 07.02.40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/03/18 16.35.40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/02/24 17.42.14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/08/26 08.26.12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 10.53.10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 10.45.30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/09/24 14.28.46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/07/16 15.06.16 | 000,023,040 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2006/06/23 15.00.26 | 000,031,488 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2006/03/26 13.22.14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 17.27.01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/13 10.38.23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006/02/28 15.57.22 | 000,084,836 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2006/01/19 12.31.34 | 000,010,068 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/11/03 15.40.07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/09/23 21.18.32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/08/31 09.34.52 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2005/07/29 15.21.32 | 000,011,988 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/05/09 19.08.40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2005/04/30 13.50.10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2004/10/19 12.37.38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/08/19 14.31.46 | 000,607,292 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/03 21.32.32 | 000,084,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97via.sys -- (VIAudio) Controller audio (WDM)
DRV - [2004/08/03 21.31.34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/08/03 21.29.38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2003/04/09 10.17.14 | 000,227,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cccp106.sys -- (CCCP106)
DRV - [2001/08/30 21.13.28 | 000,908,224 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [1996/04/03 20.33.26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.it"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: tubestop@efinke.com:1.5
FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.150
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Programmi\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Programmi\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: D:\Programmi\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: D:\Programmi\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programmi\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.29\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Programmi\DivX\DivX Plus Web Player\firefox\html5video [2011/02/27 13.30.33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: D:\Programmi\DivX\DivX Plus Web Player\firefox\wpa [2011/02/27 13.30.34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Programmi\Mozilla Firefox\components [2011/11/10 23.04.42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Programmi\Mozilla Firefox\plugins [2011/10/27 12.53.17 | 000,000,000 | ---D | M]

[2011/02/08 20.08.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Extensions
[2011/02/08 20.08.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/11/16 12.43.30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions
[2011/03/09 23.57.19 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/11/16 12.43.30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/11/10 20.06.58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/13 13.38.38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/03/03 12.23.35 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\cacaoweb@cacaoweb.org
[2011/11/10 23.05.01 | 000,000,000 | ---D | M] (No name found) -- D:\Programmi\Mozilla Firefox\extensions
[2011/10/27 10.37.44 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/03 15.06.32 | 000,000,000 | ---D | M] (Java Console) -- D:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/10/23 21.06.26 | 000,000,000 | ---D | M] (Java Console) -- D:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\NICOLA\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EAS8FGNV.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\NICOLA\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EAS8FGNV.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\NICOLA\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EAS8FGNV.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/11/10 23.04.41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Programmi\mozilla firefox\components\browsercomps.dll
[2011/10/23 21.06.05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/29 02.19.35 | 000,002,252 | ---- | M] () -- D:\Programmi\mozilla firefox\searchplugins\bing.xml
[2011/09/29 02.59.20 | 000,000,744 | ---- | M] () -- D:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2011/09/29 02.59.20 | 000,000,825 | ---- | M] () -- D:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2011/09/29 02.59.20 | 000,001,182 | ---- | M] () -- D:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2011/09/29 02.59.20 | 000,000,953 | ---- | M] () -- D:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\11.0.696.71\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = D:\Programmi\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = D:\Programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = D:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Programmi\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = D:\Programmi\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = D:\Programmi\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = D:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\11.0.696.71\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\11.0.696.71\gears.dll
CHR - plugin: Orbit Downloader (Disabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = D:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = D:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Documents and Settings\Nicola\Dati applicazioni\Mozilla\Firefox\Profiles\eas8fgnv.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.29\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = D:\Programmi\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = D:\Programmi\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DownloadZoneForum Plugins = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\cgjekembodpjoebcoahkpkibiialnmlo\3.3.1_0\
CHR - Extension: DivX HiQ = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: SGPlus = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.6.4_0\
CHR - Extension: Move Your Photos = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\idiebfmmkhaffedkhjhapmagabcadjhc\2.9_0\
CHR - Extension: Picnik = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\inmnggcpelemfookhlhkdfbechcdadfp\1.0.6_0\
CHR - Extension: Batman theme by windows7themes.net = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lefchneceppjedhloipbcjfdknoahdkb\1.0_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \\u003Cvideo\\u003E = C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2011/11/25 17.35.32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Programmi\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programmi\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programmi\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programmi\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programmi\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] D:\Programmi\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003..\Run: [AlcoholAutomount] D:\Programmi\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003..\Run: [Lightscreen] D:\Programmi\Lightscreen\lightscreen.exe ()
O4 - Startup: C:\Documents and Settings\Marco\Menu Avvio\Programmi\Esecuzione automatica\LimeWire On Startup.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1547161642-2139871995-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - D:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - D:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - D:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - D:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Siti attendibili)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Siti attendibili)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Siti attendibili)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in Siti attendibili)
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in Siti attendibili)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{605D430A-FE85-4614-BF19-E6D7A16E2D6A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programmi\system\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programmi\system\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programmi\system\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Programmi\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Programmi\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\TaskMgr.exe: Debugger - D:\AAA Cercasi Documenti\dtaskmanager\DTaskManager\DTaskManager.exe (Dimio Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/07 16.04.01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/06 18.21.38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nicola\Desktop\OTL.exe
[2011/12/04 23.35.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Trophy Hunter 2003
[2011/12/04 12.32.55 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/12/04 12.11.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Hitman Pro
[2011/12/03 14.07.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Dati applicazioni\Canneverbe Limited
[2011/12/03 14.07.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2011/12/03 14.06.32 | 000,000,000 | ---D | C] -- D:\Programmi\CDBurnerXP
[2011/11/30 23.09.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mother
[2011/11/30 17.27.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\storage
[2011/11/29 23.11.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Desktop\test per pc
[2011/11/29 21.18.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AceGain LiveUpdate
[2011/11/29 21.18.18 | 000,000,000 | ---D | C] -- D:\Programmi\AceGain
[2011/11/29 21.17.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\BFVCC Server Manager
[2011/11/29 21.17.13 | 000,729,088 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2011/11/29 21.16.44 | 000,000,000 | ---D | C] -- D:\Programmi\BFVCC Server Manager
[2011/11/29 20.53.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Battlefield Vietnam
[2011/11/25 17.53.09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/25 17.42.22 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/11/25 00.58.19 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/11/25 00.57.46 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/11/25 00.57.40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/11/25 00.57.38 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/11/25 00.57.37 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/11/25 00.57.36 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/11/25 00.57.31 | 000,061,952 | ---- | C] (Scanner piano a colori) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/11/25 00.57.22 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/11/25 00.57.21 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/11/25 00.57.14 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/11/25 00.57.13 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/11/25 00.57.12 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/11/25 00.14.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\MultiProxy
[2011/11/25 00.14.17 | 000,000,000 | ---D | C] -- D:\Programmi\MultiProxy
[2011/11/23 19.22.36 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/11/23 19.18.50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/11/23 19.18.38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/23 00.54.15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nicola\Recent
[2011/11/23 00.44.57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Defraggler
[2011/11/23 00.44.54 | 000,000,000 | ---D | C] -- D:\Programmi\Defraggler
[2011/11/23 00.44.04 | 003,463,432 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Nicola\Documenti\dfsetup208.exe
[2011/11/23 00.28.11 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2011/11/23 00.28.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Registry Clean Expert
[2011/11/23 00.27.49 | 000,519,856 | ---- | C] (iExpert ) -- C:\Documents and Settings\Nicola\Documenti\registry-defrag.exe
[2011/11/21 23.35.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Menu Avvio\Programmi\HiJackThis
[2011/11/19 13.27.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\NCH Software
[2011/11/19 13.26.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Dati applicazioni\NCH Software
[2011/11/19 13.06.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\aTube Catcher
[2011/11/19 11.37.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Menu Avvio\Programmi\HHD Hex Editor Neo
[2011/11/19 11.37.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\HHD Software
[2011/11/16 19.32.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Desktop\prova
[2011/11/16 19.28.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Documenti\SISContents
[2011/11/16 19.28.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\SISContents
[2011/11/16 12.47.13 | 004,195,704 | ---- | C] (Garmin International) -- C:\Documents and Settings\Nicola\Documenti\GarminMapUpdater_v2.7.12.exe
[2011/11/16 12.44.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Dati applicazioni\Garmin
[2011/11/13 21.21.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\MountMusket Battalion
[2011/11/13 15.25.18 | 058,782,409 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\Nicola\Documenti\War3TFT_124e_English.exe
[2011/11/13 15.19.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Menu Avvio\Programmi\Warcraft III
[2011/11/13 15.19.53 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/11/13 13.47.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nicola\Dati applicazioni\GameRanger
[2011/11/13 13.46.09 | 000,114,352 | ---- | C] (GameRanger Technologies) -- C:\Documents and Settings\Nicola\Documenti\GameRangerSetup.exe

========== Files - Modified Within 30 Days ==========

[2011/12/06 18.21.40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nicola\Desktop\OTL.exe
[2011/12/06 18.10.16 | 000,065,578 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/06 18.09.40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/06 18.09.37 | 939,053,056 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/05 19.03.00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-2139871995-1801674531-1003UA.job
[2011/12/05 19.03.00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-2139871995-1801674531-1003Core.job
[2011/12/04 22.45.30 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/04 17.12.29 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/12/04 12.32.55 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/12/03 15.09.21 | 000,002,422 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\onda d'urto.axp
[2011/12/03 14.18.44 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011/12/02 18.20.58 | 000,000,332 | ---- | M] () -- C:\WINDOWS\desctemp.dat
[2011/12/01 02.59.26 | 000,042,392 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2011/11/30 17.43.52 | 001,654,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/29 21.18.42 | 000,000,765 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2011/11/29 21.18.10 | 000,729,088 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2011/11/25 17.51.04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/25 17.35.32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/25 00.14.24 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Nicola\Desktop\MultiProxy.lnk
[2011/11/24 21.50.50 | 001,665,177 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\Operation flashpoint.zip
[2011/11/23 19.22.48 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/11/23 00.44.06 | 003,463,432 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Nicola\Documenti\dfsetup208.exe
[2011/11/23 00.27.50 | 000,519,856 | ---- | M] (iExpert ) -- C:\Documents and Settings\Nicola\Documenti\registry-defrag.exe
[2011/11/23 00.26.32 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/11/23 00.17.58 | 007,623,829 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\ofp_goty_patch_196.zip
[2011/11/23 00.08.15 | 013,459,401 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\ofp_resistance_patch_196.zip
[2011/11/22 22.04.34 | 001,055,232 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\MicrosoftFixit50407.msi
[2011/11/21 23.35.20 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\HiJackThis.msi
[2011/11/20 20.30.36 | 000,007,478 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\cc_20111120_203028.reg
[2011/11/20 12.25.24 | 000,002,354 | ---- | M] () -- C:\Documents and Settings\Nicola\Dati applicazioni\SAS7_000.DAT
[2011/11/19 14.37.43 | 000,086,452 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\Need_For_Speed_Series_OST.3517291.TPB.torrent
[2011/11/19 13.38.47 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2011/11/19 13.33.50 | 000,000,812 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011/11/19 13.33.23 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\ss.ini
[2011/11/19 12.23.09 | 000,010,942 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\schedeoneshot.zip
[2011/11/16 19.11.21 | 003,518,899 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\Svgb2svg.7z
[2011/11/16 19.05.48 | 002,632,389 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\Siscontents_1.7.1.7z
[2011/11/16 14.07.23 | 000,006,569 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\Girone D amatori.pdf
[2011/11/16 13.42.48 | 000,182,341 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\800Jet.zip
[2011/11/16 13.42.37 | 000,112,646 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\carStripesPink.zip
[2011/11/16 13.26.13 | 000,001,127 | ---- | M] () -- C:\Documents and Settings\Nicola\Documenti\geocache.gpx
[2011/11/16 13.09.03 | 000,532,008 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2011/11/16 13.09.03 | 000,483,600 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/16 13.09.03 | 000,094,376 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2011/11/16 13.09.02 | 000,079,996 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/16 12.47.15 | 004,195,704 | ---- | M] (Garmin International) -- C:\Documents and Settings\Nicola\Documenti\GarminMapUpdater_v2.7.12.exe
[2011/11/13 15.42.10 | 000,070,641 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2011/11/13 15.34.43 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2011/11/13 15.34.42 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011/11/13 15.31.54 | 058,782,409 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\Nicola\Documenti\War3TFT_124e_English.exe
[2011/11/13 13.46.13 | 000,114,352 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Nicola\Documenti\GameRangerSetup.exe

========== Files Created - No Company Name ==========

[2011/12/04 12.12.19 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/12/03 15.09.19 | 000,002,422 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\onda d'urto.axp
[2011/12/03 14.18.43 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011/12/03 14.06.39 | 000,001,434 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\CDBurnerXP.lnk
[2011/12/03 14.06.36 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/12/02 18.20.58 | 000,000,332 | ---- | C] () -- C:\WINDOWS\desctemp.dat
[2011/12/01 02.59.26 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011/11/29 20.17.24 | 939,053,056 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/25 00.14.24 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Nicola\Desktop\MultiProxy.lnk
[2011/11/24 21.49.42 | 001,665,177 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\Operation flashpoint.zip
[2011/11/23 19.22.48 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/11/23 19.22.43 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011/11/23 00.17.56 | 007,623,829 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\ofp_goty_patch_196.zip
[2011/11/23 00.07.50 | 013,459,401 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\ofp_resistance_patch_196.zip
[2011/11/22 22.04.31 | 001,055,232 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\MicrosoftFixit50407.msi
[2011/11/21 23.35.19 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\HiJackThis.msi
[2011/11/20 20.30.34 | 000,007,478 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\cc_20111120_203028.reg
[2011/11/19 14.37.41 | 000,086,452 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\Need_For_Speed_Series_OST.3517291.TPB.torrent
[2011/11/19 13.38.46 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2011/11/19 13.26.34 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Express Burn Disc Burning Software.lnk
[2011/11/19 12.23.06 | 000,010,942 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\schedeoneshot.zip
[2011/11/16 20.12.34 | 000,401,582 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2011/11/16 19.10.49 | 003,518,899 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\Svgb2svg.7z
[2011/11/16 19.05.25 | 002,632,389 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\Siscontents_1.7.1.7z
[2011/11/16 14.07.23 | 000,006,569 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\Girone D amatori.pdf
[2011/11/16 13.42.47 | 000,182,341 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\800Jet.zip
[2011/11/16 13.42.23 | 000,112,646 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\carStripesPink.zip
[2011/11/16 13.26.12 | 000,001,127 | ---- | C] () -- C:\Documents and Settings\Nicola\Documenti\geocache.gpx
[2011/11/13 15.19.55 | 000,070,641 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011/11/13 15.19.54 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2011/11/13 13.47.39 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\Nicola\Menu Avvio\Programmi\GameRanger.lnk
[2011/09/04 15.10.57 | 000,004,963 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\bcdwrylw.kdv
[2011/09/02 08.41.55 | 000,205,824 | ---- | C] () -- C:\WINDOWS\pw32a.dll
[2011/08/20 17.30.26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2011/08/05 13.27.05 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2011/05/07 13.12.15 | 000,000,812 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/05/07 13.11.49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\ss.ini
[2011/05/06 23.21.28 | 000,002,354 | ---- | C] () -- C:\Documents and Settings\Nicola\Dati applicazioni\SAS7_000.DAT
[2011/02/05 00.59.51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011/01/30 13.44.05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011/01/26 20.58.49 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010/12/08 17.31.55 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010/11/09 22.01.54 | 000,139,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/11/09 22.00.42 | 000,233,920 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/11/09 22.00.32 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/26 17.34.24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2010/10/02 19.10.23 | 000,000,758 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010/10/02 10.41.02 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\PUTTY.RND
[2010/09/27 23.07.17 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\rjhExt.dll
[2010/09/17 14.21.49 | 000,000,765 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/09/06 18.35.41 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/05 11.02.16 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010/08/29 15.29.08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/28 18.15.38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010/08/28 18.15.38 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010/08/19 01.39.47 | 000,112,128 | ---- | C] () -- C:\Documents and Settings\Nicola\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/18 00.01.12 | 000,227,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys
[2010/08/18 00.01.11 | 000,192,512 | ---- | C] () -- C:\WINDOWS\select2.exe
[2010/08/18 00.01.11 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dcccp106.dll
[2010/08/18 00.01.11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vcccp106.dll
[2010/08/18 00.01.11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2010/08/18 00.01.11 | 000,000,317 | ---- | C] () -- C:\WINDOWS\DC2110a.ini
[2010/08/18 00.01.10 | 000,015,542 | ---- | C] () -- C:\WINDOWS\cccp106.ini
[2010/08/08 22.32.40 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/08/08 20.42.46 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/08/07 21.42.25 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/08/07 17.55.24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/07 17.52.59 | 001,654,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/07 16.07.45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/07 16.00.56 | 000,022,980 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/13 03.48.01 | 000,002,667 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM2.DLL
[2007/01/26 00.04.12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 00.04.12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/11/17 16.29.00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/11/17 16.29.00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/11/17 16.29.00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/11/17 16.29.00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/11/17 16.29.00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/11/17 16.29.00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/11/17 16.29.00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/11/17 16.29.00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/11/17 16.29.00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/11/17 16.29.00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/11/17 16.29.00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/04/14 08.14.12 | 000,014,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2005/07/29 15.21.32 | 000,011,988 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2004/08/19 14.52.50 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 13.20.40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/12/04 13.00.00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/12/04 13.00.00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/12/04 13.00.00 | 000,532,008 | ---- | C] () -- C:\WINDOWS\System32\perfh010.dat
[2001/12/04 13.00.00 | 000,483,600 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/12/04 13.00.00 | 000,300,212 | ---- | C] () -- C:\WINDOWS\System32\perfi010.dat
[2001/12/04 13.00.00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/12/04 13.00.00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/12/04 13.00.00 | 000,094,376 | ---- | C] () -- C:\WINDOWS\System32\perfc010.dat
[2001/12/04 13.00.00 | 000,079,996 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/12/04 13.00.00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/12/04 13.00.00 | 000,034,004 | ---- | C] () -- C:\WINDOWS\System32\perfd010.dat
[2001/12/04 13.00.00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/12/04 13.00.00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/12/04 13.00.00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1997/05/11 06.20.50 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\hs_regex.dll
[1996/04/03 20.33.26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011/07/06 13.32.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ableton
[2011/02/18 19.14.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Age of Empires 3
[2010/11/08 18.30.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\America's Army Deploy Client
[2010/09/23 19.58.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Bluetooth
[2011/12/03 14.07.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2010/10/18 22.13.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DynDNS
[2011/03/07 20.32.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\firebird
[2011/05/07 13.11.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\FreeRIP
[2011/12/04 12.11.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Hitman Pro
[2011/11/03 12.43.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ICQ
[2011/04/28 19.18.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2011/10/19 11.20.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
[2011/08/25 23.16.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MTA San Andreas All
[2011/02/13 17.13.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Native Instruments
[2011/07/07 13.45.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NCH Swift Sound
[2011/04/28 19.15.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2011/04/28 18.24.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaInstallerCache
[2010/08/14 16.12.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaMusic
[2011/05/06 22.36.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nuance
[2010/08/15 14.12.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2010/10/14 15.52.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2010/10/13 18.06.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate Collection
[2011/10/02 22.43.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle VideoSpin
[2011/10/02 10.20.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PMB Files
[2011/05/06 22.36.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2011/01/15 01.26.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sony
[2011/02/05 14.22.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sports Interactive
[2011/02/06 22.23.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TinyPic
[2011/01/29 00.33.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Tunngle
[2011/09/08 13.05.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Web Installer
[2011/02/13 17.08.01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{12C9D0C8-20A9-478B-A1E2-4A2B318DEF2E}
[2011/02/13 17.04.16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{1E073424-A3F8-474B-A503-A99428594527}
[2011/02/13 17.06.17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{1E8C7AE2-4367-4069-9771-8176841822C4}
[2011/02/13 17.11.42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{4E70D107-00B1-4793-A17B-C6B6D7EF3151}
[2011/02/13 17.16.32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{849DD083-B349-4E44-A4E6-B8E8DCED3B0A}
[2011/02/13 17.09.30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{B4EC8631-3359-4312-83DE-2903C693758B}
[2011/02/13 17.00.55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2010/08/08 15.22.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\File de La Battaglia per la Terra di Mezzo
[2010/09/22 18.33.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Gearbox Software
[2011/09/24 19.13.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\GrabPro
[2011/06/29 18.05.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\JDiskReport
[2011/10/16 18.11.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\LimeWire
[2010/10/28 16.12.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Mount&Blade
[2010/11/12 17.59.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Mount&Blade Warband
[2011/08/05 13.34.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\NCH Swift Sound
[2011/08/01 11.37.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Nokia
[2010/10/29 20.30.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Notepad++
[2011/06/29 20.50.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Opera
[2011/02/03 15.07.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Orbit
[2011/05/05 19.22.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\PC Suite
[2010/11/21 17.37.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\ProgSense
[2011/05/18 15.53.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Sports Interactive
[2011/06/21 20.56.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\uTorrent
[2011/08/28 18.10.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marco\Dati applicazioni\Windows Desktop Search
[2011/09/10 13.59.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\TSNotifier
[2011/01/09 13.34.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\.gaim
[2011/10/26 10.26.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\.minecraft
[2011/07/06 13.32.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Ableton
[2010/08/07 16.21.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Ascaron Entertainment
[2011/12/03 14.07.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Canneverbe Limited
[2011/08/07 23.35.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\com.solanomorales.desktoptools.DesktopRuler.518B64428688EC5962192FCA325B3D88321204D4.1
[2011/10/11 13.01.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\DDMSettings
[2011/02/09 17.04.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\EPSON
[2010/11/24 19.36.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\File de La Battaglia per la Terra di Mezzo
[2011/02/13 13.40.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\FileZilla
[2011/10/25 14.46.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\FOG Downloader
[2011/03/20 14.50.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\freeTVRadio
[2011/11/13 13.47.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\GameRanger
[2011/11/16 12.47.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Garmin
[2010/09/11 12.31.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Gearbox Software
[2010/11/04 21.34.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\GrabPro
[2011/05/10 18.47.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\HU2011
[2010/10/24 13.42.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\HyperLobby
[2011/08/05 17.29.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\ispy.SiteTalk.8CF3EC8B2B4CD62BD74AE964BF1C885851413A0D.1
[2011/01/18 16.16.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\JDiskReport
[2010/09/29 19.50.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\JonDo
[2010/08/07 18.27.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Mount&Blade
[2011/09/15 01.27.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Mount&Blade Warband
[2011/09/04 15.12.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\MOVAVI
[2011/11/16 17.51.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\My Battle for Middle-earth Files
[2010/11/26 17.50.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\My Games
[2011/07/07 13.40.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\NCH Swift Sound
[2011/05/05 14.54.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Nokia
[2011/11/17 23.10.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Notepad++
[2011/05/06 22.40.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Nuance
[2010/08/07 18.29.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Opera
[2011/12/01 19.54.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Orbit
[2010/08/15 14.12.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\PC Suite
[2010/08/11 12.04.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\ProgSense
[2011/01/15 01.37.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Publish Providers
[2011/10/19 11.28.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Screenshot Sender
[2011/01/15 01.35.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Sony
[2011/03/09 23.57.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Sony Online Entertainment
[2011/02/05 13.38.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Sports Interactive
[2011/07/26 16.49.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Steinberg
[2011/01/02 14.42.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\SWiSH Max3 ITA
[2011/07/27 14.08.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\SynthMaker
[2010/12/18 14.25.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\TeamViewer
[2010/08/29 15.29.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Thunderbird
[2011/08/31 14.15.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\ts3overlay
[2011/09/09 09.25.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\TSNotifier
[2011/02/09 19.24.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Tunngle
[2011/12/04 22.44.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\uTorrent
[2011/08/26 16.23.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nicola\Dati applicazioni\Windows Search
[2011/11/19 13.38.47 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2011/12/05 19.03.00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-2139871995-1801674531-1003Core.job
[2011/12/05 19.03.00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-2139871995-1801674531-1003UA.job
[2011/03/03 16.55.04 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\mixpadShakeIcon.job
[2011/08/08 13.34.44 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2011/06/13 17.21.05 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadDowngrade.job
[2011/12/03 14.18.44 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت

< End of report >

Visualizza allegato Extras.Txt

FDAC · 7 Dicembre 2011

Ciao.

Metti OTL.exe sul desktop. Avvialo e copia/incolla il codice sottostante nel Custom Scans/Fixes.

:OTL
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت

:Files
O4 - Startup: C:\Documents and Settings\Marco\Menu Avvio\Programmi\Esecuzione automatica\LimeWire On Startup.lnk = File not found
C:\Documents and Settings\Marco\Dati applicazioni\LimeWire

:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[CLEARALLRESTOREPOINTS]
[REBOOT]

Clicca su Run Fix e dai Ok. Potrebbe essere richiesto un riavvio, accetta.
Si aprirà un report salvalo ed allegalo.

Jostino · 8 Dicembre 2011

Ecco il log:
Visualizza allegato otl.txt

Jostino · 12 Dicembre 2011

Niente? il log l'ho messo ;)

FDAC · 12 Dicembre 2011

Uff.. allega un log di hijackthis

Jostino · 12 Dicembre 2011

Se ti crea troppo disturbo aiutarmi puoi dirlo, non mi arrabbio :)

FDAC · 13 Dicembre 2011

No nessun disturbo, solo non capisco cosa abbia il tuo PC.
Facciamo cosi, riniziamo da capo: allega un nuovo log di Hijackthis.

Jostino · 13 Dicembre 2011

Non so nemmeno io, ha iniziato a fare così tutto su un colpo, forse devo darci una pulita alla ventola del processore o roba così.. Formattarlo mi scasserebbe abbastanza.

Visualizza allegato hijackthis2.txt

FDAC · 13 Dicembre 2011

Scusa, ma non hai un antivirus??

Scarica Avira AntiVir Personal - Free Edition: Avira Free Antivirus - Download Best Antivirus Software
● posiziona il file scaricato sul sul Desktop
● installa il programma, seguendo questa semplice video guida: Avira Free Antivirus - Download Best Antivirus Software
● durante l'installazione, togli la spunta alla voce Esegui breve scansione del sistema dopo l’installazione
● al termine dell'installazione, esegui una Scansione Completa del sistema, procedendo così:
● doppio click sull'icona di Avira AntiVir Control Center, situata sul Desktop
● si aprirà la schermata principale del programma
● clicca su Avvia l'aggiornamento, per aggiornare le definizioni virali del programma
● una volta concluso, clicca su Analizza il sistema ora, per scansionare il sistema alla ricerca di malware
● attendi pazientemente il termine della scansione
● metti in quarantena le infezioni trovate: in tal modo se legittime, potrai ripristinarle
● allega il risultato che verrà rilasciato: per farlo, clicca su Report

R16 · 13 Dicembre 2011

@FDAC:

solo non capisco cosa abbia il tuo PC.

E sì che di scansioni ne hai fatte fare. (a vanvera)

@Jostino :
Hai l'MBR infetto.
Possiedi il CD d'installazione originale, comprensivo della Console di ripristino d'emergenza?

Jostino · 13 Dicembre 2011

FDAC è un anno che non ho antivirus e firewall e non ho mai avuto problemi, seriamente. Comunque R16 si ho il cd, cosa devo fare? Fixmbr?

Con avira avevo già fatto la scansione e ci ha messo 14 ore, non ho intenzione di aspettare altre 14 ore per una scansione sinceramente, anche perchè il pc lo usa anche mio padre per lavoro, non posso privarlo per una mezza giornata. Dall'ultima scansione di avira sul mio pc non è cambiato nulla.

FDAC · 14 Dicembre 2011

Ciao visto che R16 è intervenuto e ne sa di gran lunga più di me in fatto di rootkit persistenti, ti lascio nelle sue mani.
Francesco

R16 · 14 Dicembre 2011

Comunque R16 si ho il cd, cosa devo fare? Fixmbr?

Sì, per mezzo della Console di Ripristino digita:
FIXBOOT e poi Invio
Riscrive il settore di avvio (boot record) della partizione indicata.
Poi:
FIXMBR e poi Invio.
Per ripristinare il Master Boot Record del disco.
Alle varie richieste di confermare o annullare l'ordine, digita S se il S.O è in italiano, oppure Y se è in inglese.

Per uscire dalla Console, digita exit.
Ricorda di togliere il CD prima dell'avvio, altrimenti invece di caricarti il S.O ti caricherà di nuovo il cd.

Altra cosa:
Vorrei sapere quante partizioni ha quel HD, e perchè hai installato software che dovrebbero essere installati dove si trova il S.O, e invece si trovano nella partizione (o periferica) D:

Jostino · 14 Dicembre 2011

Ho 2 partizioni, la C: di winzoz e la D: dove installo principalmente programmi e giochi. L'ho fatto perchè così se devo reinstallare windows posso farlo senza perdere tutti i dati che mi servono. Che appunto sono nel D:

Comunque facendo Fixmbr mi dice che se ci sono piu partizioni c'è il rischio di danneggiarle con un nuovo boot di avvio, il cd non me lo fa partire ma prima della schermata di caricamento di windows posso accedere tranquillamente alla console o continuare a windows.

Che faccio lo eseguo comunque?

R16 · 14 Dicembre 2011

Procedi con FIXMBR.
Per schiarirti un pò le idee sulla Console:
Olimpo Informatico :: Leggi argomento - [GUIDA] La console di ripristino per Windows XP

Pc scattoso a tratti

Jostino

Utente Attivo

FDAC

Utente Attivo

Jostino

Utente Attivo

Jostino

Utente Attivo

FDAC

Utente Attivo

Jostino

Utente Attivo

FDAC

Utente Attivo

Jostino

Utente Attivo

FDAC

Utente Attivo

R16

Jostino

Utente Attivo

FDAC

Utente Attivo

R16

Jostino

Utente Attivo

R16