OTL logfile created on: 06/01/2014 2.31.30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Utente\Documenti\Download
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 45,29% Memory free
3,85 Gb Paging File | 2,88 Gb Available in Paging File | 74,88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 931,51 Gb Total Space | 409,80 Gb Free Space | 43,99% Space Free | Partition Type: NTFS
Computer Name: UTENTE-9429D0FD | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2014/01/06 02.28.57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utente\Documenti\Download\OTL.exe
PRC - [2013/12/26 23.53.48 | 000,106,280 | ---- | M] (SurfRight B.V.) -- C:\Programmi\HitmanPro\hmpsched.exe
PRC - [2013/12/20 10.28.22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programmi\Mozilla Firefox\firefox.exe
PRC - [2013/03/28 02.14.23 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programmi\Java\jre7\bin\jqs.exe
PRC - [2011/09/22 17.30.58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2011/09/01 07.54.39 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 15.17.55 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 15.17.44 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15.17.32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/09 13.30.08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/10/28 18.10.08 | 002,277,888 | ---- | M] (Topala Software Solutions) -- C:\Programmi\SIW\siw.exe
PRC - [2010/04/28 14.19.54 | 026,239,312 | ---- | M] (ACD Systems International Inc.) -- C:\Programmi\ACD Systems\ACDSee\12.0\ACDSee12.exe
PRC - [2008/11/09 21.48.14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/19 11.13.20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2007/06/28 03.06.52 | 000,106,496 | ---- | M] (Apple, Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/06/13 14.22.28 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/07 11.46.24 | 000,942,080 | ---- | M] (Diskeeper Corporation) -- C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2005/09/30 18.22.50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Programmi\Canon\CAL\CALMAIN.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/06 02.13.10 | 000,520,234 | ---- | M] () -- C:\Documents and Settings\Utente\Impostazioni locali\Temp\sqlite3.dll
MOD - [2013/12/20 10.28.22 | 003,559,024 | ---- | M] () -- C:\Programmi\Mozilla Firefox\mozjs.dll
MOD - [2013/12/11 11.39.49 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/08/07 20.25.24 | 000,093,696 | ---- | M] () -- C:\Programmi\FileZilla FTP Client\fzshellext.dll
MOD - [2010/06/17 14.28.20 | 000,355,688 | ---- | M] () -- C:\Programmi\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2005/07/13 14.55.44 | 000,024,064 | R--- | M] () -- C:\Programmi\ACD Systems\ACDSee\12.0\XalanMessages_1_9.dll
========== Services (SafeList) ==========
SRV - [2013/12/26 23.53.48 | 000,106,280 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Programmi\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2013/12/20 10.28.22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 11.39.50 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/28 02.14.23 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programmi\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/22 17.30.58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2011/09/01 07.54.39 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/28 15.17.44 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\sched.exe -- (AntiVirScheduler)
SRV - [2011/03/09 13.30.08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/12/01 23.25.52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/09 21.48.14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/19 11.13.20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ASTSRV.EXE -- (ASTSRV)
SRV - [2007/06/28 03.06.52 | 000,106,496 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006/10/18 15.27.18 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/06/07 11.46.24 | 000,942,080 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/09/30 18.22.50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programmi\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/10/22 03.24.18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 19.28.22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 22.25.00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Utente\IMPOST~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/05 15.33.00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012/06/05 15.33.00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012/06/05 15.33.00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012/06/05 15.33.00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011/09/01 07.54.41 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/09/01 07.54.41 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14.28.21 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14.28.11 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programmi\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2006/10/08 12.29.43 | 000,020,096 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006/08/23 02.53.14 | 001,723,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/08 20.47.00 | 000,067,712 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3132.sys -- (SI3132)
DRV - [2006/04/18 17.49.00 | 000,005,504 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2005/12/22 09.22.18 | 000,005,685 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2005/12/19 10.37.42 | 004,127,232 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005/09/19 00.41.00 | 000,241,280 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/04/12 09.41.20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005/03/09 14.53.00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/11/01 18.21.00 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2004/08/13 03.56.20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/08/04 00.08.22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/04/11 16.26.08 | 000,125,568 | ---- | M] (Pinnacle Systems GmbH) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\rob_v.sys -- (ROB_V)
DRV - [2003/02/10 14.14.00 | 000,017,664 | ---- | M] (Pinnacle Systems GmbH) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\rob_a.sys -- (ROB_A)
DRV - [2002/11/11 17.52.54 | 000,006,400 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctvvbi.sys -- (pctvvbi)
DRV - [2002/06/17 13.09.56 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2001/08/17 23.00.04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8D5FCE86-BE13-49B6-B7FC-29FD13646FBF}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ansa.it/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{1308CFAF-A8BD-4A4B-A077-EE6FB93CF6DF}: "URL" =
http://www.google.com/search?q={searchT ... 1I7GGLL_it
IE - HKCU\..\SearchScopes\{8D5FCE86-BE13-49B6-B7FC-29FD13646FBF}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKCU\..\SearchScopes\{E34E0F05-F317-465A-A9E5-FA8ACCEDD95C}: "URL" =
http://websearch.ask.com/redirect?clien ... 9453C6E869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://ansa.it"
FF - prefs.js..extensions.enabledAddons: %7Be968fc70-8f95-4ab9-9e79-304de2a71ee1%7D:0.7.3
FF - prefs.js..extensions.enabledAddons: pluswinks%40PlusWinks:3.0.0.0
FF - prefs.js..extensions.enabledAddons: specialsavings%40SpecialSavings.com:3.0.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
personas@christopher.beard:1.6.1
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programmi\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programmi\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programmi\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programmi\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\programmi\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\programmi\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\programmi\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/05 06.58.01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/05 06.58.01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Programmi\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2013/12/20 10.28.13 | 000,000,000 | ---D | M]
[2010/09/09 03.11.23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Extensions
[2010/06/02 19.17.56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Extensions\
home2@tomtom.com
[2014/01/03 17.47.42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\poqimvlx.default\extensions
[2013/11/14 23.54.49 | 000,348,260 | ---- | M] () (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\poqimvlx.default\extensions\
personas@christopher.beard.xpi
[2014/01/03 17.47.41 | 000,095,372 | ---- | M] () (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\poqimvlx.default\extensions\
pluswinks@PlusWinks.xpi
[2014/01/03 17.47.41 | 000,133,888 | ---- | M] () (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\poqimvlx.default\extensions\
specialsavings@SpecialSavings.com.xpi
[2012/07/06 18.45.23 | 000,042,336 | ---- | M] () (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\poqimvlx.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2013/12/20 10.28.11 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/12/20 10.28.11 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2013/12/20 10.28.22 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/06/05 06.57.37 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Programmi\mozilla firefox\plugins\nprpplugin.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.ansa.it/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programmi\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programmi\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Programmi\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programmi\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Programmi\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2001/08/31 16.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Programmi\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Programmi\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: Scan link with AEE - res://C:\Programmi\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Programmi\Opanda\IExif 2.3\IExifCom.htm ()
O9 - Extra Button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9}
http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
http://office.microsoft.com/officeupdat ... /opuc3.cab (Office Update Installation Engine)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F122888-EA66-4F40-80C5-E3B3CEDCFEF4}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msero {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\MSERO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/18 14.13.56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/10/26 22.14.41 | 000,007,872 | ---- | M] () - C:\AutoEyeuninstal.log -- [ NTFS ]
O33 - MountPoints2\{282f978b-6e73-11df-b4ba-0017319680ce}\Shell\AutoRun\command - "" = D:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2013/12/26 23.53.48 | 000,000,000 | ---D | C] -- C:\Programmi\HitmanPro
[2013/12/26 23.53.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\HitmanPro
[2013/12/26 23.51.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\HitmanPro
[2013/12/26 19.25.40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/26 17.09.23 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro
[2013/12/26 17.09.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Menu Avvio\Programmi\HiJackThis
[2013/12/20 10.28.10 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/12/13 14.40.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2014/01/06 02.39.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/06 02.37.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/06 02.23.00 | 000,001,246 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1303643608-682003330-1003UA.job
[2014/01/06 02.13.17 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/01/06 02.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2014/01/06 01.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/01/06 00.30.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/01/06 00.03.10 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2014/01/06 00.02.40 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1303643608-682003330-1003.job
[2014/01/06 00.02.35 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/06 00.02.35 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2014/01/06 00.02.28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/05 23.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2014/01/05 22.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2014/01/05 21.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2014/01/05 20.34.49 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{463F35E0-08D4-49C5-AF96-0847C33E734A}.job
[2014/01/05 20.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2014/01/05 19.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2014/01/05 18.23.00 | 000,001,194 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1303643608-682003330-1003Core.job
[2014/01/05 18.01.02 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1303643608-682003330-1003.job
[2014/01/05 18.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2014/01/05 17.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2014/01/05 16.22.00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2014/01/05 16.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2014/01/05 15.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2014/01/05 14.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2014/01/05 13.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2014/01/04 21.30.53 | 000,002,241 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/01/04 20.20.05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/01/04 06.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2014/01/04 05.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2014/01/04 04.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2014/01/04 03.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2014/01/04 00.01.16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/01/02 12.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2013/12/30 11.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2013/12/29 17.50.01 | 000,002,427 | ---- | M] () -- C:\Documents and Settings\Utente\Desktop\HiJackThis.lnk
[2013/12/27 10.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2013/12/26 23.53.48 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
[2013/12/22 09.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2013/12/22 08.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2013/12/17 07.00.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2013/12/13 14.40.45 | 000,001,888 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/11 11.39.49 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/11 11.39.49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/06 03.28.56 | 000,002,346 | ---- | M] () -- C:\Documents and Settings\Utente\Desktop\Google Chrome.lnk
[2013/11/19 18.58.48 | 000,175,616 | ---- | M] () -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/12/26 23.53.48 | 000,001,597 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
[2013/12/26 17.09.23 | 000,002,427 | ---- | C] () -- C:\Documents and Settings\Utente\Desktop\HiJackThis.lnk
[2013/12/13 14.40.45 | 000,001,888 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/07/18 17.43.59 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\ReminderNextRun
[2009/01/20 21.20.09 | 000,000,370 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008/09/03 11.50.32 | 000,009,659 | ---- | C] () -- C:\Documents and Settings\Utente\sjamesse.exe
[2006/10/30 16.18.34 | 000,001,367 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\QTSBandwidthCache
[2006/10/19 10.05.20 | 000,030,716 | ---- | C] () -- C:\Documents and Settings\Utente\intlname.ols
[2006/10/18 20.25.24 | 000,175,616 | ---- | C] () -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/18 14.40.51 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\fusioncache.dat
========== ZeroAccess Check ==========
[2006/10/18 14.40.07 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2007/10/11 07.12.30 | 001,495,040 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11.18.59 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/19 14.39.30 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008/10/24 09.34.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ACD Systems
[2011/12/16 03.06.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alien Skin
[2012/02/04 14.43.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
[2010/10/25 16.30.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Avery
[2014/01/04 23.17.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Easybits GO
[2013/12/27 00.00.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\HitmanPro
[2011/12/08 00.17.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\InstallMate
[2008/09/29 21.30.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
[2011/12/01 20.47.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nik Software
[2006/10/18 16.36.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2011/12/04 20.13.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\regid.1986-12.com.adobe
[2009/01/20 21.18.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2012/01/06 00.35.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/06/02 19.20.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
[2009/01/20 21.19.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zeon
[2006/10/18 20.24.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\ACD Systems
[2011/11/09 02.32.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Alien Skin
[2011/01/04 16.09.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Anthropics
[2012/02/04 14.27.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Autodesk
[2010/10/25 16.31.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Avery
[2010/05/11 21.42.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Canon
[2011/12/04 17.19.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/11/16 23.33.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\FileZilla
[2008/01/23 01.55.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Flickr
[2014/01/04 21.32.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\go
[2006/10/18 15.12.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Leadertech
[2006/10/25 21.52.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\MAPILab Ltd
[2010/04/09 17.55.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\MyLogoMaker
[2007/01/24 19.18.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Opera
[2009/01/20 21.25.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\ScanSoft
[2011/11/09 19.35.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\SilverEfexPro2
[2006/10/18 15.19.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\SlySoft
[2013/06/01 12.36.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\SmartDraw
[2012/01/04 23.28.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/06/02 19.17.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\TomTom
[2013/09/09 07.57.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\uTorrent
[2012/03/13 01.38.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\YCanPDF
[2009/01/25 01.37.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Zeon
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:642312F4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:C59E90A4
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:054B9966
< End of report >