OTL LOG:
OTL logfile created on: 25/01/2011 19.00.09 - Run 1
OTL by OldTimer - Version 3.2.20.5 Folder = C:\Documents and Settings\Carlo\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 114,49 Gb Total Space | 26,71 Gb Free Space | 23,33% Space Free | Partition Type: NTFS
Drive D: | 189,92 Gb Total Space | 0,57 Gb Free Space | 0,30% Space Free | Partition Type: NTFS
Computer Name: E5300 | User Name: Carlo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Carlo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Carlo\Dati applicazioni\xvcpuvjsftejqkl3orwl23pgnqdxobdi2\svcnost.exe (Foxit Corporation)
PRC - C:\Documents and Settings\Carlo\Dati applicazioni\dwm.exe ()
PRC - C:\Documents and Settings\Carlo\Impostazioni locali\Temp\csrss.exe ()
PRC - C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH.exe ()
PRC - C:\Documents and Settings\All Users\Dati applicazioni\cUMFnOImmwEhX.exe ()
PRC - C:\Documents and Settings\Carlo\Dati applicazioni\Microsoft\conhost.exe ()
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programmi\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
PRC - C:\WINDOWS\system32\WgaTray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Carlo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll ()
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.)
========== Win32 Services (SafeList) ========== SRV - (AMService) -- File not found
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (fsssvc) -- C:\Programmi\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programmi\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AntiVirService) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (SmcService) -- C:\Programmi\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
========== Driver Services (SafeList) ========== DRV - (cat2b6d) -- C:\WINDOWS\System32\drivers\cat2b6d.sys ()
DRV - (ndisrd) -- C:\WINDOWS\system32\drivers\ndisrd.sys (NT Kernel Resources)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (RkHit) -- C:\WINDOWS\system32\drivers\RKHit.sys ()
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programmi\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (miniEther) -- C:\WINDOWS\system32\drivers\miniEther.sys (LayerWalker Technology, Inc.)
DRV - (miniSAN) -- C:\WINDOWS\system32\drivers\miniSAN.sys (LayerWalker Technology, Inc.)
DRV - (Navcar) -- C:\WINDOWS\system32\drivers\Navcar.sys (NAVMAN)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (wg6n) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys (Sygate Technologies, Inc.)
DRV - (wg5n) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys (Sygate Technologies, Inc.)
DRV - (wg4n) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys (Sygate Technologies, Inc.)
DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)
DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)
DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.it/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\AV, =
http://www.altavista.com/sites/search/web?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\FM, =
http://www.filemirrors.com/search.src?file=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\GGL, =
http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\MSKB, =
http://support.microsoft.com/?kbid=%s
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
http://search.msn.com/results.asp?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63636
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\AV, =
http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\FM, =
http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\GGL, =
http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\MSKB, =
http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63636
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\AV, =
http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\FM, =
http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\GGL, =
http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\MSKB, =
http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\AV, =
http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\FM, =
http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\GGL, =
http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\MSKB, =
http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com/home?AF=14542IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Internet Explorer\SearchURL\AV, =
http://www.altavista.com/sites/search/web?q=%s
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Internet Explorer\SearchURL\FM, =
http://www.filemirrors.com/search.src?file=%s
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Internet Explorer\SearchURL\GGL, =
http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Internet Explorer\SearchURL\MSKB, =
http://support.microsoft.com/?kbid=%s
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
http://search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programmi\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\..\URLSearchHook: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Programmi\Babylon-English\tbBab2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-484763869-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56667
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "www.google.it"
FF - prefs.js..extensions.enabledItems: {ce18769b-c7fa-42d2-860d-17c4662c70ad}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.11
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.4.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2010/12/19 14.23.40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2010/12/19 14.23.37 | 000,000,000 | ---D | M]
[2010/02/25 04.53.26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Extensions
[2011/01/25 15.09.48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions
[2010/11/17 14.05.25 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/01/17 18.43.26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/30 20.28.01 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/10/11 01.10.42 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/10/30 20.27.47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/10/30 20.27.48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/27 21.50.44 | 000,000,000 | ---D | M] (Babylon-English Toolbar) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
[2010/06/29 06.11.02 | 000,000,000 | ---D | M] ("CoolPreviews") -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/10/30 20.28.09 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/10/30 20.28.07 | 000,000,000 | ---D | M] (Yoono) -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2010/07/31 13.05.33 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\foi1ahr1.default\searchplugins\conduit.xml
[2010/12/19 14.23.38 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2010/02/21 16.27.29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/08/27 21.50.39 | 000,002,226 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\babylon.xml
[2010/12/03 20.00.54 | 000,000,744 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\eBay-it.xml
[2010/12/03 20.00.54 | 000,000,825 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\hoepli.xml
[2010/12/03 20.00.54 | 000,001,182 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\wikipedia-it.xml
[2010/12/03 20.00.54 | 000,000,953 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: ([2011/01/15 16.09.42 | 000,001,037 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.8minutedating.comO1 - Hosts: 127.0.0.1 whysohardx.com
O1 - Hosts: 127.0.0.1 protectyourpc-11.com
O1 - Hosts: 127.0.0.1 checkserverstatux.com
O1 - Hosts: 127.0.0.1 xinmin.cn
O1 - Hosts: 127.0.0.1 xy95.cn
O1 - Hosts: 127.0.0.1 koralda.com
O1 - Hosts: 127.0.0.1 weirden.com
O1 - Hosts: 127.0.0.1 nanocloudcontroller.com
O1 - Hosts: 127.0.0.1 coo0lnet.net
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programmi\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Babylon-English Toolbar) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Programmi\Babylon-English\tbBab2.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programmi\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon-English Toolbar) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Programmi\Babylon-English\tbBab2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-484763869-1123561945-725345543-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-484763869-1123561945-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programmi\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-484763869-1123561945-725345543-1003\..\Toolbar\WebBrowser: (Babylon-English Toolbar) - {CE18769B-C7FA-42D2-860D-17C4662C70AD} - C:\Programmi\Babylon-English\tbBab2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\Carlo\Dati applicazioni\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SmcService] C:\Programmi\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defense] File not found
O4 - HKU\.DEFAULT..\Run: [mssend] File not found
O4 - HKU\S-1-5-18..\Run: [mssend] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [{56087C01-33D0-4EAA-56A6-381F705A4D8F}] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [{7DD02E64-6DD8-9202-2B83-0D36C704B6F3}] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [{DF366355-A3B0-0170-31D6-94CEEA1FD19C}] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [20W6RLKX65] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [3FWHZQA3LT] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [4drvyAgR] C:\Documents and Settings\All Users\Dati applicazioni\4drvyAgR.exe ()
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [CE8SIIFGSU] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [cUMFnOImmwEhX.exe] C:\Documents and Settings\All Users\Dati applicazioni\cUMFnOImmwEhX.exe ()
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [DAT39.tmp.exe] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [kEyCDTWDyyH] C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH.exe ()
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [mssend] C:\Documents and Settings\Carlo\Dati applicazioni\xvcpuvjsftejqkl3orwl23pgnqdxobdi2\svcnost.exe (Foxit Corporation)
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [TJHTHX1O7X] File not found
O4 - HKU\S-1-5-21-484763869-1123561945-725345543-1003..\Run: [Windows Defense] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\McAfee Security Scan Plus.lnk = C:\Programmi\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Carlo\Menu Avvio\Programmi\Esecuzione automatica\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
F3 - HKU\.DEFAULT WinNT: Load - (C:\WINDOWS\TEMP\csrss.exe) - File not found
F3 - HKU\S-1-5-18 WinNT: Load - (C:\WINDOWS\TEMP\csrss.exe) - File not found
F3 - HKU\S-1-5-21-484763869-1123561945-725345543-1003 WinNT: Load - (C:\DOCUME~1\Carlo\IMPOST~1\Temp\csrss.exe) - C:\Documents and Settings\Carlo\Impostazioni locali\Temp\csrss.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1123561945-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Carlo\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmi\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - ("C:\Documents and Settings\NetworkService\Dati applicazioni\h3elkwkrrqx1ckhyffzgdlrcokfmfmz2\csrss.exe") - C:\Documents and Settings\NetworkService\Dati applicazioni\h3elkwkrrqx1ckhyffzgdlrcokfmfmz2\csrss.exe (Foxit Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Programmi\Windows NT\dwm.exe) - C:\Programmi\Windows NT\dwm.exe ()
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Programmi\Windows NT\dwm.exe) - C:\Programmi\Windows NT\dwm.exe ()
O20 - HKU\S-1-5-21-484763869-1123561945-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-484763869-1123561945-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Carlo\Dati applicazioni\dwm.exe) - C:\Documents and Settings\Carlo\Dati applicazioni\dwm.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\krambst: DllName - krambst.dll - File not found
O20 - Winlogon\Notify\mputreg: DllName - mputreg.dll - File not found
O20 - Winlogon\Notify\reset5c: DllName - reset5c.dll - C:\WINDOWS\System32\reset5c.dll ()
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Carlo\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Carlo\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/17 17.58.22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/03/23 19.51.33 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9eb7b453-ea22-11df-90ef-0025220e167c}\Shell - "" = AutoRun
O33 - MountPoints2\{9eb7b453-ea22-11df-90ef-0025220e167c}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/25 18.59.11 | 000,603,136 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Carlo\Desktop\OTL.exe
[2011/01/25 18.53.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\xvcpuvjsftejqkl3orwl23pgnqdxobdi2
[2011/01/25 00.04.56 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Carlo\Desktop\ATF-Cleaner.exe
[2011/01/25 00.03.04 | 000,684,440 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Documents and Settings\Carlo\Desktop\SpyHunter-Installer.exe
[2011/01/24 23.50.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Menu Avvio\Programmi\Windows Scan
[2011/01/22 15.50.01 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/22 15.38.47 | 000,000,000 | ---D | C] -- C:\Microsoft
[2011/01/21 20.30.11 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro
[2011/01/21 20.30.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Menu Avvio\Programmi\HiJackThis
[2011/01/20 20.04.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\Wyecu
[2011/01/20 20.04.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\Pyuw
[2011/01/20 15.34.17 | 000,000,000 | ---D | C] -- C:\Programmi\Prevx
[2011/01/20 15.33.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\PrevxCSI
[2011/01/20 15.02.03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Desktop\SpybotSD_Portable_1.6.3.50_MultiLang
[2011/01/20 03.02.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2011/01/20 02.38.47 | 000,000,000 | ---D | C] -- C:\Programmi\TeaTimer (Spybot - Search & Destroy)
[2011/01/20 02.38.47 | 000,000,000 | ---D | C] -- C:\Programmi\SDHelper (Spybot - Search & Destroy)
[2011/01/20 02.38.47 | 000,000,000 | ---D | C] -- C:\Programmi\Misc. Support Library (Spybot - Search & Destroy)
[2011/01/20 02.38.47 | 000,000,000 | ---D | C] -- C:\Programmi\File Scanner Library (Spybot - Search & Destroy)
[2011/01/19 13.51.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\SpyDig
[2011/01/19 13.51.35 | 000,000,000 | ---D | C] -- C:\Programmi\SpyDig
[2011/01/19 13.46.42 | 031,224,234 | ---- | C] (spydig.com, Inc. ) -- C:\Documents and Settings\Carlo\Desktop\Spydig_Setup.exe
[2011/01/19 01.56.19 | 000,020,480 | ---- | C] (NT Kernel Resources) -- C:\WINDOWS\System32\drivers\ndisrd.sys
[2011/01/18 14.19.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\xssend2
[2011/01/18 01.45.03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dati applicazioni\xssend2
[2011/01/18 01.44.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dati applicazioni\h3elkwkrrqx1ckhyffzgdlrcokfmfmz2
[2011/01/16 19.03.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\Icfut
[2011/01/16 17.47.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dati applicazioni\Sun
[2011/01/14 20.28.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\DVDVideoSoftTB
[2011/01/14 20.28.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Babylon-English
[2011/01/14 20.28.03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Apple
[2011/01/14 13.51.02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dati applicazioni\Sun
[2011/01/14 00.58.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\ImgBurn
[2011/01/14 00.15.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ImgBurn
[2011/01/14 00.15.11 | 000,000,000 | ---D | C] -- C:\Programmi\ImgBurn
[2011/01/02 01.24.31 | 000,000,000 | ---D | C] -- C:\Programmi\Commandos II
[2011/01/02 01.24.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Commandos II
[2011/01/02 00.40.43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CyberInstallerUninstallerSystem
[2011/01/02 00.40.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Magnaccio Manager
[2011/01/02 00.40.27 | 000,000,000 | ---D | C] -- C:\Programmi\Magnaccio Manager
[2011/01/02 00.40.12 | 000,198,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MCI32.OCX
[2011/01/01 22.42.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Documenti\Max Payne Savegames
[2011/01/01 21.05.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\ScummVM
[2011/01/01 20.23.18 | 000,000,000 | ---D | C] -- C:\Programmi\GameSpy Arcade
[2010/12/31 17.40.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\SynthMaker
[2010/12/31 14.54.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Desktop\da aggiungere alle varie
[2010/12/27 17.10.22 | 000,000,000 | ---D | C] -- C:\Programmi\ASIO4ALL v2
[2010/12/27 17.10.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Menu Avvio\Programmi\ASIO4ALL v2
[2010/12/27 16.51.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\TuneUp Companion
[2010/12/27 16.51.03 | 000,000,000 | ---D | C] -- C:\Programmi\TuneUpMedia
[2010/12/27 16.50.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\TuneUpMedia
[2010/12/27 16.50.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUpMedia
[2010/12/27 16.50.01 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2010/12/27 16.49.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Impostazioni locali\Dati applicazioni\OpenCandy
[2010/12/27 16.49.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Dati applicazioni\OpenCandy
[2010/12/27 16.49.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Documenti\Image-Line
[2010/12/27 16.48.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carlo\Menu Avvio\Programmi\Image-Line
[2010/12/27 16.48.54 | 000,000,000 | ---D | C] -- C:\Programmi\VstPlugins
[2010/12/27 16.48.49 | 000,000,000 | ---D | C] -- C:\Programmi\Outsim
[2010/12/27 16.44.56 | 000,000,000 | ---D | C] -- C:\Programmi\Image-Line
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/01/25 18.59.16 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\f759oi97.exe
[2011/01/25 18.59.10 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carlo\Desktop\OTL.exe
[2011/01/25 18.59.00 | 000,001,240 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1123561945-725345543-1003UA.job
[2011/01/25 18.58.58 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\~kEyCDTWDyyH
[2011/01/25 18.58.58 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\~kEyCDTWDyyHr
[2011/01/25 18.57.29 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH
[2011/01/25 18.57.28 | 000,426,496 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\ddFCbyTMrPiox.dll
[2011/01/25 18.57.23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/25 18.57.22 | 2137,313,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/25 18.49.11 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\~4drvyAgR
[2011/01/25 18.49.11 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\~4drvyAgRr
[2011/01/25 15.16.57 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\HiJackThis.lnk
[2011/01/25 13.55.12 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\Carlo\Dati applicazioni\dwm.exe
[2011/01/25 13.54.52 | 000,015,560 | ---- | M] () -- C:\Documents and Settings\Carlo\Dati applicazioni\048E.D16
[2011/01/25 13.53.56 | 000,380,928 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH.exe
[2011/01/25 00.38.34 | 000,000,245 | -HS- | M] () -- C:\boot.ini
[2011/01/25 00.06.00 | 000,719,873 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\rkill.com
[2011/01/25 00.04.54 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Carlo\Desktop\ATF-Cleaner.exe
[2011/01/25 00.03.01 | 000,684,440 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Documents and Settings\Carlo\Desktop\SpyHunter-Installer.exe
[2011/01/24 23.50.34 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\Windows Scan.lnk
[2011/01/24 23.50.31 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\4drvyAgR
[2011/01/24 23.22.33 | 000,380,928 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\4drvyAgR.exe
[2011/01/24 23.22.30 | 000,463,872 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\cUMFnOImmwEhX.exe
[2011/01/24 03.06.26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/23 16.41.48 | 005,204,096 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\Big L 98 Freestyle.mp3
[2011/01/23 01.59.00 | 000,001,188 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1123561945-725345543-1003Core.job
[2011/01/22 19.24.09 | 000,114,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/22 16.44.01 | 000,076,192 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\casa_bianca.jpg
[2011/01/21 20.29.58 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\HiJackThis.msi
[2011/01/21 20.28.01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/20 15.51.20 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/01/20 02.59.57 | 000,000,095 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/01/20 02.32.36 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\spydig.lnk
[2011/01/19 18.10.21 | 000,358,470 | -H-- | M] () -- C:\Documents and Settings\Carlo\Dati applicazioni\rel.exe
[2011/01/19 13.52.24 | 000,000,022 | ---- | M] () -- C:\WINDOWS\tpcsd
[2011/01/19 13.48.25 | 031,224,234 | ---- | M] (spydig.com, Inc. ) -- C:\Documents and Settings\Carlo\Desktop\Spydig_Setup.exe
[2011/01/19 13.27.46 | 000,138,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\cat2b6d.sys
[2011/01/19 04.35.14 | 077,480,579 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\TCF.rar
[2011/01/19 02.37.04 | 000,056,832 | ---- | M] () -- C:\Documents and Settings\Carlo\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/19 01.56.19 | 000,020,480 | ---- | M] (NT Kernel Resources) -- C:\WINDOWS\System32\drivers\ndisrd.sys
[2011/01/18 14.44.39 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/17 23.57.44 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Carlo\Dati applicazioni\mdjaw.dat
[2011/01/15 14.31.05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Carlo\regsvr32
[2011/01/15 14.11.57 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/27 18.55.18 | 000,009,927 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\Da Bullshit (2.1.1).mp3
[2010/12/27 17.24.41 | 000,098,743 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\Da Bullshit (2.1).mp3
[2010/12/27 16.50.01 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Carlo\Desktop\FL Studio 9.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/01/25 18.59.18 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\f759oi97.exe
[2011/01/25 18.58.58 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\~kEyCDTWDyyH
[2011/01/25 18.58.58 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\~kEyCDTWDyyHr
[2011/01/25 18.57.29 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH
[2011/01/25 13.54.26 | 000,177,664 | ---- | C] () -- C:\Documents and Settings\Carlo\Dati applicazioni\dwm.exe
[2011/01/25 13.53.55 | 000,380,928 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\kEyCDTWDyyH.exe
[2011/01/25 03.27.04 | 2137,313,280 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/25 00.06.00 | 000,719,873 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\rkill.com
[2011/01/24 23.57.45 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\~4drvyAgR
[2011/01/24 23.57.45 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\~4drvyAgRr
[2011/01/24 23.50.34 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\Windows Scan.lnk
[2011/01/24 23.50.31 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\4drvyAgR
[2011/01/24 23.22.33 | 000,380,928 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\4drvyAgR.exe
[2011/01/24 23.22.31 | 000,426,496 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\ddFCbyTMrPiox.dll
[2011/01/24 23.22.30 | 000,463,872 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\cUMFnOImmwEhX.exe
[2011/01/23 16.41.38 | 005,204,096 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\Big L 98 Freestyle.mp3
[2011/01/22 19.24.47 | 000,015,560 | ---- | C] () -- C:\Documents and Settings\Carlo\Dati applicazioni\048E.D16
[2011/01/22 16.42.07 | 000,076,192 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\casa_bianca.jpg
[2011/01/21 20.30.11 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\HiJackThis.lnk
[2011/01/21 20.29.59 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\HiJackThis.msi
[2011/01/20 15.51.05 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/01/20 02.59.57 | 000,000,095 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/01/19 18.10.19 | 000,358,470 | -H-- | C] () -- C:\Documents and Settings\Carlo\Dati applicazioni\rel.exe
[2011/01/19 13.52.24 | 000,000,022 | ---- | C] () -- C:\WINDOWS\tpcsd
[2011/01/19 13.51.51 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\spydig.lnk
[2011/01/19 13.51.39 | 000,029,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\RKHit.sys
[2011/01/19 13.27.46 | 000,138,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\cat2b6d.sys
[2011/01/19 04.30.04 | 077,480,579 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\TCF.rar
[2011/01/18 20.52.53 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Carlo\Dati applicazioni\A07LcmnL0l.txt
[2011/01/17 23.57.35 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Carlo\Dati applicazioni\mdjaw.dat
[2011/01/16 17.52.52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\reset5c.dll
[2011/01/15 14.30.14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Carlo\regsvr32
[2010/12/27 18.53.30 | 000,009,927 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\Da Bullshit (2.1.1).mp3
[2010/12/27 17.24.40 | 000,098,743 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\Da Bullshit (2.1).mp3
[2010/12/27 16.50.01 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Carlo\Desktop\FL Studio 9.lnk
[2010/09/05 18.28.20 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2010/09/05 18.28.20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2010/09/05 18.28.19 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/05 18.28.19 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/05 18.28.18 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010/06/02 15.19.49 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/02 14.26.20 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/02/25 13.05.16 | 000,056,832 | ---- | C] () -- C:\Documents and Settings\Carlo\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/17 19.47.31 | 000,064,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2010/02/17 18.51.04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/17 18.26.21 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4990.dll
[2004/08/10 20.39.04 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll
[2004/07/17 13.36.38 | 000,028,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/05/04 14.19.00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\avisynthEx.dll
[2002/04/21 19.30.14 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/04/19 15.23.26 | 000,106,137 | ---- | C] () -- C:\WINDOWS\System32\libpostproc.dll
[2002/04/19 14.51.04 | 000,211,760 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2002/04/01 23.16.30 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/04/01 23.16.14 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/04/01 23.15.40 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/02/21 17.41.20 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/06/22 12.06.02 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MPEG2DEC.dll
< End of report >