Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DDS (Ver_10-03-17.01) - NTFSx86
- Run by tonicooperi at 14.31.53,54 on 02/06/2010
- Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
- Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1012.80 [GMT 2:00]
- AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
- AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
- FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
- ============== Running Processes ===============
- C:\WINDOWS\system32\svchost -k DcomLaunch
- svchost.exe
- C:\WINDOWS\System32\svchost.exe -k netsvcs
- C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
- C:\Programmi\Sygate\SPF\smc.exe
- svchost.exe
- svchost.exe
- C:\WINDOWS\system32\spoolsv.exe
- C:\Programmi\Avira\AntiVir Desktop\sched.exe
- svchost.exe
- C:\Programmi\Avira\AntiVir Desktop\avguard.exe
- svchost.exe
- C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
- C:\Programmi\Java\jre6\bin\jqs.exe
- C:\Programmi\Sandboxie\SbieSvc.exe
- C:\WINDOWS\system32\svchost.exe -k imgsvc
- C:\WINDOWS\system32\wbem\wmiapsrv.exe
- C:\WINDOWS\Explorer.EXE
- C:\WINDOWS\system32\igfxtray.exe
- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
- C:\WINDOWS\system32\igfxsrvc.exe
- C:\WINDOWS\system32\igfxpers.exe
- C:\WINDOWS\RTHDCPL.EXE
- C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
- C:\WINDOWS\system32\rundll32.exe
- C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
- C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
- C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
- C:\Programmi\File comuni\Java\Java Update\jusched.exe
- C:\Programmi\FreePDF_XP\fpassist.exe
- C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
- C:\WINDOWS\system32\SmartAssemblyHelper.exe
- C:\WINDOWS\system32\DannyHost.exe
- C:\Programmi\WebMoney Agent\wmagent.exe
- C:\WINDOWS\system32\igfxext.exe
- C:\Programmi\Skype\Phone\Skype.exe
- C:\Programmi\Messenger\msmsgs.exe
- C:\Programmi\DAEMON Tools Pro\DTProAgent.exe
- C:\Programmi\ICQ6.5\ICQ.exe
- C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe
- C:\Programmi\Sandboxie\SbieCtrl.exe
- C:\DOCUME~1\TONICO~1\IMPOST~1\Temp\RtkBtMnt.exe
- C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
- C:\Documents and Settings\tonicooperi\Dati applicazioni\Dropbox\bin\Dropbox.exe
- C:\Programmi\No-IP\DUC20.exe
- C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
- C:\Programmi\Vidalia Bundle\Tor\tor.exe
- C:\Programmi\Vidalia Bundle\Polipo\polipo.exe
- C:\WINDOWS\system32\mdm.exe
- C:\Programmi\Mozilla Firefox\firefox.exe
- C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe
- C:\WINDOWS\System32\svchost.exe -k HTTPFilter
- C:\Programmi\Skype\Plugin Manager\skypePM.exe
- C:\Programmi\Windows Live\Messenger\msnmsgr.exe
- C:\Programmi\Windows Live\Contacts\wlcomm.exe
- C:\Programmi\Windows Live\Messenger\msnmsgr.exe
- C:\Documents and Settings\tonicooperi\Desktop\dds.scr
- ============== Pseudo HJT Report ===============
- uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xph&d=1109&m=aoa150
- BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll
- BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\programmi\microsoft office\office12\GrooveShellExtensions.dll
- BHO: Guida per l'accesso a Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmi\file comuni\microsoft shared\windows live\WindowsLiveLogin.dll
- BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll
- BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
- uRun: [Skype] "c:\programmi\skype\phone\Skype.exe" /nosplash /minimized
- uRun: [MSMSGS] "c:\programmi\messenger\msmsgs.exe" /background
- uRun: [DAEMON Tools Pro Agent] "c:\programmi\daemon tools pro\DTProAgent.exe"
- uRun: [ICQ] "c:\programmi\icq6.5\ICQ.exe" silent
- uRun: [Vidalia] "c:\programmi\vidalia bundle\vidalia\vidalia.exe"
- uRun: [SandboxieControl] "c:\programmi\sandboxie\SbieCtrl.exe"
- mRun: [LaunchApp] Alaunch
- mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
- mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
- mRun: [Persistence] c:\windows\system32\igfxpers.exe
- mRun: [RTHDCPL] RTHDCPL.EXE
- mRun: [AzMixerSel] c:\programmi\realtek\audio\installshield\AzMixerSel.exe
- mRun: [SynTPEnh] c:\programmi\synaptics\syntp\SynTPEnh.exe
- mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
- mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
- mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
- mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
- mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
- mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE
- mRun: [PLFSetL] c:\windows\PLFSetL.exe
- mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
- mRun: [avgnt] "c:\programmi\avira\antivir desktop\avgnt.exe" /min
- mRun: [SmcService] c:\progra~1\sygate\spf\smc.exe -startgui
- mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
- mRun: [GrooveMonitor] "c:\programmi\microsoft office\office12\GrooveMonitor.exe"
- mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"
- mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"
- mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"
- mRun: [FreePDF Assistant] c:\programmi\freepdf_xp\fpassist.exe
- mRun: [NokiaMServer] c:\programmi\file comuni\nokia\mplatform\NokiaMServer /watchfiles startup
- mRun: [QuickTime Task] "c:\programmi\quicktime\QTTask.exe" -atboottime
- mRun: [SmartAssemblyHelper] "c:\windows\system32\SmartAssemblyHelper.exe"
- mRun: [DannyHost] "c:\windows\system32\DannyHost.exe"
- mRun: [wmagent.exe] "c:\programmi\webmoney agent\wmagent.exe"
- StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\tonicooperi\dati applicazioni\dropbox\bin\Dropbox.exe
- StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\no-ipd~1.lnk - c:\programmi\no-ip\DUC20.exe
- StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\ritagl~1.lnk - c:\programmi\microsoft office\office12\ONENOTEM.EXE
- StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\interv~1.lnk - c:\programmi\intervideo\common\bin\WinCinemaMgr.exe
- IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
- IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
- IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\programmi\icq6.5\ICQ.exe
- IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmi\messenger\msmsgs.exe
- IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
- IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
- DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
- DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
- DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
- Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\programmi\microsoft office\office12\GrooveSystemServices.dll
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fileco~1\skype\SKYPE4~1.DLL
- Notify: igfxcui - igfxdev.dll
- SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
- SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\programmi\microsoft office\office12\GrooveShellExtensions.dll
- ================= FIREFOX ===================
- FF - ProfilePath - c:\docume~1\tonico~1\datiap~1\mozilla\firefox\profiles\vdkn7dv6.default\
- FF - prefs.js: browser.search.selectedEngine - Google
- FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
- FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
- FF - prefs.js: network.proxy.http - http://wpad.polimi.it/wpad.dat
- FF - prefs.js: network.proxy.http_port - 8080
- FF - prefs.js: network.proxy.type - 2
- FF - component: c:\programmi\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
- FF - plugin: c:\programmi\mozilla firefox\plugins\npdeployJava1.dll
- FF - plugin: c:\programmi\opera\program\plugins\np_gp.dll
- FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
- FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
- FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
- FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
- ---- FIREFOX POLICIES ----
- FF - user.js: yahoo.homepage.dontask - truec:\programmi\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
- c:\programmi\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
- c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
- c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
- c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
- c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
- c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
- c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
- c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
- c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
- c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
- ============= SERVICES / DRIVERS ===============
- R1 avgio;avgio;c:\programmi\avira\antivir desktop\avgio.sys [2009-11-18 11608]
- R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [2009-11-18 181120]
- R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [2009-11-18 51072]
- R2 AntiVirScheduler;Avira AntiVir Scheduler;c:\programmi\avira\antivir desktop\sched.exe [2009-11-18 108289]
- R2 AntiVirService;Avira AntiVir Guard;c:\programmi\avira\antivir desktop\avguard.exe [2009-11-18 185089]
- R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-18 56816]
- R3 SbieDrv;SbieDrv;c:\programmi\sandboxie\SbieDrv.sys [2010-4-17 115944]
- S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
- S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
- S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-24 137344]
- S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-24 8320]
- S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\vboxnetflt.sys --> c:\windows\system32\drivers\VBoxNetFlt.sys [?]
- S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
- S4 vsdatant;vsdatant; [x]
- =============== Created Last 30 ================
- 2010-06-01 18:35:29 0 d-----w- c:\docume~1\tonico~1\datiap~1\Malwarebytes
- 2010-06-01 18:35:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
- 2010-06-01 18:35:08 0 d-----w- c:\docume~1\alluse~1\datiap~1\Malwarebytes
- 2010-06-01 18:35:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
- 2010-06-01 18:35:05 0 d-----w- c:\programmi\Malwarebytes' Anti-Malware
- 2010-06-01 18:23:44 0 d-----w- c:\programmi\ESET
- 2010-06-01 15:56:06 0 d-----w- c:\programmi\Trend Micro
- 2010-05-31 14:13:50 64000 ----a-w- c:\windows\system32\ieframe.oca
- 2010-05-31 14:12:07 35840 ----a-w- c:\windows\system32\ComDlg32.oca
- 2010-05-31 14:12:06 22016 ----a-w- c:\windows\system32\MSWINSCK.oca
- 2010-05-31 14:12:03 265728 ----a-w- c:\windows\system32\MSCOMCTL.oca
- 2010-05-30 23:22:50 0 d-----w- c:\docume~1\tonico~1\datiap~1\WebMoney
- 2010-05-30 23:21:33 0 d-----w- c:\programmi\WebMoney Agent
- 2010-05-30 23:20:48 0 d-----w- c:\programmi\WebMoney
- 2010-05-30 13:20:21 0 dc-h--w- c:\docume~1\alluse~1\datiap~1\{E6CA0070-F119-46D3-AFA3-A16FB84FEFA0}
- 2010-05-30 13:20:05 0 d-----w- c:\programmi\Eziriz
- 2010-05-30 08:39:02 0 d-----w- c:\docume~1\tonico~1\datiap~1\TeamViewer
- 2010-05-30 08:38:46 0 d-----w- c:\programmi\TeamViewer
- 2010-05-29 19:17:57 307200 ----a-w- c:\windows\system32\msvcr70.dll
- 2010-05-29 19:15:09 233472 ----a-w- c:\windows\system32\fusion.dll
- 2010-05-29 19:14:00 348160 ----a-w- c:\windows\system32\MSVCR71.dll
- 2010-05-29 19:01:06 0 d-----w- c:\docume~1\alluse~1\datiap~1\{smartassembly}
- 2010-05-29 19:00:41 0 d-----w- c:\programmi\{smartassembly}
- 2010-05-29 15:57:55 0 d-----w- c:\programmi\Microsoft SQL Server
- 2010-05-29 15:57:21 0 d-----w- c:\programmi\Microsoft Synchronization Services
- 2010-05-29 15:57:20 0 d-----w- c:\programmi\Microsoft SQL Server Compact Edition
- 2010-05-29 15:51:18 0 d-----w- c:\programmi\Microsoft Help Viewer
- 2010-05-29 15:51:17 0 d-----w- c:\programmi\Microsoft Visual Studio 10.0
- 2010-05-29 13:45:57 165 ----a-w- c:\windows\system32\spupdsvc.inf
- 2010-05-28 20:41:39 185 ----a-w- c:\windows\mdm.ini
- 2010-05-28 20:41:24 288 ----a-w- c:\windows\ODBC.INI
- 2010-05-28 20:39:48 0 d-----w- c:\programmi\Web Publish
- 2010-05-28 20:29:12 7356 ----a-w- c:\windows\system32\javasup.vxd
- 2010-05-28 20:29:12 6550 ----a-w- c:\windows\jautoexp.dat
- 2010-05-28 20:29:12 42496 ----a-w- c:\windows\setdebug.exe
- 2010-05-28 20:29:12 313856 ----a-w- c:\windows\system32\dx3j.dll
- 2010-05-28 20:29:12 140048 ----a-w- c:\windows\system32\jit.dll
- 2010-05-28 20:29:12 135168 ----a-w- c:\windows\system32\javaee.dll
- 2010-05-28 15:23:46 0 d-----w- c:\programmi\No-IP
- 2010-05-27 18:17:33 0 d-----w- c:\docume~1\tonico~1\datiap~1\Dropbox
- 2010-05-27 14:13:04 0 d-----w- c:\programmi\UltraVPN
- 2010-05-26 22:33:57 0 d-----w- c:\windows\pss
- 2010-05-26 22:27:15 0 d-sh--r- c:\docume~1\tonico~1\datiap~1\recyclerr
- 2010-05-25 15:36:49 664 ----a-w- c:\windows\system32\d3d9caps.dat
- 2010-05-23 19:04:01 0 d-----w- c:\programmi\Siber Systems
- 2010-05-22 10:52:21 0 d-----r- C:\Sandbox
- 2010-05-22 10:52:12 1198 ----a-w- c:\windows\Sandboxie.ini
- 2010-05-22 10:52:04 0 d-----w- c:\programmi\Sandboxie
- 2010-05-22 08:46:01 0 d-----w- c:\docume~1\tonico~1\datiap~1\NoNameScript
- 2010-05-21 16:37:02 139 ----a-w- C:\TestICQ2.bin
- 2010-05-21 16:36:59 24243 ----a-w- c:\documents and settings\tonicooperi\check.ini
- 2010-05-18 20:52:39 0 d-----w- c:\programmi\HTTP-Tunnel
- 2010-05-18 18:30:29 0 d-----w- c:\docume~1\tonico~1\datiap~1\Tor
- 2010-05-18 18:30:26 0 d-----w- c:\programmi\Vidalia Bundle
- 2010-05-16 00:26:40 0 d-----w- c:\programmi\uTorrent
- 2010-05-13 17:25:35 0 d-----w- C:\GDPoker
- 2010-05-04 16:39:18 123856 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
- 2010-05-04 16:38:43 41680 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
- 2010-05-04 15:39:59 78848 ---ha-w- c:\windows\system32\mlfcache.dat
- ==================== Find3M ====================
- 2010-06-02 10:48:31 1660 ----a-w- c:\windows\bthservsdp.dat
- 2010-05-29 13:43:51 558320 ----a-w- c:\windows\system32\perfh010.dat
- 2010-05-29 13:43:51 106098 ----a-w- c:\windows\system32\perfc010.dat
- 2010-05-02 22:33:36 39156 ----a-w- c:\windows\fonts\BILLY ARGEL TRIAL___.otf
- 2010-04-19 21:45:39 223440 ----a-w- c:\windows\system32\drivers\truecrypt.sys
- 2010-04-19 16:33:20 695578 ----a-w- c:\windows\system32\unins000.exe
- 2010-04-12 15:29:19 411368 ----a-w- c:\windows\system32\deployJava1.dll
- 2010-03-18 14:47:22 17760 ----a-w- c:\windows\system32\aspnet_counters.dll
- 2010-03-18 11:16:28 771424 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
- 2010-03-18 11:16:28 70472 ----a-w- c:\windows\system32\dxva2.dll
- 2010-03-18 11:16:28 486216 ----a-w- c:\windows\system32\evr.dll
- 2010-03-18 08:09:00 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
- 2010-03-18 08:09:00 49488 ----a-w- c:\windows\system32\netfxperf.dll
- 2010-03-18 08:09:00 297808 ----a-w- c:\windows\system32\mscoree.dll
- 2010-03-18 08:09:00 295264 ----a-w- c:\windows\system32\PresentationHost.exe
- 2010-03-18 07:15:26 80720 ----a-w- c:\windows\system32\mfcm100u.dll
- 2010-03-18 07:15:26 80208 ----a-w- c:\windows\system32\mfcm100.dll
- 2010-03-18 07:15:26 770384 ----a-w- c:\windows\system32\msvcr100.dll
- 2010-03-18 07:15:26 4368720 ----a-w- c:\windows\system32\mfc100u.dll
- 2010-03-18 07:15:26 4342088 ----a-w- c:\windows\system32\mfc100.dll
- 2010-03-18 07:15:26 421200 ----a-w- c:\windows\system32\msvcp100.dll
- 2010-03-18 07:15:26 138056 ----a-w- c:\windows\system32\atl100.dll
- 2010-03-10 06:15:53 420352 ----a-w- c:\windows\system32\vbscript.dll
- 2009-11-18 08:02:53 32768 --sha-w- c:\windows\system32\config\systemprofile\impostazioni locali\cronologia\history.ie5\mshist012009111820091119\index.dat
- 2008-08-20 19:26:24 32768 --sha-w- c:\windows\system32\config\systemprofile\impostazioni locali\dati applicazioni\microsoft\feeds cache\index.dat
- ============= FINISH: 14.32.38,25 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement