View difference between Paste ID: <a href="/V6CxafzZ">V6CxafzZ</a> and <a href="/post/view"></a>

View difference between Paste ID: V6CxafzZ and
SHOW: | | - or go back to the newest paste.

DDS (Ver_10-03-17.01) - NTFSx86  
Run by tonicooperi at 14.31.53,54 on 02/06/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition  5.1.2600.3.1252.39.1040.18.1012.80 [GMT 2:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated)   {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated)   {00000002-0002-0000-7C25-9E7C08000A00}
FW: Sygate Personal Firewall *enabled*   {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Programmi\Sygate\SPF\smc.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
svchost.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\FreePDF_XP\fpassist.exe
C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\SmartAssemblyHelper.exe
C:\WINDOWS\system32\DannyHost.exe
C:\Programmi\WebMoney Agent\wmagent.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\DAEMON Tools Pro\DTProAgent.exe
C:\Programmi\ICQ6.5\ICQ.exe
C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe
C:\Programmi\Sandboxie\SbieCtrl.exe
C:\DOCUME~1\TONICO~1\IMPOST~1\Temp\RtkBtMnt.exe
C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\tonicooperi\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\No-IP\DUC20.exe
C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
C:\Programmi\Vidalia Bundle\Tor\tor.exe
C:\Programmi\Vidalia Bundle\Polipo\polipo.exe
C:\WINDOWS\system32\mdm.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\tonicooperi\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xph&d=1109&m=aoa150
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\programmi\microsoft office\office12\GrooveShellExtensions.dll
BHO: Guida per l'accesso a Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmi\file comuni\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Skype] "c:\programmi\skype\phone\Skype.exe" /nosplash /minimized
uRun: [MSMSGS] "c:\programmi\messenger\msmsgs.exe" /background
uRun: [DAEMON Tools Pro Agent] "c:\programmi\daemon tools pro\DTProAgent.exe"
uRun: [ICQ] "c:\programmi\icq6.5\ICQ.exe" silent
uRun: [Vidalia] "c:\programmi\vidalia bundle\vidalia\vidalia.exe"
uRun: [SandboxieControl] "c:\programmi\sandboxie\SbieCtrl.exe"
mRun: [LaunchApp] Alaunch
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\programmi\realtek\audio\installshield\AzMixerSel.exe
mRun: [SynTPEnh] c:\programmi\synaptics\syntp\SynTPEnh.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
mRun: [avgnt] "c:\programmi\avira\antivir desktop\avgnt.exe" /min
mRun: [SmcService] c:\progra~1\sygate\spf\smc.exe -startgui
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [GrooveMonitor] "c:\programmi\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"
mRun: [FreePDF Assistant] c:\programmi\freepdf_xp\fpassist.exe
mRun: [NokiaMServer] c:\programmi\file comuni\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [QuickTime Task] "c:\programmi\quicktime\QTTask.exe" -atboottime
mRun: [SmartAssemblyHelper] "c:\windows\system32\SmartAssemblyHelper.exe"
mRun: [DannyHost] "c:\windows\system32\DannyHost.exe"
mRun: [wmagent.exe] "c:\programmi\webmoney agent\wmagent.exe"
StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\tonicooperi\dati applicazioni\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\no-ipd~1.lnk - c:\programmi\no-ip\DUC20.exe
StartupFolder: c:\docume~1\tonico~1\menuav~1\progra~1\esecuz~1\ritagl~1.lnk - c:\programmi\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\interv~1.lnk - c:\programmi\intervideo\common\bin\WinCinemaMgr.exe
IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\programmi\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmi\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\programmi\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fileco~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\programmi\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\tonico~1\datiap~1\mozilla\firefox\profiles\vdkn7dv6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.http - http://wpad.polimi.it/wpad.dat
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 2
FF - component: c:\programmi\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmi\opera\program\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\programmi\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\programmi\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\programmi\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\programmi\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmi\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\programmi\avira\antivir desktop\avgio.sys [2009-11-18 11608]
R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [2009-11-18 181120]
R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [2009-11-18 51072]
R2 AntiVirScheduler;Avira AntiVir Scheduler;c:\programmi\avira\antivir desktop\sched.exe [2009-11-18 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\programmi\avira\antivir desktop\avguard.exe [2009-11-18 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-18 56816]
R3 SbieDrv;SbieDrv;c:\programmi\sandboxie\SbieDrv.sys [2010-4-17 115944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-24 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-24 8320]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\vboxnetflt.sys --> c:\windows\system32\drivers\VBoxNetFlt.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 vsdatant;vsdatant; [x]

=============== Created Last 30 ================

2010-06-01 18:35:29	0	d-----w-	c:\docume~1\tonico~1\datiap~1\Malwarebytes
2010-06-01 18:35:15	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-01 18:35:08	0	d-----w-	c:\docume~1\alluse~1\datiap~1\Malwarebytes
2010-06-01 18:35:06	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-06-01 18:35:05	0	d-----w-	c:\programmi\Malwarebytes' Anti-Malware
2010-06-01 18:23:44	0	d-----w-	c:\programmi\ESET
2010-06-01 15:56:06	0	d-----w-	c:\programmi\Trend Micro
2010-05-31 14:13:50	64000	----a-w-	c:\windows\system32\ieframe.oca
2010-05-31 14:12:07	35840	----a-w-	c:\windows\system32\ComDlg32.oca
2010-05-31 14:12:06	22016	----a-w-	c:\windows\system32\MSWINSCK.oca
2010-05-31 14:12:03	265728	----a-w-	c:\windows\system32\MSCOMCTL.oca
2010-05-30 23:22:50	0	d-----w-	c:\docume~1\tonico~1\datiap~1\WebMoney
2010-05-30 23:21:33	0	d-----w-	c:\programmi\WebMoney Agent
2010-05-30 23:20:48	0	d-----w-	c:\programmi\WebMoney
2010-05-30 13:20:21	0	dc-h--w-	c:\docume~1\alluse~1\datiap~1\{E6CA0070-F119-46D3-AFA3-A16FB84FEFA0}
2010-05-30 13:20:05	0	d-----w-	c:\programmi\Eziriz
2010-05-30 08:39:02	0	d-----w-	c:\docume~1\tonico~1\datiap~1\TeamViewer
2010-05-30 08:38:46	0	d-----w-	c:\programmi\TeamViewer
2010-05-29 19:17:57	307200	----a-w-	c:\windows\system32\msvcr70.dll
2010-05-29 19:15:09	233472	----a-w-	c:\windows\system32\fusion.dll
2010-05-29 19:14:00	348160	----a-w-	c:\windows\system32\MSVCR71.dll
2010-05-29 19:01:06	0	d-----w-	c:\docume~1\alluse~1\datiap~1\{smartassembly}
2010-05-29 19:00:41	0	d-----w-	c:\programmi\{smartassembly}
2010-05-29 15:57:55	0	d-----w-	c:\programmi\Microsoft SQL Server
2010-05-29 15:57:21	0	d-----w-	c:\programmi\Microsoft Synchronization Services
2010-05-29 15:57:20	0	d-----w-	c:\programmi\Microsoft SQL Server Compact Edition
2010-05-29 15:51:18	0	d-----w-	c:\programmi\Microsoft Help Viewer
2010-05-29 15:51:17	0	d-----w-	c:\programmi\Microsoft Visual Studio 10.0
2010-05-29 13:45:57	165	----a-w-	c:\windows\system32\spupdsvc.inf
2010-05-28 20:41:39	185	----a-w-	c:\windows\mdm.ini
2010-05-28 20:41:24	288	----a-w-	c:\windows\ODBC.INI
2010-05-28 20:39:48	0	d-----w-	c:\programmi\Web Publish
2010-05-28 20:29:12	7356	----a-w-	c:\windows\system32\javasup.vxd
2010-05-28 20:29:12	6550	----a-w-	c:\windows\jautoexp.dat
2010-05-28 20:29:12	42496	----a-w-	c:\windows\setdebug.exe
2010-05-28 20:29:12	313856	----a-w-	c:\windows\system32\dx3j.dll
2010-05-28 20:29:12	140048	----a-w-	c:\windows\system32\jit.dll
2010-05-28 20:29:12	135168	----a-w-	c:\windows\system32\javaee.dll
2010-05-28 15:23:46	0	d-----w-	c:\programmi\No-IP
2010-05-27 18:17:33	0	d-----w-	c:\docume~1\tonico~1\datiap~1\Dropbox
2010-05-27 14:13:04	0	d-----w-	c:\programmi\UltraVPN
2010-05-26 22:33:57	0	d-----w-	c:\windows\pss
2010-05-26 22:27:15	0	d-sh--r-	c:\docume~1\tonico~1\datiap~1\recyclerr
2010-05-25 15:36:49	664	----a-w-	c:\windows\system32\d3d9caps.dat
2010-05-23 19:04:01	0	d-----w-	c:\programmi\Siber Systems
2010-05-22 10:52:21	0	d-----r-	C:\Sandbox
2010-05-22 10:52:12	1198	----a-w-	c:\windows\Sandboxie.ini
2010-05-22 10:52:04	0	d-----w-	c:\programmi\Sandboxie
2010-05-22 08:46:01	0	d-----w-	c:\docume~1\tonico~1\datiap~1\NoNameScript
2010-05-21 16:37:02	139	----a-w-	C:\TestICQ2.bin
2010-05-21 16:36:59	24243	----a-w-	c:\documents and settings\tonicooperi\check.ini
2010-05-18 20:52:39	0	d-----w-	c:\programmi\HTTP-Tunnel
2010-05-18 18:30:29	0	d-----w-	c:\docume~1\tonico~1\datiap~1\Tor
2010-05-18 18:30:26	0	d-----w-	c:\programmi\Vidalia Bundle
2010-05-16 00:26:40	0	d-----w-	c:\programmi\uTorrent
2010-05-13 17:25:35	0	d-----w-	C:\GDPoker
2010-05-04 16:39:18	123856	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2010-05-04 16:38:43	41680	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2010-05-04 15:39:59	78848	---ha-w-	c:\windows\system32\mlfcache.dat

==================== Find3M  ====================

2010-06-02 10:48:31	1660	----a-w-	c:\windows\bthservsdp.dat
2010-05-29 13:43:51	558320	----a-w-	c:\windows\system32\perfh010.dat
2010-05-29 13:43:51	106098	----a-w-	c:\windows\system32\perfc010.dat
2010-05-02 22:33:36	39156	----a-w-	c:\windows\fonts\BILLY ARGEL TRIAL___.otf
2010-04-19 21:45:39	223440	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2010-04-19 16:33:20	695578	----a-w-	c:\windows\system32\unins000.exe
2010-04-12 15:29:19	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-03-18 14:47:22	17760	----a-w-	c:\windows\system32\aspnet_counters.dll
2010-03-18 11:16:28	771424	----a-w-	c:\windows\system32\msvcr100_clr0400.dll
2010-03-18 11:16:28	70472	----a-w-	c:\windows\system32\dxva2.dll
2010-03-18 11:16:28	486216	----a-w-	c:\windows\system32\evr.dll
2010-03-18 08:09:00	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-03-18 08:09:00	49488	----a-w-	c:\windows\system32\netfxperf.dll
2010-03-18 08:09:00	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-03-18 08:09:00	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-03-18 07:15:26	80720	----a-w-	c:\windows\system32\mfcm100u.dll
2010-03-18 07:15:26	80208	----a-w-	c:\windows\system32\mfcm100.dll
2010-03-18 07:15:26	770384	----a-w-	c:\windows\system32\msvcr100.dll
2010-03-18 07:15:26	4368720	----a-w-	c:\windows\system32\mfc100u.dll
2010-03-18 07:15:26	4342088	----a-w-	c:\windows\system32\mfc100.dll
2010-03-18 07:15:26	421200	----a-w-	c:\windows\system32\msvcp100.dll
2010-03-18 07:15:26	138056	----a-w-	c:\windows\system32\atl100.dll
2010-03-10 06:15:53	420352	----a-w-	c:\windows\system32\vbscript.dll
2009-11-18 08:02:53	32768	--sha-w-	c:\windows\system32\config\systemprofile\impostazioni locali\cronologia\history.ie5\mshist012009111820091119\index.dat
2008-08-20 19:26:24	32768	--sha-w-	c:\windows\system32\config\systemprofile\impostazioni locali\dati applicazioni\microsoft\feeds cache\index.dat

============= FINISH: 14.32.38,25 ===============