Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2014 01 Ran by tit angela (administrator) on NOME-FD7AA3C136 on 09-01-2014 04:37:18 Running from C:\Documents and Settings\tit angela\Desktop Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Italian Standard Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Broadcom Corporation.) C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Samsung Electronics,.LTD) C:\Programmi\Samsung\Samsung EDS\EDSAgent.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Oracle Corporation) C:\Programmi\Java\jre7\bin\jqs.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Synaptics, Inc.) C:\Programmi\Synaptics\SynTP\SynTPEnh.exe () C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe (SAMSUNG Electronics) C:\Programmi\Samsung\Easy Display Manager\dmhkcore.exe () C:\Programmi\AVG SafeGuard toolbar\vprot.exe (Oracle Corporation) C:\Programmi\File comuni\Java\Java Update\jusched.exe (SAMSUNG Electronics Co., Ltd.) C:\Programmi\Samsung\MagicKBD\MagicKBD.exe (Samsung Electronics Co., Ltd.) C:\Programmi\Samsung\MagicKBD\PerformanceManager.exe (Microsoft Corporation) C:\Programmi\Messenger\msmsgs.exe (Symantec Corporation) C:\Programmi\Norton 360\Engine\21.1.0.18\N360.exe (PC Tools) C:\Programmi\File comuni\PC Tools\sMonitor\StartManSvc.exe (AVG Secure Search) C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe (Broadcom Corporation.) C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe (Symantec Corporation) C:\Programmi\Norton 360\Engine\21.1.0.18\N360.exe (Yahoo! Inc.) C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe () C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe (Broadcom Corporation.) C:\Programmi\WIDCOMM\Bluetooth Software\BTStackServer.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe (Yahoo! Inc.) C:\Programmi\Yahoo!\Messenger\Ymsgr_tray.exe (OldTimer Tools) C:\Documents and Settings\tit angela\Desktop\OTL.scr ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16851456 2008-08-26] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [57344 2008-06-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [EDS] - C:\Programmi\Samsung\Samsung EDS\EDSAgent.exe [659456 2007-12-20] (Samsung Electronics,.LTD) HKLM\...\Run: [SynTPEnh] - C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [1044480 2008-08-28] (Synaptics, Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM\...\Run: [DMHotKey] - C:\Programmi\Samsung\Easy Display Manager\DMLoader.exe [466944 2006-12-27] (SAMSUNG Electronics) HKLM\...\Run: [BatteryManager] - C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe [2768896 2008-10-20] () HKLM\...\Run: [MagicKeyboard] - C:\Programmi\Samsung\MagicKBD\PreMKbd.exe [151552 2006-05-14] () HKLM\...\Run: [vProt] - C:\Programmi\AVG SafeGuard toolbar\vprot.exe [2471448 2014-01-08] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Programmi\File comuni\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [MSMSGS] - C:\Programmi\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation) HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe [138096 2013-06-30] (Facebook Inc.) HKCU\...\Run: [Messenger (Yahoo!)] - C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Documents and Settings\tit angela\Dati applicazioni\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=09cb2f58a99247d285f3d16d6a2795d8-c987c70f4c0b88e45329079c210253387c862b49 /CMPID=1213b MountPoints2: {0a2eb9ca-bf28-11de-87ab-00242c33753e} - E:\autorun.exe MountPoints2: {f31e1f8c-f7e0-11e0-a974-001377f77f95} - E:\autorun.exe MountPoints2: {f46f6164-c20b-11de-a8a2-00242cc37c2b} - E:\setup_vmc_lite.exe /checkApplicationPresence MountPoints2: {f46f6165-c20b-11de-a8a2-00242cc37c2b} - E:\setup_vmc_lite.exe /checkApplicationPresence HKU\Administrator\...\Run: [swg] - C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe HKU\Default User\...\Run: [swg] - C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk ShortcutTarget: BTTray.lnk -> C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ro/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={73A539DD-EBB7-45E4-A255-6BAE5919AE87}&mid=09cb2f58a99247d285f3d16d6a2795d8-c987c70f4c0b88e45329079c210253387c862b49&lang=it&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-08 15:02:12&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={73A539DD-EBB7-45E4-A255-6BAE5919AE87}&mid=09cb2f58a99247d285f3d16d6a2795d8-c987c70f4c0b88e45329079c210253387c862b49&lang=it&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-08 15:02:12&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms} BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmi\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programmi\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programmi\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation) Toolbar: HKCU - &Indirizzo - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - Co&llegamenti - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programmi\File comuni\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search) ShellExecuteHooks: Hook per l'esecuzione degli URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8492032 2012-06-08] (Microsoft Corporation) Chrome: ======= CHR Extension: (Docs) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (AVG SafeGuard) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.2.0.38_0 CHR Extension: (Gmail) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Ask Toolbar) - C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pljcgbedjplidkdjahbaalanadmjfgop\26.63936_0 CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Programmi\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Dati applicazioni\AVG SafeGuard toolbar\ChromeExt\17.2.0.38\avg.crx ========================== Services (Whitelisted) ================= R2 btwdins; C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe [264800 2008-09-17] (Broadcom Corporation.) S2 gupdate; C:\Programmi\Google\Update\GoogleUpdate.exe [135664 2010-08-26] (Google Inc.) S3 gupdatem; C:\Programmi\Google\Update\GoogleUpdate.exe [135664 2010-08-26] (Google Inc.) S2 MBAMScheduler; C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Programmi\Norton 360\Engine\21.1.0.18\diMaster.dll [567600 2013-10-08] (Symantec Corporation) R2 NwSapAgent; C:\Windows\System32\ipxsap.dll [66560 2008-04-14] (Microsoft Corporation) R2 PCToolsSSDMonitorSvc; C:\Programmi\File comuni\PC Tools\sMonitor\StartManSvc.exe [583640 2009-10-14] (PC Tools) S2 Samsung Update Plus; C:\Programmi\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] () R2 vToolbarUpdater17.2.0; C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search) R2 YahooAUService; C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392 2008-11-09] (Yahoo! Inc.) R2 JavaQuickStarterService; "C:\Programmi\Java\jre7\bin\jqs.exe" -service -config "C:\Programmi\Java\jre7\lib\deploy\jqs\jqs.conf" R2 yksvc; RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [x] ==================== Drivers (Whitelisted) ==================== R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1334432 2008-10-08] (Atheros Communications, Inc.) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2014-01-08] (AVG Technologies) R1 BHDrvx86; C:\Programmi\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-09-26] (Symantec Corporation) R3 btaudio; C:\Windows\System32\drivers\btaudio.sys [539640 2008-07-27] (Broadcom Corporation.) R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37424 2008-07-27] (Broadcom Corporation.) R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [879832 2008-07-29] (Broadcom Corporation.) R3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156816 2008-07-29] (Broadcom Corporation.) R3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [74688 2008-07-27] (Broadcom Corporation.) S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation) R3 DNSeFilter; C:\Windows\System32\drivers\SamsungEDS.sys [30208 2008-01-14] (Samsung Electronics,.LTD) R2 DOSMEMIO; C:\WINDOWS\system32\MEMIO.SYS [4300 2005-10-27] () R1 eeCtrl; C:\Programmi\File comuni\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-10-04] (Symantec Corporation) U3 EraserUtilDrv11311; C:\Programmi\File comuni\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [108120 2013-10-04] (Symantec Corporation) R3 IDSxpx86; C:\Programmi\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSxpx86.sys [380824 2013-09-24] (Symantec Corporation) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2014-01-09] () S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\Programmi\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVENG.SYS [93272 2013-10-04] (Symantec Corporation) R3 NAVEX15; C:\Programmi\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVEX15.SYS [1612376 2013-10-04] (Symantec Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation) R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation) R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation) S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2008-10-22] (TCT International Mobile Ltd) R3 SRTSP; C:\Windows\system32\drivers\N360\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation) S3 SUEPD; C:\Windows\System32\DRIVERS\SUE_PD.sys [19840 2006-08-01] (Samsung) R0 SymDS; C:\Windows\System32\drivers\N360\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2014-01-09] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation) R1 SYMTDI; C:\Windows\system32\drivers\N360\1501000.012\SYMTDI.SYS [421592 2013-09-26] (Symantec Corporation) R3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [238464 2008-09-23] (Vimicro Corporation) R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [291328 2008-11-07] (Marvell) S4 IntelIde; No ImagePath U3 ugdcrkoc; \??\C:\DOCUME~1\TITANG~1\IMPOST~1\Temp\ugdcrkoc.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-09 04:37 - 2014-01-09 04:37 - 00018202 _____ C:\Documents and Settings\tit angela\Desktop\FRST.txt 2014-01-09 04:36 - 2014-01-09 04:36 - 00000000 ____D C:\FRST 2014-01-09 04:35 - 2014-01-09 04:35 - 00099646 _____ C:\Documents and Settings\tit angela\Desktop\OTL.Txt 2014-01-09 04:35 - 2014-01-09 04:35 - 00031264 _____ C:\Documents and Settings\tit angela\Desktop\Extras.Txt 2014-01-09 04:26 - 2014-01-09 04:18 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\tit angela\Desktop\OTL.scr 2014-01-09 03:49 - 2014-01-09 03:49 - 00020977 _____ C:\Documents and Settings\tit angela\Documenti\GMERowanie.txt 2014-01-09 02:48 - 2014-01-09 02:38 - 00377856 _____ C:\Documents and Settings\tit angela\Desktop\513ts556.exe 2014-01-09 02:48 - 2014-01-09 02:36 - 01065947 _____ (Farbar) C:\Documents and Settings\tit angela\Desktop\FRST.exe 2014-01-09 01:27 - 2014-01-09 01:42 - 00000000 ____D C:\Programmi\File comuni\Symantec Shared 2014-01-09 01:27 - 2014-01-09 01:27 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 2014-01-09 01:27 - 2014-01-09 01:27 - 00008194 _____ C:\WINDOWS\system32\Drivers\SYMEVENT.CAT 2014-01-09 01:27 - 2014-01-09 01:27 - 00001783 _____ C:\Documents and Settings\All Users\Desktop\Norton 360.LNK 2014-01-09 01:27 - 2014-01-09 01:27 - 00000000 ____D C:\Programmi\Symantec 2014-01-09 01:24 - 2014-01-09 01:27 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Norton 360 2014-01-09 01:24 - 2014-01-09 01:24 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360 2014-01-09 01:24 - 2014-01-09 01:24 - 00000000 ____D C:\Programmi\Norton 360 2014-01-09 01:02 - 2014-01-09 01:02 - 00035144 _____ C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\Malwarebytes 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes 2014-01-08 23:23 - 2014-01-08 23:24 - 00000000 ____D C:\Programmi\Malwarebytes' Anti-Malware 2014-01-08 23:23 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\tit angela\Menu Avvio\Programmi\WinRAR 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\WinRAR 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinRAR 2014-01-08 23:21 - 2014-01-08 23:22 - 00000000 ____D C:\Programmi\WinRAR 2014-01-08 21:52 - 2014-01-08 21:55 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2014-01-08 21:43 - 2014-01-08 21:43 - 00000000 ____D C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Avg2014 2014-01-08 21:42 - 2014-01-08 21:49 - 00000194 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2014-01-08 21:42 - 2014-01-08 21:43 - 00000000 ___HD C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni 2014-01-08 21:42 - 2014-01-08 21:42 - 00000000 ____D C:\Documents and Settings\Administrator 2014-01-08 21:42 - 2010-06-03 20:54 - 00000000 ___SD C:\Documents and Settings\Administrator\Impostazioni locali\Cronologia 2014-01-08 21:42 - 2009-10-22 18:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Avvio\Programmi 2014-01-08 21:42 - 2009-04-18 17:16 - 00000000 ___RD C:\Documents and Settings\Administrator\Documenti 2014-01-08 21:42 - 2009-04-18 17:16 - 00000000 ____D C:\Documents and Settings\Administrator\Documenti\Play Camera Media 2014-01-08 21:42 - 2009-02-12 16:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica 2014-01-08 21:42 - 2009-02-12 16:59 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Avvio 2014-01-08 21:42 - 2009-02-12 16:59 - 00000000 ___HD C:\Documents and Settings\Administrator\Risorse di stampa 2014-01-08 21:42 - 2009-02-12 16:59 - 00000000 ___HD C:\Documents and Settings\Administrator\Risorse di rete 2014-01-08 21:42 - 2009-02-12 16:59 - 00000000 ___HD C:\Documents and Settings\Administrator\Impostazioni locali 2014-01-08 21:42 - 2009-02-12 16:16 - 00000000 ____D C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Adobe 2014-01-08 21:42 - 2009-02-12 16:14 - 00000000 __RHD C:\Documents and Settings\Administrator\Dati applicazioni 2014-01-08 21:42 - 2009-02-12 16:14 - 00000000 ____D C:\Documents and Settings\Administrator\Dati applicazioni\InstallShield 2014-01-08 21:42 - 2009-02-12 16:11 - 00000747 _____ C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Internet Explorer.lnk 2014-01-08 21:42 - 2009-02-12 16:11 - 00000718 _____ C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Outlook Express.lnk 2014-01-08 21:42 - 2009-02-12 16:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Preferiti 2014-01-08 21:42 - 2009-02-12 16:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Accessori 2014-01-08 21:42 - 2009-02-12 16:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Documenti\Musica 2014-01-08 21:42 - 2009-02-12 16:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Documenti\Immagini 2014-01-08 21:42 - 2009-02-12 16:10 - 00000000 ____D C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\{3248F0A6-6813-11D6-A77B-00B0D0150000} 2014-01-08 21:42 - 2009-02-12 16:07 - 00001599 _____ C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Assistenza remota.lnk 2014-01-08 21:42 - 2009-02-12 16:03 - 00000000 ___HD C:\Documents and Settings\Administrator\Modelli 2014-01-08 17:40 - 2014-01-08 17:40 - 00001775 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-01-08 17:40 - 2014-01-08 17:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Chrome 2014-01-08 15:11 - 2014-01-08 15:11 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\APN 2014-01-08 15:09 - 2014-01-08 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Java 2014-01-08 15:09 - 2014-01-08 15:08 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-08 15:09 - 2014-01-08 15:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-08 15:09 - 2014-01-08 15:08 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-08 15:09 - 2014-01-08 15:08 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\WINDOWS\system32\cache 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG Security Toolbar 2014-01-08 15:02 - 2014-01-08 15:01 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys 2014-01-08 15:01 - 2014-01-08 19:48 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 15:01 - 2014-01-08 15:02 - 00000000 ____D C:\Programmi\File comuni\AVG Secure Search 2014-01-08 15:01 - 2014-01-08 15:01 - 00000000 ____D C:\Programmi\AVG SafeGuard toolbar 2014-01-07 12:41 - 2014-01-07 12:41 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\AVG2014 2014-01-07 12:39 - 2014-01-07 12:39 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\TuneUp Software 2014-01-07 12:36 - 2014-01-09 01:19 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG2014 2014-01-07 12:35 - 2014-01-09 01:20 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\MFAData 2014-01-07 12:35 - 2014-01-07 13:08 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Avg2014 2014-01-07 12:35 - 2014-01-07 12:35 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\MFAData 2013-12-21 21:13 - 2013-12-21 21:13 - 00006580 _____ C:\WINDOWS\KB2904266.log 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$ 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-21 21:10 - 2013-12-21 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-21 21:10 - 2013-12-21 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-21 21:09 - 2013-12-21 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-21 19:18 - 2013-12-21 21:13 - 00015207 _____ C:\WINDOWS\KB2898785.log 2013-12-21 19:18 - 2013-12-21 21:13 - 00014458 _____ C:\WINDOWS\KB2898715.log 2013-12-21 19:18 - 2013-12-21 21:10 - 00011495 _____ C:\WINDOWS\KB2893984.log 2013-12-21 19:18 - 2013-12-21 21:10 - 00010672 _____ C:\WINDOWS\KB2893294.log 2013-12-21 19:18 - 2013-12-21 21:09 - 00010068 _____ C:\WINDOWS\KB2892075.log ==================== One Month Modified Files and Folders ======= 2014-01-09 04:37 - 2014-01-09 04:37 - 00018202 _____ C:\Documents and Settings\tit angela\Desktop\FRST.txt 2014-01-09 04:36 - 2014-01-09 04:36 - 00000000 ____D C:\FRST 2014-01-09 04:35 - 2014-01-09 04:35 - 00099646 _____ C:\Documents and Settings\tit angela\Desktop\OTL.Txt 2014-01-09 04:35 - 2014-01-09 04:35 - 00031264 _____ C:\Documents and Settings\tit angela\Desktop\Extras.Txt 2014-01-09 04:27 - 2010-08-26 20:36 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-09 04:18 - 2014-01-09 04:26 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\tit angela\Desktop\OTL.scr 2014-01-09 03:56 - 2013-07-22 08:56 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-09 03:49 - 2014-01-09 03:49 - 00020977 _____ C:\Documents and Settings\tit angela\Documenti\GMERowanie.txt 2014-01-09 03:49 - 2009-10-22 18:11 - 00000000 ___RD C:\Documents and Settings\tit angela\Documenti 2014-01-09 03:38 - 2013-05-09 18:57 - 00001030 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4159745607-663305977-4172335611-1005UA.job 2014-01-09 03:00 - 2009-02-12 16:05 - 01308709 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-09 02:38 - 2014-01-09 02:48 - 00377856 _____ C:\Documents and Settings\tit angela\Desktop\513ts556.exe 2014-01-09 02:36 - 2014-01-09 02:48 - 01065947 _____ (Farbar) C:\Documents and Settings\tit angela\Desktop\FRST.exe 2014-01-09 01:42 - 2014-01-09 01:27 - 00000000 ____D C:\Programmi\File comuni\Symantec Shared 2014-01-09 01:39 - 2013-07-20 08:57 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Norton 2014-01-09 01:38 - 2012-11-05 13:48 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-01-09 01:37 - 2010-08-26 20:36 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-09 01:37 - 2009-02-12 17:02 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-01-09 01:37 - 2009-02-12 17:02 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-01-09 01:37 - 2009-02-12 16:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-09 01:36 - 2009-10-22 18:11 - 00000194 ___SH C:\Documents and Settings\tit angela\ntuser.ini 2014-01-09 01:29 - 2009-02-12 16:10 - 00032564 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-09 01:27 - 2014-01-09 01:27 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 2014-01-09 01:27 - 2014-01-09 01:27 - 00008194 _____ C:\WINDOWS\system32\Drivers\SYMEVENT.CAT 2014-01-09 01:27 - 2014-01-09 01:27 - 00001783 _____ C:\Documents and Settings\All Users\Desktop\Norton 360.LNK 2014-01-09 01:27 - 2014-01-09 01:27 - 00000000 ____D C:\Programmi\Symantec 2014-01-09 01:27 - 2014-01-09 01:24 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Norton 360 2014-01-09 01:27 - 2009-02-12 16:59 - 00000000 ___RD C:\Programmi 2014-01-09 01:27 - 2009-02-12 16:59 - 00000000 ____D C:\Programmi\File comuni 2014-01-09 01:24 - 2014-01-09 01:24 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360 2014-01-09 01:24 - 2014-01-09 01:24 - 00000000 ____D C:\Programmi\Norton 360 2014-01-09 01:24 - 2009-02-12 16:59 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Avvio\Programmi 2014-01-09 01:20 - 2014-01-07 12:35 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\MFAData 2014-01-09 01:19 - 2014-01-07 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG2014 2014-01-09 01:19 - 2010-08-30 08:21 - 00333872 _____ C:\WINDOWS\setupapi.log 2014-01-09 01:11 - 2009-02-12 16:59 - 01520751 _____ C:\WINDOWS\FaxSetup.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00738802 _____ C:\WINDOWS\ocgen.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00589071 _____ C:\WINDOWS\tsoc.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00515758 _____ C:\WINDOWS\comsetup.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00312530 _____ C:\WINDOWS\ntdtcsetup.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00243288 _____ C:\WINDOWS\iis6.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00095152 _____ C:\WINDOWS\ocmsn.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00076437 _____ C:\WINDOWS\msgsocm.log 2014-01-09 01:11 - 2009-02-12 16:59 - 00001891 _____ C:\WINDOWS\imsins.log 2014-01-09 01:02 - 2014-01-09 01:02 - 00035144 _____ C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-01-08 23:39 - 2013-11-13 22:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\Malwarebytes 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware 2014-01-08 23:24 - 2014-01-08 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes 2014-01-08 23:24 - 2014-01-08 23:23 - 00000000 ____D C:\Programmi\Malwarebytes' Anti-Malware 2014-01-08 23:24 - 2009-10-22 18:11 - 00000000 __RHD C:\Documents and Settings\tit angela\Dati applicazioni 2014-01-08 23:24 - 2009-02-12 16:59 - 00000000 __RHD C:\Documents and Settings\All Users\Dati applicazioni 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\tit angela\Menu Avvio\Programmi\WinRAR 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\WinRAR 2014-01-08 23:22 - 2014-01-08 23:22 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinRAR 2014-01-08 23:22 - 2014-01-08 23:21 - 00000000 ____D C:\Programmi\WinRAR 2014-01-08 23:22 - 2009-10-22 18:11 - 00000000 ___RD C:\Documents and Settings\tit angela\Menu Avvio\Programmi 2014-01-08 21:55 - 2014-01-08 21:52 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2014-01-08 21:49 - 2014-01-08 21:42 - 00000194 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2014-01-08 21:43 - 2014-01-08 21:43 - 00000000 ____D C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Avg2014 2014-01-08 21:43 - 2014-01-08 21:42 - 00000000 ___HD C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni 2014-01-08 21:42 - 2014-01-08 21:42 - 00000000 ____D C:\Documents and Settings\Administrator 2014-01-08 19:48 - 2014-01-08 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 19:48 - 2009-10-22 18:58 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Google 2014-01-08 19:48 - 2009-02-12 16:17 - 00000000 ____D C:\Programmi\Google 2014-01-08 19:48 - 2009-02-12 16:17 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Google 2014-01-08 17:40 - 2014-01-08 17:40 - 00001775 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-01-08 17:40 - 2014-01-08 17:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Chrome 2014-01-08 17:25 - 2013-10-02 11:51 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\visi_coupon 2014-01-08 15:11 - 2014-01-08 15:11 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\APN 2014-01-08 15:09 - 2014-01-08 15:09 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Java 2014-01-08 15:09 - 2009-02-12 16:10 - 00000000 ____D C:\Programmi\File comuni\Java 2014-01-08 15:08 - 2014-01-08 15:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-08 15:08 - 2014-01-08 15:09 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-08 15:08 - 2014-01-08 15:09 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-08 15:08 - 2014-01-08 15:09 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-08 15:08 - 2013-06-19 19:37 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\WINDOWS\system32\cache 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\AVG SafeGuard toolbar 2014-01-08 15:02 - 2014-01-08 15:02 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVG Security Toolbar 2014-01-08 15:02 - 2014-01-08 15:01 - 00000000 ____D C:\Programmi\File comuni\AVG Secure Search 2014-01-08 15:02 - 2009-10-22 18:11 - 00000000 ___HD C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni 2014-01-08 15:01 - 2014-01-08 15:02 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys 2014-01-08 15:01 - 2014-01-08 15:01 - 00000000 ____D C:\Programmi\AVG SafeGuard toolbar 2014-01-07 14:03 - 2009-10-22 18:11 - 00001599 _____ C:\Documents and Settings\tit angela\Menu Avvio\Programmi\Assistenza remota.lnk 2014-01-07 14:03 - 2009-02-12 16:07 - 00001607 _____ C:\Documents and Settings\All Users\Menu Avvio\Impostazioni accesso ai programmi.lnk 2014-01-07 13:08 - 2014-01-07 12:35 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\Avg2014 2014-01-07 12:41 - 2014-01-07 12:41 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\AVG2014 2014-01-07 12:39 - 2014-01-07 12:39 - 00000000 ____D C:\Documents and Settings\tit angela\Dati applicazioni\TuneUp Software 2014-01-07 12:38 - 2013-05-09 18:57 - 00001008 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4159745607-663305977-4172335611-1005Core.job 2014-01-07 12:35 - 2014-01-07 12:35 - 00000000 ____D C:\Documents and Settings\tit angela\Impostazioni locali\Dati applicazioni\MFAData 2014-01-07 10:41 - 2009-02-12 23:48 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl 2013-12-25 11:32 - 2009-10-22 18:11 - 00000000 ___RD C:\Documents and Settings\tit angela\Documenti\Immagini 2013-12-22 09:23 - 2009-02-12 16:58 - 00094272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-21 21:13 - 2013-12-21 21:13 - 00006580 _____ C:\WINDOWS\KB2904266.log 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$ 2013-12-21 21:13 - 2013-12-21 21:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-21 21:13 - 2013-12-21 19:18 - 00015207 _____ C:\WINDOWS\KB2898785.log 2013-12-21 21:13 - 2013-12-21 19:18 - 00014458 _____ C:\WINDOWS\KB2898715.log 2013-12-21 21:13 - 2013-08-17 08:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-12-21 21:13 - 2009-11-01 14:24 - 00038126 _____ C:\WINDOWS\system32\TZLog.log 2013-12-21 21:13 - 2009-02-12 16:59 - 00001393 _____ C:\WINDOWS\imsins.BAK 2013-12-21 21:13 - 2009-02-12 16:27 - 00077276 _____ C:\WINDOWS\updspapi.log 2013-12-21 21:10 - 2013-12-21 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-21 21:10 - 2013-12-21 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-21 21:10 - 2013-12-21 19:18 - 00011495 _____ C:\WINDOWS\KB2893984.log 2013-12-21 21:10 - 2013-12-21 19:18 - 00010672 _____ C:\WINDOWS\KB2893294.log 2013-12-21 21:10 - 2009-11-06 17:03 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-12-21 21:09 - 2013-12-21 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-21 21:09 - 2013-12-21 19:18 - 00010068 _____ C:\WINDOWS\KB2892075.log ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2009-02-12 23:48] - [2008-04-14 13:00] - 1036288 ____A (Microsoft Corporation) 70d7f99d95615c3c278367756287db71 C:\Windows\System32\winlogon.exe [2009-02-12 23:48] - [2008-04-14 13:00] - 0510464 ____A (Microsoft Corporation) 9259170d29b5a256735fcb8b80280857 C:\Windows\System32\svchost.exe [2009-02-12 23:48] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) bb8363abec09aa2f9b363484e282117c C:\Windows\System32\services.exe [2009-02-12 23:48] - [2009-02-09 12:22] - 0111104 ____A (Microsoft Corporation) 26845f272435302e0f3322e660a24f7d C:\Windows\System32\User32.dll [2009-02-12 23:48] - [2008-04-14 13:00] - 0579584 ____A (Microsoft Corporation) fa94696c0727bd59e517c674cd6e7c72 C:\Windows\System32\userinit.exe [2009-02-12 23:48] - [2008-04-14 13:00] - 0026624 ____A (Microsoft Corporation) df69726907357c3add243f48902b0331 C:\Windows\System32\rpcss.dll [2009-02-12 23:48] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) bc4e0226341aaec1222336b3aed86bab C:\Windows\System32\Drivers\volsnap.sys [2009-02-12 23:48] - [2008-04-14 13:00] - 0053376 ____A (Microsoft Corporation) e46c1b5a56da7da603d09dfcc79ec59e ==================== End Of Log ============================