Anonim / 2 lata, 11 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-12-2014
Ran by Kaska (administrator) on KASIA on 23-12-2014 15:01:03
Running from C:\Documents and Settings\Kaska\Desktop
Loaded Profile: Kaska (Available profiles: Kaska)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Italiano (Italia)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cognizance Corporation) C:\Programmi\HPQ\IAM\Bin\asghost.exe
(AVAST Software) C:\Programmi\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Programmi\File comuni\LightScribe\LSSrvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Agere Systems) C:\Windows\AGRSMMSG.exe
(Hewlett-Packard Development Company, L.P.) C:\Programmi\HPQ\HP ProtectTools Security Manager\pthosttr.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
() C:\Windows\SMINST\Recguard.exe
() C:\Windows\SMINST\Scheduler.exe
(Analog Devices, Inc.) C:\Programmi\Analog Devices\Core\smax4pnp.exe
(AVAST Software) C:\Programmi\AVAST Software\Avast\avastui.exe
() C:\Programmi\rec_pl_1\rec_pl_1.exe
(Skype Technologies S.A.) C:\Programmi\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Documents and Settings\Kaska\Dati applicazioni\Dropbox\bin\Dropbox.exe
() C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Google Inc.) C:\Programmi\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programmi\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programmi\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programmi\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88203 2006-01-30] (Agere Systems)
HKLM\...\Run: [SoundMAX] => C:\Programmi\Analog Devices\SoundMAX\Smax4.exe [716800 2005-05-06] (Analog Devices, Inc.)
HKLM\...\Run: [PTHOSTTR] => C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE [122880 2006-02-14] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [hpWirelessAssistant] => C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [454656 2006-02-14] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
HKLM\...\Run: [QlbCtrl] => C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [131072 2006-03-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Recguard] => C:\WINDOWS\Sminst\Recguard.exe [1187840 2005-12-20] ()
HKLM\...\Run: [Scheduler] => C:\WINDOWS\SMINST\Scheduler.exe [892928 2006-02-15] ()
HKLM\...\Run: [SoundMAXPnP] => C:\Programmi\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Programmi\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-11] (AVAST Software)
HKLM\...\Run: [APSDaemon] => C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [rec_pl_1] => C:\Programmi\rec_pl_1\rec_pl_1.exe [3977384 2014-12-16] ()
Winlogon\Notify\OneCard: C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll (Cognizance Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3682795676-2682444678-3057938357-1006\...\Run: [Odkurzacz] => C:\Programmi\Odkurzacz\odkurzacz.exe [916480 2014-10-06] (FranmoSoftware)
HKU\S-1-5-21-3682795676-2682444678-3057938357-1006\...\Run: [Skype] => C:\Programmi\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli AsWlnPkg
Startup: C:\Documents and Settings\Kaska\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Kaska\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Gestione documenti] -> {666C7833-A9B6-4AB4-94ED-DC238C81E925} => C:\Programmi\HPQ\IAM\Bin\SFSShell.dll (Cognizance Corporation)
BootExecute: 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-3682795676-2682444678-3057938357-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-3682795676-2682444678-3057938357-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.gazeta.pl/0,0.html?p=128
URLSearchHook: HKU\S-1-5-21-3682795676-2682444678-3057938357-1006 - Hook per la ricerca di URL Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: HP Credential Manager for ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll (Infineon Technologies AG)
Toolbar: HKU\S-1-5-21-3682795676-2682444678-3057938357-1006 -> No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Hook per l'esecuzione degli URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\Windows\system32\shell32.dll [8492032 2012-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E067A094-8A93-4FFC-82BF-BDC3AC9B609B}: [NameServer] 192.168.1.1,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Kaska\Dati applicazioni\Mozilla\Firefox\Profiles\qywesm4g.default
FF Homepage: www.wp.pl/?src01=dp220141130
FF DefaultSearchUrl: 
FF SearchEngineOrder.3: Bing 
FF Homepage: www.wp.pl/?src01=dp220141130
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programmi\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programmi\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programmi\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programmi\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programmi\mozilla firefox\plugins\npVividasPlayer.dll ( )
FF Extension: Vividas player plugin - C:\Documents and Settings\Kaska\Dati applicazioni\Mozilla\Firefox\Profiles\qywesm4g.default\Extensions\player@vividas.com [2012-07-11]
FF Extension: No Name - C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-02]
FF Extension: No Name - C:\Programmi\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Programmi\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Programmi\AVAST Software\Avast\WebRep\FF [2013-02-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-16]
FF Extension: No Name - C:\Documents and Settings\Kaska\Dati applicazioni\Mozilla\Firefox\Profiles\qywesm4g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [Not Found]
FF Extension: No Name - C:\Programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Programmi\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programmi\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Programmi\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programmi\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Vividas Player Plugin) - C:\Programmi\Mozilla Firefox\plugins\npVividasPlayer.dll ( )
CHR Plugin: (Microsoft DRM) - C:\Programmi\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programmi\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Programmi\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Programmi\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default
CHR Extension: (Dysk Google) - C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-11]
CHR Extension: (YouTube) - C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-11]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-11]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-01]
CHR Extension: (Yann Arthus-Bertrand) - C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc [2012-11-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programmi\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASChannel; C:\Programmi\HPQ\IAM\Bin\ASChnl.dll [117248 2005-06-01] (Cognizance Corporation) [File not signed]
R2 avast! Antivirus; C:\Programmi\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-30] (AVAST Software)
R2 hpqwmiex; C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe [98304 2006-01-12] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Programmi\File comuni\LightScribe\LSSrvc.exe [73728 2006-01-20] (Hewlett-Packard Company) [File not signed]
S3 ose; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [294912 2006-01-12] (SoftThinks) [File not signed]
R2 WMPNetworkSvc; C:\Programmi\Windows Media Player\WMPNetwk.exe [918528 2006-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [152960 2005-06-07] (Andrea Electronics Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-30] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-30] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-30] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-30] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-30] ()
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-16] (Broadcom Corporation.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 eabfiltr; C:\WINDOWS\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [36937 2001-08-30] (SMC)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2013-02-12] (AnchorFree Inc)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2006-01-19] (Intel® Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:01 - 2014-12-23 15:02 - 00017750 _____ () C:\Documents and Settings\Kaska\Desktop\FRST.txt
2014-12-23 15:00 - 2014-12-23 15:00 - 01114112 _____ (Farbar) C:\Documents and Settings\Kaska\Desktop\FRST.exe
2014-12-23 14:37 - 2014-12-23 14:37 - 02173952 _____ () C:\Documents and Settings\Kaska\Desktop\adwcleaner_4.106.exe
2014-12-22 14:55 - 2014-12-22 14:59 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\grafiki mandaliony
2014-12-21 20:07 - 2014-12-21 20:07 - 00783400 _____ (Elex do Brasil Participações Ltda) C:\Documents and Settings\Kaska\Desktop\yet_another_cleaner_reh.exe
2014-12-21 19:32 - 2014-12-21 19:32 - 00002732 _____ () C:\WINDOWS\setupapi.log
2014-12-21 19:31 - 2014-12-21 19:31 - 00001695 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2014-12-21 19:31 - 2014-11-30 19:05 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-20 14:50 - 2014-12-20 19:10 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\first
2014-12-20 13:01 - 2014-12-20 13:02 - 00025722 _____ () C:\Documents and Settings\Kaska\Desktop\Addition.txt
2014-12-20 12:59 - 2014-12-23 15:01 - 00000000 ____D () C:\FRST
2014-12-20 12:12 - 2014-12-20 12:12 - 00095034 _____ () C:\Documents and Settings\Kaska\Desktop\OTL.Txt
2014-12-20 12:12 - 2014-12-20 12:12 - 00037052 _____ () C:\Documents and Settings\Kaska\Desktop\Extras.Txt
2014-12-20 02:21 - 2014-12-23 14:51 - 00000000 ____D () C:\AdwCleaner
2014-12-20 00:45 - 2014-12-20 00:45 - 00000000 ____D () C:\Programmi\rec_pl_1
2014-12-20 00:45 - 2014-12-20 00:45 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\rec_pl_1
2014-12-15 21:24 - 2014-12-18 20:07 - 00001596 _____ () C:\WINDOWS\wmsetup.log
2014-12-14 19:59 - 2014-12-14 20:02 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\ogł gumtree
2014-12-10 12:26 - 2014-12-16 13:43 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\karykaturka
2014-12-02 21:29 - 2014-12-02 21:29 - 00000000 ____D () C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Temp
2014-12-02 17:01 - 2014-12-02 17:01 - 00000000 ____D () C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Apple
2014-12-01 20:10 - 2014-12-01 20:10 - 00005045 _____ () C:\Documents and Settings\All Users\Dati applicazioni\wmzddnmb.cix
2014-12-01 20:10 - 2014-12-01 20:10 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Movavi
2014-12-01 20:10 - 2014-12-01 20:10 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\Movavi
2014-12-01 19:49 - 2014-12-01 20:03 - 118087776 _____ (Movavi) C:\Documents and Settings\Kaska\Desktop\MovaviVideoEditorSetup.exe
2014-12-01 17:56 - 2014-12-02 14:59 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-01 17:56 - 2014-12-02 14:59 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-01 17:02 - 2014-12-01 17:02 - 00571040 _____ () C:\Documents and Settings\Kaska\Desktop\Installation.exe
2014-12-01 16:18 - 2014-12-01 16:18 - 00001804 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader XI.lnk
2014-12-01 16:06 - 2014-12-01 16:07 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Kaska\Desktop\OTL.exe
2014-12-01 13:04 - 2014-12-23 14:57 - 00000000 ___RD () C:\Documents and Settings\Kaska\Documenti\Dropbox
2014-12-01 13:04 - 2014-12-16 13:35 - 00001015 _____ () C:\Documents and Settings\Kaska\Desktop\Dropbox.lnk
2014-11-30 23:03 - 2014-11-30 23:03 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-11-30 21:51 - 2014-11-30 21:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2014-11-30 19:14 - 2014-11-30 19:14 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Avg2014
2014-11-30 19:07 - 2014-12-21 19:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVAST Software
2014-11-30 19:05 - 2014-11-30 19:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-30 18:07 - 2014-12-16 13:43 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\filmy galeria bronowice
2014-11-30 17:09 - 2014-11-30 23:22 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-11-30 17:08 - 2014-11-30 17:08 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\AVG
2014-11-30 17:08 - 2014-11-30 17:08 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\AVG
2014-11-30 17:06 - 2014-11-30 17:06 - 00000000 ____D () C:\Programmi\AVG
2014-11-30 17:05 - 2014-11-30 17:09 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\AVG
2014-11-30 17:04 - 2014-11-30 17:55 - 00000000 __SHD () C:\Documents and Settings\All Users\Dati applicazioni\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-11-30 16:59 - 2014-12-01 16:38 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\DVDVideoSoft
2014-11-30 16:01 - 2014-11-30 16:01 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\dlg
2014-11-30 16:00 - 2014-11-30 16:01 - 00000000 ____D () C:\TEMP
2014-11-30 16:00 - 2014-11-30 16:00 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessories
2014-11-30 15:49 - 2014-11-30 15:49 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Opera Software
2014-11-30 15:49 - 2014-11-30 15:49 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\Opera Software
2014-11-30 15:45 - 2014-11-30 16:07 - 00000000 ____D () C:\Programmi\Opera
2014-11-30 15:36 - 2014-11-30 17:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Lightworks
2014-11-30 15:35 - 2014-11-30 15:36 - 00000000 ____D () C:\Documents and Settings\All Users\Documenti\Lightworks
2014-11-30 15:34 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-11-30 15:34 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-11-30 15:34 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-11-30 15:34 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-11-30 15:34 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-11-30 15:34 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-11-30 15:34 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-11-30 15:33 - 2014-11-30 15:38 - 00000000 ____D () C:\Programmi\Lightworks
2014-11-30 15:33 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-11-29 22:46 - 2014-12-22 14:58 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\karykatures live
2014-11-27 15:21 - 2014-11-27 20:10 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\Apple Computer
2014-11-27 15:19 - 2014-11-27 15:19 - 00001584 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-11-27 15:19 - 2014-11-27 15:19 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\QuickTime
2014-11-27 15:18 - 2014-12-16 17:01 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-11-27 15:18 - 2014-11-27 15:19 - 00000000 ____D () C:\Programmi\QuickTime
2014-11-27 15:18 - 2014-11-27 15:18 - 00000000 ____D () C:\Programmi\File comuni\Apple
2014-11-27 15:18 - 2014-11-27 15:18 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Apple
2014-11-27 15:18 - 2014-11-27 15:18 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2014-11-27 15:17 - 2014-11-27 15:17 - 00001830 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Apple Software Update.lnk
2014-11-27 15:17 - 2014-11-27 15:17 - 00000000 ____D () C:\Programmi\Apple Software Update
2014-11-27 15:17 - 2014-11-27 15:17 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Apple Computer
2014-11-27 15:17 - 2014-11-27 15:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Apple

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:02 - 2011-11-28 10:17 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Temp
2014-12-23 15:00 - 2004-08-30 12:26 - 02050122 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-23 14:57 - 2014-05-05 22:37 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\Dropbox
2014-12-23 14:57 - 2013-02-28 16:48 - 00000356 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-23 14:55 - 2011-11-28 21:45 - 00000000 ____D () C:\Documents and Settings\Kaska\Dati applicazioni\Skype
2014-12-23 14:52 - 2014-03-05 15:52 - 00000222 _____ () C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
2014-12-23 14:52 - 2006-04-17 03:32 - 00000000 ____D () C:\WINDOWS\SMINST
2014-12-23 14:52 - 2006-04-17 03:30 - 00134244 _____ () C:\WINDOWS\system32\lsass.log
2014-12-23 14:52 - 2004-08-30 14:00 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-23 14:52 - 2004-08-30 14:00 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-12-23 14:52 - 2004-08-30 12:26 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-23 14:51 - 2011-11-28 10:17 - 00000194 ___SH () C:\Documents and Settings\Kaska\ntuser.ini
2014-12-23 14:51 - 2006-04-17 03:24 - 00327680 _____ () C:\WINDOWS\system32\config\Credenti.evt
2014-12-23 14:51 - 2004-08-30 12:26 - 00032530 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-23 14:46 - 2006-04-17 11:52 - 00000000 ___RD () C:\Programmi
2014-12-23 14:46 - 2006-04-17 11:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Avvio\Programmi
2014-12-23 14:45 - 2006-04-17 11:52 - 00000000 __RHD () C:\Documents and Settings\All Users\Dati applicazioni
2014-12-23 14:45 - 2006-04-17 11:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
2014-12-21 19:22 - 2004-08-30 12:26 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-20 19:51 - 2014-10-06 14:27 - 00002243 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-12-20 16:57 - 2006-04-17 02:57 - 00000000 ___HD () C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia
2014-12-20 15:10 - 2011-11-28 12:48 - 00000000 ____D () C:\Programmi\WinRAR
2014-12-20 15:10 - 2011-11-28 12:48 - 00000000 ____D () C:\Documents and Settings\Kaska\Menu Avvio\Programmi\WinRAR
2014-12-20 15:10 - 2011-11-28 12:48 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinRAR
2014-12-20 14:58 - 2011-11-28 10:17 - 00000000 __SHD () C:\Documents and Settings\Kaska\Impostazioni locali\Cronologia
2014-12-20 14:57 - 2006-04-17 02:57 - 00000000 __SHD () C:\Documents and Settings\NetworkService\Impostazioni locali\Cronologia
2014-12-20 14:55 - 2006-04-17 11:52 - 00000000 __SHD () C:\Documents and Settings\Default User\Impostazioni locali\Cronologia
2014-12-20 14:55 - 2006-04-17 02:57 - 00000000 ____D () C:\Documents and Settings\NetworkService\Impostazioni locali\Temp
2014-12-20 14:55 - 2006-04-17 02:57 - 00000000 ____D () C:\Documents and Settings\LocalService\Impostazioni locali\Temp
2014-12-20 02:26 - 2011-11-28 10:17 - 00000000 ___HD () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni
2014-12-18 20:27 - 2014-04-13 13:35 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\audiobooki
2014-12-17 15:09 - 2010-06-21 11:53 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\zdjecia
2014-12-16 13:44 - 2006-04-17 03:03 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-12-16 13:43 - 2014-11-01 20:18 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\Michalina
2014-12-16 13:43 - 2014-09-14 10:56 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\portafoglio
2014-12-16 13:38 - 2011-11-28 10:17 - 00000000 ___RD () C:\Documents and Settings\Kaska\Menu Avvio\Programmi\Esecuzione automatica
2014-12-16 13:35 - 2014-05-05 22:37 - 00000000 ____D () C:\Documents and Settings\Kaska\Menu Avvio\Programmi\Dropbox
2014-12-11 22:50 - 2012-11-11 12:16 - 00001777 _____ () C:\Documents and Settings\Kaska\Desktop\Google Chrome.lnk
2014-12-11 03:12 - 2013-09-03 12:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 03:01 - 2011-11-28 12:51 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-10 12:27 - 2014-08-31 02:06 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\podróż
2014-12-08 15:00 - 2014-03-05 15:52 - 00000216 _____ () C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
2014-12-02 21:29 - 2006-04-17 02:57 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni
2014-12-02 14:58 - 2011-11-28 20:36 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Adobe
2014-12-02 09:13 - 2004-08-30 12:12 - 00235960 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-01 20:49 - 2012-09-24 21:45 - 00040448 ____C () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-01 20:10 - 2012-02-29 15:41 - 00056632 _____ () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2014-12-01 20:10 - 2011-11-28 10:17 - 00000000 __RHD () C:\Documents and Settings\Kaska\Dati applicazioni
2014-12-01 20:10 - 2011-11-28 10:17 - 00000000 ____D () C:\Documents and Settings\Kaska
2014-12-01 16:38 - 2006-04-17 11:52 - 00000000 ____D () C:\Programmi\File comuni
2014-12-01 16:18 - 2006-04-17 03:11 - 00000000 ____D () C:\Programmi\File comuni\Adobe
2014-12-01 16:17 - 2006-04-17 03:11 - 00000000 ____D () C:\Programmi\Adobe
2014-12-01 16:15 - 2006-04-17 03:11 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Adobe
2014-12-01 13:51 - 2011-11-28 10:17 - 00000000 ___RD () C:\Documents and Settings\Kaska\Documenti
2014-12-01 12:57 - 2013-03-22 22:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
2014-12-01 12:35 - 2004-08-30 13:56 - 00000227 _____ () C:\WINDOWS\system.ini
2014-12-01 12:35 - 2004-08-30 12:08 - 00000705 _____ () C:\WINDOWS\win.ini
2014-12-01 12:35 - 2004-08-30 12:01 - 00000211 ___SH () C:\boot.ini
2014-12-01 12:34 - 2011-11-28 10:17 - 00000000 ___RD () C:\Documents and Settings\Kaska\Menu Avvio\Programmi
2014-12-01 11:43 - 2006-04-17 11:52 - 00000000 ____D () C:\Programmi\Movie Maker
2014-12-01 00:41 - 2006-04-17 02:57 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-12-01 00:41 - 2006-04-17 02:57 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-12-01 00:40 - 2006-04-17 11:52 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-30 19:22 - 2006-04-17 11:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Documenti
2014-11-30 19:17 - 2011-11-28 10:17 - 00000000 ___HD () C:\Documents and Settings\Kaska\Impostazioni locali
2014-11-30 19:06 - 2013-02-28 16:48 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-30 19:06 - 2013-02-28 16:48 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-30 19:05 - 2014-05-05 22:21 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-30 19:05 - 2013-02-28 16:48 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-30 19:05 - 2013-02-28 16:48 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-11-30 19:05 - 2013-02-28 16:48 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-30 19:05 - 2013-02-28 16:48 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-11-30 19:05 - 2013-02-28 16:48 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 __RHC () C:\WINDOWS\system32\sapi.cpl.manifest
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 __RHC () C:\WINDOWS\system32\nwc.cpl.manifest
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 __RHC () C:\WINDOWS\system32\ncpa.cpl.manifest
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 __RHC () C:\WINDOWS\system32\cdplayer.exe.manifest
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
2014-11-30 18:42 - 2004-08-30 12:05 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-11-30 18:29 - 2004-08-30 12:20 - 01101320 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-30 18:29 - 2004-08-30 12:20 - 00490150 _____ () C:\WINDOWS\system32\perfh010.dat
2014-11-30 18:29 - 2004-08-30 12:20 - 00084856 _____ () C:\WINDOWS\system32\perfc010.dat
2014-11-30 18:10 - 2013-10-20 12:00 - 00000000 ____D () C:\Documents and Settings\Kaska\Desktop\piosenki
2014-11-30 17:55 - 2013-05-12 19:43 - 00000000 ____D () C:\Documents and Settings\Kaska\Impostazioni locali\Dati applicazioni\Downloaded Installations
2014-11-30 17:55 - 2011-11-28 10:17 - 00000000 ___RD () C:\Documents and Settings\Kaska\Menu Avvio
2014-11-30 17:20 - 2006-04-17 11:52 - 00000000 ____D () C:\WINDOWS\security
2014-11-30 16:35 - 2013-01-02 18:13 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-30 16:01 - 2006-04-17 03:16 - 00000000 ____D () C:\WINDOWS\RegisteredPackages
2014-11-30 16:00 - 2004-08-30 12:05 - 00000768 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Windows Movie Maker.lnk
2014-11-30 15:34 - 2006-04-17 11:52 - 00000000 ____D () C:\WINDOWS\system32\DirectX

Files to move or delete:
====================
C:\Documents and Settings\Kaska\sqlite3.dll


Some content of TEMP:
====================
C:\Documents and Settings\Kaska\Impostazioni locali\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn5cjj_.dll
C:\Documents and Settings\Kaska\Impostazioni locali\Temp\Quarantine.exe
C:\Documents and Settings\Kaska\Impostazioni locali\Temp\SkypeSetup.exe
C:\Documents and Settings\Kaska\Impostazioni locali\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed