OTL logfile created on: 08/12/2009 21.16.19 - Run 1
OTL by OldTimer - Version 3.1.11.9     Folder = C:\Documents and Settings\Luca\Documenti\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
502,42 Mb Total Physical Memory | 143,41 Mb Available Physical Memory | 28,54% Memory free
1,20 Gb Paging File | 0,86 Gb Available in Paging File | 71,73% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 26,27 Gb Total Space | 6,34 Gb Free Space | 24,13% Space Free | Partition Type: FAT32
Drive D: | 26,66 Gb Total Space | 20,93 Gb Free Space | 78,51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NOTEBOOK-LUCA
Current User Name: Luca
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/12/08 20.29.04 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luca\Documenti\Downloads\OTL.exe
PRC - [2009/12/08 13.56.10 | 00,788,880 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/12/08 13.56.08 | 01,184,912 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/11 04.17.36 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe
PRC - [2009/10/11 04.17.36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jusched.exe
PRC - [2009/08/17 18.07.24 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/17 18.07.18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/17 17.58.56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/14 04.14.26 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/14 04.14.08 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/25 13.36.40 | 00,032,768 | ---- | M] () -- C:\Programmi\Launch Manager\LaunchAp.exe
PRC - [2005/07/25 13.34.28 | 00,081,920 | ---- | M] () -- C:\Programmi\Launch Manager\WButton.exe
PRC - [2005/07/25 10.45.00 | 00,241,664 | ---- | M] () -- C:\Programmi\Launch Manager\OSDCtrl.exe
PRC - [2005/06/29 17.26.14 | 00,352,256 | ---- | M] (acer Inc.) -- C:\Programmi\acer\eRecovery\Monitor.exe
PRC - [2005/06/06 19.08.58 | 01,273,344 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2005/06/06 11.52.10 | 00,069,632 | ---- | M] (Wistron) -- C:\Programmi\Launch Manager\HotkeyApp.exe
PRC - [2005/06/01 14.17.08 | 00,192,512 | ---- | M] (Acer Inc) -- C:\Acer\ePM\epm-dm.exe
PRC - [2005/05/12 00.33.52 | 00,479,232 | ---- | M] (Hewlett-Packard Co.) -- C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/05/11 23.12.54 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Programmi\HP\HP Software Update\hpwuSchd2.exe
PRC - [2005/04/15 11.01.46 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/03/09 18.59.26 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Arcade\PCMService.exe
PRC - [2005/02/04 11.12.58 | 00,102,490 | ---- | M] (Synaptics, Inc.) -- C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/02/04 11.11.48 | 00,708,698 | ---- | M] (Synaptics, Inc.) -- C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/01/23 10.36.10 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2005/01/23 10.31.34 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/08/19 20.00.00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2003/08/29 19.05.36 | 00,360,448 | ---- | M] () -- C:\Programmi\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11.14.58 | 00,233,472 | ---- | M] () -- C:\Programmi\SpywareGuard\sgbhp.exe
PRC - [2002/08/30 15.02.48 | 00,094,208 | ---- | M] () -- C:\Programmi\Launch Manager\Powerkey.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2009/12/08 20.29.04 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luca\Documenti\Downloads\OTL.exe
MOD - [2008/04/14 04.13.42 | 01,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008/04/14 04.13.40 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2005/02/04 11.12.50 | 00,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
MOD - [2004/08/27 16.42.36 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Programmi\CyberLink\Shared Files\CLRCEngine.dll
MOD - [2004/08/19 20.00.00 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/12/08 13.56.08 | 01,184,912 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/11 04.17.36 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/08/17 18.07.18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/08/17 18.07.02 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/08/17 18.04.22 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/08/17 17.58.56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005/11/14 01.06.04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/06/06 19.08.58 | 01,273,344 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
SRV - [2004/07/15 01.49.26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 12080
FF - prefs.js..network.proxy.gopher: "localhost"
FF - prefs.js..network.proxy.gopher_port: 12080
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 12080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 12080
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 12080
FF - prefs.js..network.proxy.type: 1
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2009/04/14 22.06.34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2009/04/14 22.06.34 | 00,000,000 | ---D | M]
 
[2009/04/14 22.08.58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\Mozilla\Extensions
[2009/04/14 22.08.58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\Mozilla\Firefox\Profiles\k3mp2d8q.default\extensions
[2009/09/12 10.44.22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\Mozilla\Firefox\Profiles\k3mp2d8q.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/04/14 22.06.34 | 00,000,000 | ---D | M] -- C:\Programmi\Mozilla Firefox\extensions
[2009/05/01 23.56.26 | 00,001,412 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\demauro.xml
[2009/05/01 23.56.26 | 00,000,744 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\eBay-it.xml
[2009/05/01 23.56.26 | 00,001,182 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\wikipedia-it.xml
[2009/05/01 23.56.26 | 00,000,649 | ---- | M] () -- C:\Programmi\Mozilla Firefox\searchplugins\yahoo-it.xml
 
O1 HOSTS File: (768 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmi\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avast!] C:\Programmi\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CtrlVol] C:\Programmi\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\epm-dm.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [eRecoveryService] C:\Programmi\acer\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchAp] C:\Programmi\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LManager] C:\Programmi\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrOSD] C:\Programmi\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PowerKey] C:\Programmi\Launch Manager\PowerKey.exe ()
O4 - HKLM..\Run: [preload] C:\WINDOWS\RUNXMLPL.EXE (Wistron)
O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Programmi\Launch Manager\Wbutton.exe ()
O4 - HKCU..\Run: [Rainlendar2] C:\Programmi\Rainlendar2\Rainlendar2.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Luca\Menu Avvio\Programmi\Esecuzione automatica\SpywareGuard.lnk = C:\Programmi\SpywareGuard\sgmain.exe ()
O4 - Startup: C:\Documents and Settings\Luca\Menu Avvio\Programmi\Esecuzione automatica\Rainlendar.lnk = C:\Programmi\Rainlendar\Rainlendar.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00  [binary data]
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 331 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.0)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Programmi\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{83bfabd2-aab9-11dd-bdc2-000ae4ebbaff}\Shell - "" = AutoRun
O33 - MountPoints2\{83bfabd2-aab9-11dd-bdc2-000ae4ebbaff}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{83bfabd4-aab9-11dd-bdc2-000ae4ebbaff}\Shell - "" = AutoRun
O33 - MountPoints2\{83bfabd4-aab9-11dd-bdc2-000ae4ebbaff}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/09/14 11.47.34 | 00,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2009/12/08 18.37.28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/08 18.36.55 | 00,000,000 | ---D | C] -- C:\Programmi\ERUNT
[2009/12/08 14.29.11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Luca\Recent
[2009/12/07 14.30.22 | 00,000,000 | ---D | C] -- C:\Programmi\uTorrent
[2009/12/07 14.29.29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Luca\Dati applicazioni\uTorrent
[2005/05/11 23.36.48 | 00,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2009/12/08 21.09.50 | 00,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/08 21.07.08 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2009/12/08 21.06.32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/08 21.06.06 | 00,000,098 | ---- | M] () -- C:\WINDOWS\ComponentList.xml
[2009/12/08 21.05.36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/08 21.05.28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/08 21.05.26 | 52,689,7152 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/08 21.04.46 | 04,456,448 | -H-- | M] () -- C:\Documents and Settings\Luca\NTUSER.DAT
[2009/12/08 21.04.46 | 00,000,194 | -HS- | M] () -- C:\Documents and Settings\Luca\ntuser.ini
[2009/12/08 20.12.50 | 00,008,704 | ---- | M] () -- C:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/08 18.42.52 | 00,062,720 | ---- | M] () -- C:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/12/08 18.40.54 | 00,251,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/08 18.37.00 | 00,000,499 | ---- | M] () -- C:\Documents and Settings\Luca\Desktop\NTREGOPT.lnk
[2009/12/08 18.37.00 | 00,000,480 | ---- | M] () -- C:\Documents and Settings\Luca\Desktop\ERUNT.lnk
[2009/12/07 14.30.24 | 00,000,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/12/07 14.20.48 | 02,642,688 | -H-- | M] () -- C:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/12/03 16.14.06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16.13.56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009/12/08 21.05.24 | 52,689,7152 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/08 18.36.58 | 00,000,499 | ---- | C] () -- C:\Documents and Settings\Luca\Desktop\NTREGOPT.lnk
[2009/12/08 18.36.58 | 00,000,480 | ---- | C] () -- C:\Documents and Settings\Luca\Desktop\ERUNT.lnk
[2009/12/07 14.30.22 | 00,000,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2008/08/31 19.54.03 | 00,000,133 | ---- | C] () -- C:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2008/08/31 19.41.03 | 00,000,378 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\hpzinstall.log
[2008/01/03 14.59.04 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\.zreglib
[2007/04/30 20.01.49 | 00,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/04/06 20.11.20 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/04/03 11.25.52 | 00,008,704 | ---- | C] () -- C:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/03/21 21.13.33 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/03/05 14.34.39 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/02/10 13.38.50 | 00,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/10 03.27.24 | 00,078,031 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2006/02/10 03.20.38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005/06/30 17.38.27 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/30 17.23.12 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005/06/30 17.22.22 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005/06/30 17.22.22 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005/06/30 17.22.22 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005/06/30 17.22.22 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005/06/30 17.21.05 | 00,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2005/06/30 17.14.54 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/06/30 17.07.43 | 00,001,150 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/06/30 17.07.42 | 00,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2005/06/30 17.07.42 | 00,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2005/06/30 17.07.42 | 00,225,280 | ---- | C] () -- C:\WINDOWS\Capsule.dll
[2004/09/14 11.57.05 | 00,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 16.12.30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23.46.38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 16.33.56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22.04.36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/01/22 16.46.58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2006/12/14 22.49.16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Avg7
[2008/01/03 14.59.12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SlySoft
[2008/06/10 20.00.30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\phenomedia
[2009/11/14 13.53.06 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2006/09/28 15.12.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\Cartella di caricamento Share-to-Web
[2007/06/02 19.14.42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\Rainlendar
[2008/01/03 15.27.28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\RipIt4Me
[2008/11/17 16.50.40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\OpenOffice.org
[2009/12/07 14.29.30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Luca\Dati applicazioni\uTorrent
[2009/12/08 21.09.50 | 00,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/04/13 20.36.38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20.36.38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23.07.42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/04/13 20.40.30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20.40.30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22.59.44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 22.59.44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2008/04/14 04.13.40 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=BD5FEE908FDD9CB09AA3E78111AB1119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04.13.40 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=BD5FEE908FDD9CB09AA3E78111AB1119 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/19 20.00.00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=D1CAA255F33C06C8302769A86FFB905E -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2004/08/19 20.00.00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=926BB51BB6DE79DEDB93E9C2B0811CCF -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/14 04.13.46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=E1DACEE13CAF8E118416399ABD2A08D9 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04.13.46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=E1DACEE13CAF8E118416399ABD2A08D9 -- C:\WINDOWS\system32\netlogon.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/04/14 04.13.50 | 00,187,904 | ---- | M] (Microsoft Corporation) MD5=034B4B1E882563562B35E1FAB279DEDF -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04.13.50 | 00,187,904 | ---- | M] (Microsoft Corporation) MD5=034B4B1E882563562B35E1FAB279DEDF -- C:\WINDOWS\system32\scecli.dll
[2004/08/19 20.00.00 | 00,186,880 | ---- | M] (Microsoft Corporation) MD5=1446EB71ADF0F54980CDD7E5A812E102 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
< End of report >