often I get one error with Flash updater and I have solved, I suppose, unistalling the flash player and installing again as Adobe suggest. Still now is all ok, but I am not sure if really all is ok. In the same time I have noticed one file in C:\Documents and Settings\Pippo\Impostazioni locali\temp one file skype.exe that do not permitted to open skype. I was suspicious because this file should not be in that directory. I have deleted within other java (?) files in the same directory.
For that I have used and scanned my system (XP Pro sp.3) with Otl, but I don't know how to read the output.
Hope to be right I post it here:
OTL logfile created on: 17/07/2012 17.21.47 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Pippo\Documenti\Download\OTL_
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 72,89% Memory free
3,85 Gb Paging File | 3,41 Gb Available in Paging File | 88,68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Programmi
Drive C: | 78,13 Gb Total Space | 24,25 Gb Free Space | 31,04% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 45,53 Gb Free Space | 58,28% Space Free | Partition Type: NTFS
Drive E: | 76,63 Gb Total Space | 24,74 Gb Free Space | 32,28% Space Free | Partition Type: NTFS
Drive G: | 78,13 Gb Total Space | 52,18 Gb Free Space | 66,79% Space Free | Partition Type: NTFS
Drive H: | 29,17 Gb Total Space | 27,51 Gb Free Space | 94,29% Space Free | Partition Type: FAT32
Drive K: | 75,26 Gb Total Space | 42,12 Gb Free Space | 55,96% Space Free | Partition Type: NTFS
Computer Name: Morato-8D991F2 | User Name: Pippo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/16 20.12.57 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programmi\Mozilla Firefox\firefox.exe
PRC - [2012/05/02 01.42.31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/02 00.34.37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/02 00.31.38 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/04/24 02.11.59 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/04 09.22.37 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pippo\Documenti\Download\OTL_\OTL.exe
PRC - [2008/04/14 04.14.07 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/16 20.12.57 | 002,042,848 | ---- | M] () -- C:\Programmi\Mozilla Firefox\mozjs.dll
MOD - [2012/04/16 23.11.02 | 000,398,288 | ---- | M] () -- C:\Programmi\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010/09/13 22.27.42 | 003,849,728 | ---- | M] () -- C:\Programmi\ffdshow\ffdshow.ax
MOD - [2008/05/02 06.15.37 | 000,010,240 | ---- | M] () -- C:\Programmi\Unlocker\UnlockerCOM.dll
MOD - [2008/04/14 04.13.43 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/09/20 19.34.58 | 000,129,024 | ---- | M] () -- C:\Programmi\WinRAR\RarExt.dll
MOD - [2006/08/31 19.46.32 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2006/05/14 06.23.40 | 000,138,752 | ---- | M] () -- C:\Programmi\7-Zip\7-zip.dll
MOD - [2006/05/07 18.28.48 | 000,057,451 | ---- | M] () -- C:\Programmi\ICQLite\ICQLiteShell.dll
MOD - [2004/12/20 20.52.54 | 000,065,536 | ---- | M] () -- C:\Programmi\Astonsoft\DeepBurner Pro\DeepBurnerShellEx.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/06/16 20.12.57 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/15 12.18.00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/02 01.42.31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/02 00.34.37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/01/04 13.32.36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/22 12.14.00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Programmi\File comuni\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/05/17 23.45.33 | 000,271,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/01/11 12.08.29 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005/11/14 02.06.04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2012/04/27 10.20.04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/04/25 00.32.27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/16 21.18.01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/01/09 17.28.20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 17.28.20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 17.28.20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 17.28.20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/15 08.44.20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08.44.20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/06/17 15.14.27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/18 14.11.32 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/01/27 04.09.02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/02/17 21.14.48 | 000,060,672 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rdwm1094.sys -- (RDID1094)
DRV - [2008/09/12 09.03.34 | 000,540,288 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008/09/12 09.03.34 | 000,443,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2008/09/12 09.03.34 | 000,024,576 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2008/08/26 09.26.12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 20.53.09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 20.46.22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 20.45.29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/10/03 23.55.36 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2007/10/03 23.55.28 | 000,015,400 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2007/10/03 23.55.08 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3132.sys -- (SI3132)
DRV - [2007/04/10 23.46.48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2006/11/23 18.11.40 | 004,025,088 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/09/24 15.28.46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/04/24 18.52.28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/04/14 21.09.06 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/04/14 21.09.04 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/03/30 09.24.00 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/03/09 16.53.00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/02/23 15.58.56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/03 02.50.28 | 000,004,224 | ---- | M] () [File_System | System | Unknown] -- C:\windows\System32\StarOpen.sys -- (StarOpen)
DRV - [2004/11/26 21.22.08 | 000,012,800 | ---- | M] () [Kernel | Auto | Running] -- C:\windows_Bios\ioperm.sys -- (ioperm)
DRV - [2004/09/09 13.24.52 | 000,212,224 | ---- | M] (Echo Digital Audio Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\echogals.sys -- (echogals)
DRV - [2004/08/13 12.56.20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/19 16.45.48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/10/03 13.52.08 | 000,040,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STTub203.sys -- (STTub203)
DRV - [2002/04/17 21.27.02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | System | Running] -- C:\windows\System32\drivers\asapi.sys -- (Asapi)
DRV - [2001/08/18 00.00.04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 23.02.50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001/08/17 23.02.40 | 000,035,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msgame.sys -- (msgame)
DRV - [2001/08/17 23.02.32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [1996/04/03 21.33.26 | 000,005,248 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.it
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programmi\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2012/06/16 20.12.58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/07/12 17.39.58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programmi\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/10/29 14.44.41 | 000,000,000 | ---D | M]
[2010/08/12 14.47.05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Extensions
[2010/08/12 14.47.05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/07/09 14.43.06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions
[2011/05/03 02.09.21 | 000,000,000 | ---D | M] (BBCodeXtra) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}
[2010/12/12 00.28.33 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions\[email protected]
[2012/05/19 01.32.33 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions\[email protected]
[2011/10/08 01.26.32 | 000,000,000 | ---D | M] (Dictionnaire français «Classique & Réforme 1990») -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions\[email protected]
[2012/03/13 02.25.56 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Documents and Settings\Pippo\Dati applicazioni\Mozilla\Firefox\Profiles\e4rgm794.default\extensions\[email protected]
[2012/04/25 02.00.06 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2012/06/16 20.12.57 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2012/06/16 20.12.54 | 000,001,393 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\amazon-it.xml
[2012/06/16 20.12.54 | 000,002,252 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2012/06/16 20.12.54 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/06/16 20.12.54 | 000,000,817 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2012/06/16 20.12.54 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/06/16 20.12.54 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: ([2009/04/23 19.01.01 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\AutorunsDisabled [2012/06/07 09.43.45 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Pippo\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Pippo\Menu Avvio\Programmi\Esecuzione automatica\AutorunsDisabled [2010/04/06 00.24.45 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: &Download by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1342166794187 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{464337D6-1787-49A2-80A2-6E96DF58D570}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O27 - HKLM IFEO\taskmgr.exe: Debugger - K:\UTILITA\PROCES_EXPLORER\PROCEXP.EXE (Sysinternals)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/30 16.56.08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0dc4d956-3e88-11e0-8853-001731fa4b46}\Shell\Shell00\Command - "" = I:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (u)
O34 - HKLM BootExecute: (t)
O34 - HKLM BootExecute: (o)
O34 - HKLM BootExecute: ©
O34 - HKLM BootExecute: (h)
O34 - HKLM BootExecute: (k)
O34 - HKLM BootExecute: (*)
O34 - HKLM BootExecute: (pgdfgsvc C 1)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/07/17 01.20.23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pippo\Recent
[2012/07/13 20.03.50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Pippo\IETldCache
[2012/07/13 19.58.28 | 000,000,000 | ---D | C] -- C:\windows\ie8updates
[2012/07/13 19.57.33 | 000,000,000 | -H-D | C] -- C:\windows\ie8
[2012/07/13 19.11.19 | 000,000,000 | ---D | C] -- C:\windows\SxsCaPendDel
[2012/07/13 11.23.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pippo\Dati applicazioni\Avira
[2012/07/13 11.17.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Avira
[2012/07/13 11.17.45 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2012/07/13 11.17.45 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2012/07/13 11.17.45 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avkmgr.sys
[2012/07/13 11.17.44 | 000,000,000 | ---D | C] -- C:\Programmi\Avira
[2012/07/13 11.17.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Avira
[2012/07/13 10.43.46 | 000,000,000 | ---D | C] -- C:\windows\Prefetch
[2012/07/13 10.29.07 | 000,000,000 | ---D | C] -- C:\Programmi\Messenger
[2012/07/13 10.28.57 | 000,000,000 | ---D | C] -- C:\windows\l2schemas
[2012/07/13 10.28.57 | 000,000,000 | ---D | C] -- C:\windows\System32\it
[2012/07/13 10.28.57 | 000,000,000 | ---D | C] -- C:\windows\System32\bits
[2012/07/13 10.24.59 | 000,000,000 | -H-D | C] -- C:\windows\$NtServicePackUninstall$
[2012/07/12 17.40.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pippo\Impostazioni locali\Dati applicazioni\Sun
[2012/07/12 17.40.21 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2012/07/12 17.40.03 | 000,000,000 | ---D | C] -- C:\Programmi\Oracle
[2012/07/12 17.40.01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pippo\Dati applicazioni\Oracle
[2012/07/12 17.39.38 | 000,000,000 | ---D | C] -- C:\Programmi\Java
[2012/07/06 16.27.12 | 000,000,000 | ---D | C] -- C:\Programmi\PC Connectivity Solution
[2012/07/06 16.26.48 | 000,008,192 | ---- | C] (Nokia) -- C:\windows\System32\drivers\usbser_lowerfltj.sys
[2012/07/06 16.26.47 | 000,008,192 | ---- | C] (Nokia) -- C:\windows\System32\drivers\usbser_lowerflt.sys
[2012/07/06 16.26.46 | 000,023,168 | ---- | C] (Nokia) -- C:\windows\System32\drivers\ccdcmbo.sys
[2012/07/06 16.26.45 | 000,018,176 | ---- | C] (Nokia) -- C:\windows\System32\drivers\ccdcmb.sys
[2012/06/22 02.04.08 | 000,000,000 | ---D | C] -- C:\Programmi\Microsoft.NET
[2012/06/20 10.01.09 | 000,000,000 | ---D | C] -- C:\Programmi\MSECache
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/17 17.07.12 | 000,012,598 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2012/07/17 17.07.09 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/17 17.05.00 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 10.33.08 | 000,003,278 | ---- | M] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_103242.reg
[2012/07/14 02.08.16 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_020813.reg
[2012/07/14 02.08.00 | 000,004,362 | ---- | M] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_020747.reg
[2012/07/13 20.02.27 | 000,195,368 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/07/13 19.38.47 | 000,553,430 | ---- | M] () -- C:\windows\System32\perfh010.dat
[2012/07/13 19.38.47 | 000,502,724 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/07/13 19.38.47 | 000,104,254 | ---- | M] () -- C:\windows\System32\perfc010.dat
[2012/07/13 19.38.47 | 000,087,960 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/07/13 10.26.36 | 000,251,600 | ---- | M] () -- C:\NTLDR
[2012/07/12 17.05.09 | 000,002,239 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/07/11 01.31.04 | 000,054,156 | -H-- | M] () -- C:\windows\QTFont.qfn
[2012/07/11 01.16.25 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\Pippo\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/03 13.46.44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/06/29 01.06.24 | 000,001,409 | ---- | M] () -- C:\windows\QTFont.for
[2012/06/28 09.24.00 | 000,001,246 | ---- | M] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120628_092351.reg
[2012/06/25 01.39.39 | 000,003,568 | ---- | M] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120625_013922.reg
[2012/06/23 09.11.15 | 000,001,126 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/23 09.11.11 | 000,001,122 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/22 16.16.20 | 000,110,043 | ---- | M] () -- C:\Documents and Settings\Pippo\Desktop\BMS_Key.pdf
[2012/06/21 15.50.58 | 000,000,000 | ---- | M] () -- C:\WKCONV.RTF
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/17 17.05.00 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 10.32.43 | 000,003,278 | ---- | C] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_103242.reg
[2012/07/14 02.08.14 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_020813.reg
[2012/07/14 02.07.49 | 000,004,362 | ---- | C] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120714_020747.reg
[2012/07/13 17.25.36 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2012/07/13 17.25.36 | 000,003,072 | ---- | C] () -- C:\windows\System32\dllcache\iacenc.dll
[2012/07/13 10.16.03 | 000,663,442 | ---- | C] () -- C:\windows\System32\dllcache\wmplayer.chm
[2012/07/13 10.16.03 | 000,354,468 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud1.wav
[2012/07/13 10.16.03 | 000,343,204 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud7.wav
[2012/07/13 10.16.03 | 000,343,204 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud6.wav
[2012/07/13 10.16.03 | 000,172,196 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud9.wav
[2012/07/13 10.16.03 | 000,172,196 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud8.wav
[2012/07/13 10.16.03 | 000,172,196 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud3.wav
[2012/07/13 10.16.03 | 000,086,196 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud5.wav
[2012/07/13 10.16.03 | 000,086,180 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud4.wav
[2012/07/13 10.16.03 | 000,086,180 | ---- | C] () -- C:\windows\System32\dllcache\wmpaud2.wav
[2012/07/13 10.16.03 | 000,073,130 | ---- | C] () -- C:\windows\System32\dllcache\wmplayer.adm
[2012/07/13 10.16.03 | 000,034,550 | ---- | C] () -- C:\windows\System32\dllcache\wmdm.inf
[2012/07/13 10.16.03 | 000,026,344 | ---- | C] () -- C:\windows\System32\dllcache\wmplay.chm
[2012/07/13 10.16.03 | 000,013,540 | ---- | C] () -- C:\windows\System32\dllcache\wmfsdk.inf
[2012/07/13 10.16.03 | 000,008,677 | ---- | C] () -- C:\windows\System32\dllcache\wm7.gif
[2012/07/13 10.16.03 | 000,007,892 | ---- | C] () -- C:\windows\System32\dllcache\wm9.gif
[2012/07/13 10.16.03 | 000,007,636 | ---- | C] () -- C:\windows\System32\dllcache\wm2.gif
[2012/07/13 10.16.03 | 000,007,369 | ---- | C] () -- C:\windows\System32\dllcache\wm4.gif
[2012/07/13 10.16.03 | 000,006,241 | ---- | C] () -- C:\windows\System32\dllcache\wm3.gif
[2012/07/13 10.16.03 | 000,006,060 | ---- | C] () -- C:\windows\System32\dllcache\wm6.gif
[2012/07/13 10.16.03 | 000,005,789 | ---- | C] () -- C:\windows\System32\dllcache\wm1.gif
[2012/07/13 10.16.03 | 000,004,193 | ---- | C] () -- C:\windows\System32\dllcache\wm8.gif
[2012/07/13 10.16.03 | 000,002,477 | ---- | C] () -- C:\windows\System32\dllcache\wm5.gif
[2012/07/13 10.16.03 | 000,001,771 | ---- | C] () -- C:\windows\System32\dllcache\wmptour.css
[2012/07/13 10.16.03 | 000,001,722 | ---- | C] () -- C:\windows\System32\dllcache\wmpocm.inf
[2012/07/13 10.16.02 | 000,017,489 | ---- | C] () -- C:\windows\System32\dllcache\videobg.gif
[2012/07/13 10.16.02 | 000,005,290 | ---- | C] () -- C:\windows\System32\dllcache\vidsamp.gif
[2012/07/13 10.15.59 | 000,023,829 | ---- | C] () -- C:\windows\System32\dllcache\tourbg.gif
[2012/07/13 10.15.59 | 000,003,187 | ---- | C] () -- C:\windows\System32\dllcache\tour.js
[2012/07/13 10.15.59 | 000,002,469 | ---- | C] () -- C:\windows\System32\dllcache\tplay.gif
[2012/07/13 10.15.59 | 000,002,450 | ---- | C] () -- C:\windows\System32\dllcache\tpause.gif
[2012/07/13 10.15.59 | 000,002,375 | ---- | C] () -- C:\windows\System32\dllcache\tplayh.gif
[2012/07/13 10.15.59 | 000,002,371 | ---- | C] () -- C:\windows\System32\dllcache\tpauseh.gif
[2012/07/13 10.15.59 | 000,001,398 | ---- | C] () -- C:\windows\System32\dllcache\taon.gif
[2012/07/13 10.15.59 | 000,001,380 | ---- | C] () -- C:\windows\System32\dllcache\taonh.gif
[2012/07/13 10.15.59 | 000,001,380 | ---- | C] () -- C:\windows\System32\dllcache\taoff.gif
[2012/07/13 10.15.59 | 000,001,367 | ---- | C] () -- C:\windows\System32\dllcache\taoffh.gif
[2012/07/13 10.15.58 | 000,001,148 | ---- | C] () -- C:\windows\System32\dllcache\snd.htm
[2012/07/13 10.15.56 | 000,083,323 | ---- | C] () -- C:\windows\System32\dllcache\plyr_err.chm
[2012/07/13 10.15.55 | 000,067,866 | ---- | C] () -- C:\windows\System32\drivers\netwlan5.img
[2012/07/13 10.15.55 | 000,022,060 | ---- | C] () -- C:\windows\System32\dllcache\npds.zip
[2012/07/13 10.15.55 | 000,000,403 | ---- | C] () -- C:\windows\System32\dllcache\npdrmv2.zip
[2012/07/13 10.15.54 | 000,036,630 | ---- | C] () -- C:\windows\System32\dllcache\mplayer2.inf
[2012/07/13 10.15.54 | 000,002,778 | ---- | C] () -- C:\windows\System32\dllcache\mplogoh.gif
[2012/07/13 10.15.54 | 000,002,545 | ---- | C] () -- C:\windows\System32\dllcache\mplogo.gif
[2012/07/13 10.15.51 | 000,129,045 | ---- | C] () -- C:\windows\System32\drivers\cxthsfs2.cty
[2012/07/13 10.15.51 | 000,005,971 | ---- | C] () -- C:\windows\System32\dllcache\events.js
[2012/07/13 10.15.50 | 000,184,125 | ---- | C] () -- C:\windows\System32\dllcache\compact.wmz
[2012/07/13 10.15.50 | 000,009,585 | ---- | C] () -- C:\windows\System32\dllcache\controls.css
[2012/07/13 10.15.50 | 000,000,999 | ---- | C] () -- C:\windows\System32\dllcache\bktrh.gif
[2012/07/13 10.15.50 | 000,000,773 | ---- | C] () -- C:\windows\System32\dllcache\cnth.gif
[2012/07/13 10.15.50 | 000,000,773 | ---- | C] () -- C:\windows\System32\dllcache\cnt.gif
[2012/07/13 10.15.50 | 000,000,772 | ---- | C] () -- C:\windows\System32\dllcache\cntd.gif
[2012/07/13 10.15.50 | 000,000,760 | ---- | C] () -- C:\windows\System32\dllcache\cloapph.gif
[2012/07/13 10.15.50 | 000,000,717 | ---- | C] () -- C:\windows\System32\dllcache\cloapp.gif
[2012/07/13 10.15.35 | 000,064,352 | ---- | C] () -- C:\windows\System32\drivers\ativmc20.cod
[2012/06/29 01.06.24 | 000,054,156 | -H-- | C] () -- C:\windows\QTFont.qfn
[2012/06/29 01.06.24 | 000,001,409 | ---- | C] () -- C:\windows\QTFont.for
[2012/06/28 09.23.52 | 000,001,246 | ---- | C] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120628_092351.reg
[2012/06/25 01.39.24 | 000,003,568 | ---- | C] () -- C:\Documents and Settings\Pippo\Documenti\cc_20120625_013922.reg
[2012/06/22 16.16.20 | 000,110,043 | ---- | C] () -- C:\Documents and Settings\Pippo\Desktop\BMS_Key.pdf
[2012/06/21 15.50.58 | 000,000,000 | ---- | C] () -- C:\WKCONV.RTF
[2012/05/23 18.24.48 | 001,074,636 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2012/05/23 18.24.48 | 001,074,636 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2012/05/23 18.24.48 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2012/05/23 18.24.29 | 002,807,708 | ---- | C] () -- C:\windows\System32\nvdata.data
[2012/04/02 10.49.00 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Pippo\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2011/07/27 16.33.51 | 000,000,281 | ---- | C] () -- C:\windows\SIERRA.INI
[2011/03/28 16.46.41 | 002,217,088 | ---- | C] () -- C:\windows\System32\BootMan.exe
[2011/03/28 16.46.41 | 000,086,408 | ---- | C] () -- C:\windows\System32\setupempdrv03.exe
[2011/03/28 16.46.41 | 000,014,848 | ---- | C] () -- C:\windows\System32\EuEpmGdi.dll
[2011/03/28 16.46.41 | 000,013,192 | ---- | C] () -- C:\windows\System32\epmntdrv.sys
[2011/03/28 16.46.41 | 000,008,456 | ---- | C] () -- C:\windows\System32\EuGdiDrv.sys
[2011/02/26 03.29.00 | 000,698,970 | ---- | C] () -- C:\windows\unins001.exe
[2011/02/26 03.29.00 | 000,026,826 | ---- | C] () -- C:\windows\unins001.dat
[2011/02/20 18.12.28 | 000,006,656 | ---- | C] () -- C:\windows\System32\RdCi1094.dll
[2011/02/20 18.12.28 | 000,004,088 | ---- | C] () -- C:\windows\System32\Rd3t1094.DAT
[2011/01/18 14.31.30 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Pippo\Dati applicazioni\Sys6925.Config Collection.sys
[2011/01/18 14.31.30 | 000,000,022 | -HS- | C] () -- C:\windows\Sys3390 SettingsCollection.bin
[2010/09/02 19.59.03 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
========== LOP Check ==========
[2011/03/14 03.38.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Droppix
[2012/07/06 16.27.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2010/02/11 15.32.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\LightScribe
[2007/02/19 18.29.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Minnetonka Audio Software
[2010/11/24 14.19.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nitro PDF
[2012/07/06 16.25.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2011/02/16 13.34.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaInstallerCache
[2010/04/06 17.50.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2011/12/16 03.21.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC1Data
[2010/01/12 15.33.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PCTV Systems
[2009/11/23 01.48.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2012/06/06 12.51.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Seeing Machines
[2008/12/26 02.50.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SmartSound Software Inc
[2012/05/16 02.51.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/01/18 03.06.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TV DIGITAL
[2008/04/28 02.03.01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2012/03/01 02.14.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Abcuq
[2012/05/23 10.10.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Audacity
[2011/05/07 19.25.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Blender Foundation
[2007/02/19 18.29.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\DeepBurner
[2007/02/19 18.29.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\DeepBurner Pro
[2007/05/03 00.43.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\DelinvFile
[2010/11/24 14.18.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Downloaded Installations
[2012/07/11 02.15.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\FileZilla
[2007/10/02 13.04.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\FLV Extract
[2010/11/30 03.13.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Foxit Software
[2011/05/17 17.38.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Genie-Soft
[2007/12/15 12.02.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\GetRightToGo
[2010/03/30 14.44.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\GrabPro
[2011/02/14 04.07.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\gtk-2.0
[2010/10/17 17.16.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\ICQ
[2007/02/19 18.29.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\ICQLite
[2012/05/06 02.20.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\inkscape
[2011/11/26 17.11.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\JAM Software
[2010/04/15 16.48.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\KompoZer
[2011/05/05 19.20.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\kompozer.net
[2012/03/09 20.37.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Kye
[2012/05/07 02.10.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\MAXON
[2012/06/04 02.10.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\MetaQuotes
[2011/06/19 17.46.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\MoneyManagerEx
[2007/03/26 14.20.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Mp3tag
[2007/04/01 12.49.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\NetMedia Providers
[2010/11/25 12.26.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Nitro PDF
[2010/10/13 11.36.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Nokia
[2010/04/07 01.39.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Nokia Ovi Suite
[2007/02/19 18.29.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Nvu
[2010/04/06 00.21.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\OpenOffice.org
[2011/04/06 10.37.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Opera
[2012/07/12 17.40.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Oracle
[2012/07/11 10.10.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Orbit
[2011/12/16 03.21.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\PC Cleaners
[2011/01/23 13.32.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\PC Suite
[2007/05/17 00.12.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Pegasys Inc
[2009/10/05 17.53.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\progeSOFT
[2010/08/26 10.17.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Publish Providers
[2009/09/08 12.37.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\REAPER
[2009/01/02 04.07.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\RibbonSoft
[2012/06/06 12.51.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Seeing Machines
[2008/05/01 01.50.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Stellarium
[2012/07/13 01.32.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\TS3Client
[2012/03/13 03.05.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Umviy
[2012/07/04 16.47.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\uTorrent
[2010/10/18 13.19.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\uTorrent_Bck
[2009/04/14 19.34.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\wcpuid
[2010/02/21 03.25.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Windows Live Writer
[2009/12/11 20.01.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\WinFF
[2011/05/27 01.29.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pippo\Dati applicazioni\Wireshark
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 512 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:05EE1EEF
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:76650B61
< End of report >