OTL logfile created on: 20/02/2013 10.31.45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = J:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,71% Memory free
3,85 Gb Paging File | 3,45 Gb Available in Paging File | 89,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 97,65 Gb Total Space | 3,82 Gb Free Space | 3,91% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 231,20 Gb Free Space | 99,28% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 342,69 Gb Free Space | 73,58% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 193,72 Gb Free Space | 99,19% Space Free | Partition Type: NTFS
Drive G: | 172,79 Gb Total Space | 172,62 Gb Free Space | 99,90% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 227,81 Gb Free Space | 97,83% Space Free | Partition Type: NTFS
Drive J: | 971,61 Mb Total Space | 664,63 Mb Free Space | 68,40% Space Free | Partition Type: FAT
Drive K: | 3,64 Gb Total Space | 0,68 Gb Free Space | 18,66% Space Free | Partition Type: FAT32
Computer Name: STUDIO-8BAE2A6B | User Name: Luigi | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - J:\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
========== Services (SafeList) ==========
SRV - (winmgmt) -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\19144265.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (TeamViewer8) -- C:\Programmi\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVGIDSAgent) -- C:\Programmi\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Programmi\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (MsMpSvc) -- C:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (cligrafsrv) -- C:\Programmi\WKICOSIMI\ClientGrafico\bin\cligrafsrv.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (radzumuv) -- C:\WINDOWS\system32\drivers\radzumuv.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (ltaaqjnx) -- C:\WINDOWS\system32\drivers\ltaaqjnx.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (TuneUpUtilitiesDrv) -- C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers cpip6.sys (Microsoft Corporation)
DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (RtNdPt5x) -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys (Realtek Semiconductor Corporation )
DRV - (RTLVLAN) -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS (Realtek Semiconductor Corporation )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (RTLTEAMING) -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS (Realtek Semiconductor Corporation)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=STM3500418AS_9VM6HYCTXXXX9VM6HYCT&ts=1356603086
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=STM3500418AS_9VM6HYCTXXXX9VM6HYCT&ts=1356603086
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=STM3500418AS_9VM6HYCTXXXX9VM6HYCT&ts=1356603086
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=IT&userid=ddb6b426-64cd-485c-8cb0-0be193ea4da7&searchtype=ds&q={searchTerms}&installDate=01/01/1970
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=STM3500418AS_9VM6HYCTXXXX9VM6HYCT&ts=1356603086
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=IT&userid=ddb6b426-64cd-485c-8cb0-0be193ea4da7&searchtype=ds&q={searchTerms}&installDate=01/01/1970
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=STM3500418AS_9VM6HYCTXXXX9VM6HYCT&ts=1356603086
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=ac9iuWm3GHyQu6qHr0eBb37pqvU?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851640
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2012/12/19 11.05.29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\Mozilla\Firefox\extensions
[2012/12/19 11.05.34 | 000,000,000 | ---D | M] (uTorrentBar_IT) -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\Mozilla\Firefox\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}
O1 HOSTS File: ([2012/12/19 08.21.48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Aggiungi a PDF esistente - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Aggiungi destinazione link a PDF esistente - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converti in Adobe PDF - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_16\bin\NPJPI150_16.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet locale)
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet locale)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab (Java Plug-in 1.5.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.7.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9960F21-D84A-42A1-A704-737D44E34AE5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programmi\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/25 17.14.06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\19144265.exe ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32 ssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2013/02/19 13.37.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\TeamViewer
[2013/02/14 18.05.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Marino
[2013/02/13 11.43.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documenti\Modello di delega per il ritiro o la richiesta di documenti
[2013/02/13 09.45.01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\AVG
[2013/02/08 13.03.32 | 015,739,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/07 16.48.32 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013/02/07 16.48.32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013/02/07 16.48.31 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013/02/06 07.22.22 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/02/06 07.22.18 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/02/06 07.22.18 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/02/06 07.22.18 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/02/05 10.47.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\mySudokuEngine Futura Software
[2013/02/01 08.28.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\bilanci
[2013/01/31 17.20.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\BERTENASCO
[2013/01/31 09.12.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\pdf995
[2013/01/31 09.12.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\pdf995
[2013/01/31 09.11.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\pdf995
[2013/01/31 09.11.19 | 001,671,168 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2013/01/31 09.11.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Software995
[2013/01/31 09.10.15 | 000,000,000 | ---D | C] -- C:\Programmi\pdf995
[2013/01/30 14.24.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\CARTELLA
[2013/01/28 10.26.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\My Google Gadgets
[2013/01/28 10.26.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Google Desktop
[2013/01/28 10.25.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\Google
[2013/01/28 09.32.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documenti\CARTELLA
[2013/01/24 16.08.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Nuova cartella
[2013/01/23 09.10.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\CONTRATTI
[2013/01/23 07.42.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVG January 2013 Campaign
[2013/01/22 09.35.15 | 000,045,392 | R--- | C] (Adobe Systems Inc) -- C:\WINDOWS\System32\AdobePDF.dll
[2013/01/22 09.35.15 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\WINDOWS\System32\AdobePDFUI.dll
[2013/01/21 10.53.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\ISTRUZIONI
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/20 08.28.45 | 000,000,398 | -H-- | M] () -- C:\WINDOWS asks\Microsoft Antimalware Scheduled Scan.job
[2013/02/20 08.19.15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/20 08.19.10 | 000,000,242 | RHS- | M] () -- C:\boot.ini
[2013/02/20 08.18.28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/20 07.55.37 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\56244191.pad
[2013/02/19 14.03.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS asks\Adobe Flash Player Updater.job
[2013/02/19 12.52.59 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\19144265.exe
[2013/02/19 12.36.35 | 000,009,572 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\PROVA.pdf
[2013/02/19 08.17.34 | 000,459,761 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\estratto-sicuro-di-te-in-60-giorni.pdf
[2013/02/18 17.59.08 | 000,006,508 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\LIQ.pdf
[2013/02/18 17.57.22 | 000,012,311 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\BONAF1.pdf
[2013/02/18 16.21.17 | 000,080,570 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\2012-UNIPF-2011.pdf
[2013/02/18 11.59.36 | 000,228,538 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\MailUp_Ebook_01-Le_tue_email_arrivano_nella_casella_giusta[1].pdf
[2013/02/18 11.22.46 | 000,134,144 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/18 08.29.35 | 000,015,416 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2013/02/15 14.55.09 | 000,018,169 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\CALGIO-INPS.pdf
[2013/02/14 17.20.52 | 000,370,203 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\F24.pdf
[2013/02/14 07.30.52 | 000,302,824 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/13 18.57.26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/13 18.53.33 | 000,479,574 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/02/13 18.53.33 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/13 18.53.33 | 000,079,932 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/02/13 18.53.33 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/13 16.31.51 | 000,378,548 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\VERMAR-CI.pdf
[2013/02/13 09.45.01 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 2013.lnk
[2013/02/12 17.38.21 | 000,099,748 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\PESARE-MENNILLO.pdf
[2013/02/12 10.40.31 | 000,044,925 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\prova1.pdf
[2013/02/11 15.54.09 | 000,153,070 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Visura.pdf
[2013/02/11 15.48.38 | 000,077,680 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\ELENCO FORNITORI-CLIENTI.pdf
[2013/02/11 15.26.37 | 000,038,410 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\BILANCIO.pdf
[2013/02/11 09.12.43 | 000,262,905 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\MUAZ04-2012-BANCA.pdf
[2013/02/08 13.03.39 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/08 13.03.39 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/08 13.03.33 | 015,739,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/07 11.44.16 | 000,053,466 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\documento.zip
[2013/02/07 11.36.47 | 000,014,465 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\VERS-12.pdf
[2013/02/07 10.27.14 | 000,080,902 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\RICEVUTA.pdf
[2013/02/07 10.26.56 | 000,088,117 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\michea.pdf
[2013/02/06 07.22.09 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/02/06 07.22.07 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/02/06 07.22.07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/02/06 07.22.07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/02/06 07.22.07 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/02/06 07.22.06 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/02/06 07.22.06 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/02/05 16.04.02 | 000,000,420 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2013/02/05 15.03.27 | 002,490,088 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\image.jpeg
[2013/02/04 11.18.41 | 000,058,071 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\lautoliquida.pdf
[2013/02/01 08.35.49 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2013/01/31 09.57.45 | 000,031,285 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Ricevuta-2010.pdf
[2013/01/31 09.56.13 | 000,029,176 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Ricevuta-2011.pdf
[2013/01/31 09.12.28 | 000,000,028 | ---- | M] () -- C:\WINDOWS\pdf995.ini
[2013/01/31 09.11.19 | 001,671,168 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2013/01/31 09.11.19 | 000,036,864 | ---- | M] () -- C:\WINDOWS\System32\pdf995mon.dll
[2013/01/31 08.58.14 | 000,095,442 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Senza titolo.pdf
[2013/01/31 08.52.33 | 000,025,642 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\ConsumeWS.pdf
[2013/01/30 11.53.21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/01/29 17.37.20 | 000,044,394 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\idp=7515.pdf
[2013/01/28 10.55.19 | 000,547,447 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\OEView_en.zip
[2013/01/28 09.02.49 | 000,822,534 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Documenti\RSORNN71C48L219P_DSU.pdf
[2013/01/26 04.55.42 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/01/24 16.05.55 | 000,062,165 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\parcella n..pdf
[2013/01/23 16.47.47 | 000,255,878 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\SISATU-BIL12.pdf
[2013/01/22 11.49.36 | 000,557,933 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\pec.pdf
[2013/01/22 11.45.13 | 000,623,737 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Modulo di Login.pdf
[2013/01/22 11.43.23 | 000,533,442 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\- WebMail PEC -.pdf
[2013/01/22 10.39.06 | 000,013,753 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\Rendiconto 2012.pdf
[2013/01/22 09.34.50 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 9 Pro Extended.lnk
[2013/01/21 15.45.33 | 000,242,802 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\Senzanome.pdf
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/19 12.53.00 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\56244191.pad
[2013/02/19 12.52.47 | 000,096,256 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\19144265.exe
[2013/02/19 08.17.34 | 000,459,761 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\estratto-sicuro-di-te-in-60-giorni.pdf
[2013/02/18 17.59.08 | 000,006,508 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\LIQ.pdf
[2013/02/18 17.57.22 | 000,012,311 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\BONAF1.pdf
[2013/02/18 16.21.17 | 000,080,570 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\2012-UNIPF-2011.pdf
[2013/02/18 11.59.35 | 000,228,538 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\MailUp_Ebook_01-Le_tue_email_arrivano_nella_casella_giusta[1].pdf
[2013/02/18 11.14.44 | 000,009,572 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\PROVA.pdf
[2013/02/18 11.10.37 | 1463,810,048 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Argo.2012.iTALiAN.MD.R6.XviD-BmA.avi
[2013/02/18 08.29.35 | 000,015,416 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2013/02/15 14.55.09 | 000,018,169 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\CALGIO-INPS.pdf
[2013/02/14 17.20.52 | 000,370,203 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\F24.pdf
[2013/02/12 17.38.21 | 000,099,748 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\PESARE-MENNILLO.pdf
[2013/02/11 15.54.09 | 000,153,070 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Visura.pdf
[2013/02/11 15.48.38 | 000,077,680 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\ELENCO FORNITORI-CLIENTI.pdf
[2013/02/11 15.26.37 | 000,038,410 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\BILANCIO.pdf
[2013/02/11 10.24.38 | 000,044,925 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\prova1.pdf
[2013/02/11 09.12.43 | 000,262,905 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\MUAZ04-2012-BANCA.pdf
[2013/02/07 11.44.15 | 000,053,466 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\documento.zip
[2013/02/07 11.36.47 | 000,014,465 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\VERS-12.pdf
[2013/02/07 10.26.56 | 000,088,117 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\michea.pdf
[2013/02/07 10.13.09 | 000,080,902 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\RICEVUTA.pdf
[2013/02/05 15.03.19 | 002,490,088 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\image.jpeg
[2013/02/04 11.17.52 | 000,058,071 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\lautoliquida.pdf
[2013/01/31 09.56.13 | 000,029,176 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Ricevuta-2011.pdf
[2013/01/31 09.47.31 | 000,031,285 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Ricevuta-2010.pdf
[2013/01/31 09.12.28 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2013/01/31 09.11.19 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2013/01/31 09.11.19 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2013/01/31 08.52.33 | 000,025,642 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\ConsumeWS.pdf
[2013/01/31 08.51.48 | 000,095,442 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Senza titolo.pdf
[2013/01/29 17.37.20 | 000,044,394 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\idp=7515.pdf
[2013/01/28 10.55.18 | 000,547,447 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\OEView_en.zip
[2013/01/28 08.54.21 | 000,822,534 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Documenti\RSORNN71C48L219P_DSU.pdf
[2013/01/24 16.05.55 | 000,062,165 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\parcella n..pdf
[2013/01/23 16.47.47 | 000,255,878 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\SISATU-BIL12.pdf
[2013/01/22 11.46.03 | 000,557,933 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\pec.pdf
[2013/01/22 11.44.22 | 000,623,737 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\Modulo di Login.pdf
[2013/01/22 11.36.22 | 000,533,442 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Desktop\- WebMail PEC -.pdf
[2013/01/22 10.39.06 | 000,013,753 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\Rendiconto 2012.pdf
[2013/01/22 09.34.50 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 9 Pro Extended.lnk
[2013/01/22 09.34.49 | 000,001,920 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Adobe 3D Reviewer.lnk
[2013/01/22 09.34.48 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Adobe Acrobat 9 Pro Extended.lnk
[2013/01/22 09.34.47 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Acrobat Distiller 9.lnk
[2013/01/21 15.45.33 | 000,242,802 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Documenti\Senzanome.pdf
[2013/01/03 11.19.56 | 006,397,138 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\crlCache
[2013/01/03 11.19.04 | 000,222,850 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\caCertsList
[2013/01/03 11.19.04 | 000,000,447 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\dike.ini
[2013/01/03 10.29.58 | 000,000,185 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\dikeutil.ini
[2012/12/21 11.08.47 | 000,134,144 | ---- | C] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/20 09.26.02 | 000,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/12/19 18.52.58 | 000,000,036 | ---- | C] () -- C:\WINDOWS\sispac.ini
[2012/12/19 18.49.00 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/12/19 18.48.58 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.dll
[2012/12/19 16.12.53 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32 x32.dll
[2012/12/19 16.12.53 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\skeylink.dll
[2012/12/19 16.12.50 | 000,000,466 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[2012/12/19 16.12.49 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\co2c40en.dll
[2012/12/19 16.12.49 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\bcfont32.dll
[2012/12/19 16.11.39 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\wkiconf.dll
[2012/12/19 11.27.24 | 000,000,420 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012/12/19 09.41.00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/12/19 09.24.49 | 000,004,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012/12/19 07.38.53 | 000,000,253 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2012/12/19 07.38.53 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2012/12/19 07.38.53 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7320.dat
[2012/12/19 07.37.59 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2012/12/19 07.37.57 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2012/12/19 07.36.01 | 000,031,652 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2012/12/18 18.22.33 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2012/12/18 18.22.26 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/12/18 18.22.25 | 000,049,152 | R--- | C] () -- C:\WINDOWS\DAOD.exe
[2012/12/18 18.22.20 | 000,025,937 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/12/18 18.22.20 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/12/18 17.54.05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/12/18 17.53.00 | 000,302,824 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/18 17.43.30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/12/18 17.37.00 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012/12/18 17.33.47 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/12/18 17.33.39 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/12/18 17.33.36 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012/12/18 17.33.34 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012/12/18 17.33.34 | 000,168,883 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/12/18 17.07.16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/12/18 17.02.45 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/07/19 07.50.11 | 000,176,480 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2011/05/12 16.57.38 | 000,148,195 | ---- | C] () -- C:\Programmi\File comuni\BookViewer.xap
========== ZeroAccess Check ==========
[2012/12/18 17.35.33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 12.33.16 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 13.00.00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/01/23 07.44.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVG January 2013 Campaign
[2012/12/19 11.59.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVG2013
[2012/12/19 10.32.59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Common Files
[2012/12/19 11.07.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Connectify
[2012/12/20 10.17.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DAEMON Tools Lite
[2013/02/19 17.58.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\MFAData
[2013/02/01 08.35.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\pdf995
[2012/12/19 11.43.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\regid.1986-12.com.adobe
[2012/12/19 07.36.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\ScanSoft
[2012/12/27 11.20.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\SweetIM
[2012/12/20 10.09.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TuneUp Software
[2012/12/20 10.09.11 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012/12/19 10.40.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\AVG2013
[2012/12/19 18.48.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\CyberInstaller Studio 2011
[2012/12/20 10.17.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\DAEMON Tools Lite
[2013/01/25 11.01.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\ntr
[2012/12/20 10.07.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\OpenCandy
[2012/12/20 08.57.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\OpenOffice.org
[2013/01/31 09.12.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\pdf995
[2012/12/19 11.57.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\PriceGong
[2012/12/19 16.05.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\ScanSoft
[2013/02/19 13.37.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\TeamViewer
[2012/12/20 10.09.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\TuneUp Software
[2013/02/13 12.57.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\uTorrent
[2013/01/07 12.53.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\WinZip
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008/04/14 13.00.00 | 000,261,328 | R--- | M] () -- C:\$LDR$
[2009/11/25 17.14.06 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/12/18 10.28.31 | 000,000,213 | -HS- | M] () -- C:\BOOT.BAK
[2013/02/20 08.19.10 | 000,000,242 | RHS- | M] () -- C:\boot.ini
[2008/04/14 13.00.00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2012/12/18 09.45.13 | 000,000,016 | ---- | M] () -- C:\chdir.bat
[2009/11/25 17.14.06 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/10/05 09.03.12 | 000,015,737 | ---- | M] () -- C:\Contratti_di_Locazione_-_Pagamenti_successivi_alla_registrazione_vers._4.4.0_InstallLog.log
[2012/01/12 09.29.00 | 000,015,964 | ---- | M] () -- C:\Contratti_di_Locazione_-_Pagamenti_successivi_alla_registrazione_vers._4.4.1_InstallLog.log
[2013/01/16 16.57.00 | 000,013,317 | ---- | M] () -- C:\Contratti_di_Locazione_-_Pagamenti_successivi_alla_registrazione_vers._4.4.2_InstallLog.log
[2011/10/05 09.02.46 | 000,045,217 | ---- | M] () -- C:\Contratti_di_Locazione_vers._9.5.0_InstallLog.log
[2012/04/24 08.32.54 | 000,046,030 | ---- | M] () -- C:\Contratti_di_Locazione_vers._9.5.1_InstallLog.log
[2013/01/16 16.56.38 | 000,027,990 | ---- | M] () -- C:\Contratti_di_Locazione_vers._9.5.2_InstallLog.log
[2013/01/28 12.32.44 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt
[2010/07/07 11.28.28 | 000,000,207 | ---- | M] () -- C:\DelIndex.bat
[2012/12/27 11.11.25 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2009/11/25 17.14.06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/12 12.24.08 | 000,152,282 | ---- | M] () -- C:\ModuliControlloStudi2010_InstallLog.log
[2011/09/27 13.26.46 | 002,123,797 | ---- | M] () -- C:\ModuliControlloStudi2011_InstallLog.log
[2012/07/19 08.34.07 | 000,010,455 | ---- | M] () -- C:\ModuliControlloStudi2012_InstallLog.log
[2009/11/25 17.14.06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 13.00.00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 13.00.00 | 000,251,600 | RHS- | M] () -- C:\ntldr
[2013/02/20 08.18.19 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/10/25 13.38.16 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2009/12/01 10.05.44 | 000,000,055 | ---- | M] () -- C:\sis2002.bat
[2009/12/01 10.05.44 | 000,000,055 | ---- | M] () -- C:\sis2003.bat
[2009/12/01 10.05.45 | 000,000,055 | ---- | M] () -- C:\sis2004.bat
[2009/12/01 10.05.45 | 000,000,055 | ---- | M] () -- C:\sis2005.bat
[2009/12/01 10.05.45 | 000,000,055 | ---- | M] () -- C:\sis2006.bat
[2009/12/01 10.05.45 | 000,000,055 | ---- | M] () -- C:\sis2007.bat
[2009/12/01 10.05.46 | 000,000,055 | ---- | M] () -- C:\sis2008.bat
[2010/02/15 10.16.37 | 000,000,055 | ---- | M] () -- C:\sis2009.bat
[2009/12/01 09.30.24 | 000,000,042 | ---- | M] () -- C:\sispac.bat
[2011/06/15 10.10.03 | 000,000,493 | ---- | M] () -- C:\Tol2009.ini
[2011/06/15 10.15.07 | 000,001,159 | ---- | M] () -- C:\Tol2010.ini
[2011/06/15 10.08.54 | 000,007,385 | ---- | M] () -- C:\Tol2011.ini
[2011/06/15 10.21.30 | 000,006,312 | ---- | M] () -- C:\TolGestionali.Ini
[2008/04/14 13.00.00 | 000,475,370 | R--- | M] () -- C: xtsetup.sif
[2009/11/26 10.24.50 | 027,262,976 | ---- | M] () -- C:\VIRTPART.DAT
[2 C:\*.tmp files -> C:\*.tmp -> ]
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2012/12/18 17.05.05 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13.06.10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 19.56.12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 11.50.03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2012/12/18 17.51.38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012/12/18 17.51.38 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012/12/18 17.51.38 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/12/18 17.09.57 | 000,000,123 | -HS- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2012/12/18 17.09.56 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Luigi.STUDIO-8BAE2A6B\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Mostra Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32 est\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-02-13 17:59:25
< End of report >