[code] WinPFind35 logfile created on: 21/02/2008 22.00.46 WinPFind35U Version 1.0.0.0 Folder = C:\Documents and Settings\Principale\Documenti\Download\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 494,42 Mb Total Physical Memory | 238,09 Mb Available Physical Memory | 48,15% Memory free 1,13 Gb Paging File | 0,88 Gb Available in Paging File | 77,70% Paging File free Paging file location(s): C:\pagefile.sys 744 1488; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi Drive C: | 27,47 Gb Total Space | 10,39 Gb Free Space | 37,82% Space Free | Partition Type: FAT32 Drive D: | 9,76 Gb Total Space | 7,70 Gb Free Space | 78,92% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ACER-EZIO Current User Name: Principale Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 04/01/2008 13.27.08 | Attr = ] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 04/12/2007 15.36.34 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 04/12/2007 14.00.16 | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 13.31.10 | Attr = ] powerkey.exe -> %ProgramFiles%\Launch Manager\PowerKey.exe -> [Ver = | Size = 14348 bytes | Modified Date = 04/02/2008 19.14.36 | Attr = ] agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 11.59.00 | Attr = ] ashdisp.exe -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 04/12/2007 14.00.24 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 25/09/2007 1.11.36 | Attr = ] sgmain.exe -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29/08/2003 19.05.36 | Attr = ] powerkey.exe -> %ProgramFiles%\Launch Manager\bak\PowerKey.exe -> [Ver = 1, 4, 4, 0 | Size = 94208 bytes | Modified Date = 30/08/2002 15.02.48 | Attr = ] sgbhp.exe -> %ProgramFiles%\SpywareGuard\sgbhp.exe -> [Ver = 2.02.0001 | Size = 233472 bytes | Modified Date = 29/08/2003 11.14.58 | Attr = ] winpfind35u.exe -> %UserProfile%\Documenti\Download\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 20/02/2008 11.36.44 | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 04/01/2008 13.27.08 | Attr = ] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 04/12/2007 15.36.34 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 04/12/2007 14.00.16 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 04/12/2007 13.59.54 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 04/12/2007 13.59.02 | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 13.31.10 | Attr = ] (dmadmin) Servizio amministrativo di Gestione disco logico [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 19/08/2004 23.39.36 | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 18/11/2007 12.19.22 | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30/10/2006 9.36.32 | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\HPZipm12.exe -> HP [Ver = 7, 0, 0, 0 | Size = 65795 bytes | Modified Date = 26/02/2004 10.36.50 | Attr = R ] [Driver Services - Non-Microsoft Only] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 04/12/2007 15.49.02 | Attr = ] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (acernbm) acernbm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\acernbm.sys -> [Ver = | Size = 6570 bytes | Modified Date = 05/03/2003 10.01.32 | Attr = ] (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (AFS2K) AFS2K [Kernel | System | Running] -> %SystemRoot%\System32\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.14.886 | Size = 82380 bytes | Modified Date = 17/07/2004 14.17.06 | Attr = ] (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\AGRSM.sys -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:59:12 | Size = 1169792 bytes | Modified Date = 14/02/2003 11.59.14 | Attr = ] (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 04/12/2007 15.55.46 | Attr = ] (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 04/12/2007 15.53.40 | Attr = ] (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 04/12/2007 15.51.52 | Attr = ] (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 30/05/2007 13.10.42 | Attr = ] (AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\System32\DRIVERS\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 13.10.42 | Attr = ] (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (CnxEtP) Conexant AccessRunner USB ADSL WAN Adapter Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\CnxEtP.sys -> Conexant [Ver = 32.099.084.000 | Size = 60288 bytes | Modified Date = 12/09/2003 10.26.26 | Attr = ] (CnxEtU) Conexant AccessRunner USB ADSL Interface Device Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\CnxEtU.sys -> Conexant [Ver = 32.099.084.000 | Size = 646784 bytes | Modified Date = 12/09/2003 10.26.36 | Attr = ] (CnxTgN) Conexant AccessRunner USB ADSL WAN Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\CnxTgN.sys -> Conexant Systems Inc. [Ver = 28072.099.085.000 | Size = 108675 bytes | Modified Date = 29/10/2003 15.02.28 | Attr = ] (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (cs429x) Cirrus Logic WDM Audio Codec Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\cwawdm.sys -> Applied Drivers Corporation [Ver = 6.13.10.6107 | Size = 111104 bytes | Modified Date = 25/04/2003 13.48.22 | Attr = ] (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 19/08/2004 23.31.26 | Attr = ] (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154240 bytes | Modified Date = 19/08/2004 23.31.32 | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 31/08/2001 20.00.00 | Attr = ] (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 15.44.04 | Attr = ] (gtermddo) gtermddo [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\PRINCI~1\IMPOST~1\Temp\gtermddo.sys -> File not found (Hotkey) Hotkey [Kernel | System | Running] -> %SystemRoot%\System32\drivers\HOTKEY.sys -> [Ver = | Size = 9867 bytes | Modified Date = 28/04/2003 11.27.06 | Attr = ] (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\HPZid412.sys -> HP [Ver = 7, 0, 0, 0 | Size = 51056 bytes | Modified Date = 26/02/2004 10.36.48 | Attr = R ] (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\HPZipr12.sys -> HP [Ver = 7, 0, 0, 0 | Size = 16496 bytes | Modified Date = 26/02/2004 10.36.50 | Attr = R ] (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\HPZius12.sys -> HP [Ver = 7, 0, 0, 0 | Size = 21488 bytes | Modified Date = 26/02/2004 10.36.50 | Attr = R ] (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\ialmnt5.sys -> Intel Corporation [Ver = 6.13.10.3510 | Size = 90907 bytes | Modified Date = 15/04/2003 10.39.46 | Attr = ] (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (mailKmd) mailKmd [Kernel | System | Stopped] -> -> File not found (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (NSCIRDA) Driver periferica infrarossi NSC [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Modified Date = 04/08/2004 7.00.50 | Attr = ] (NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\NTIDrvr.sys -> NewTech Infosystems, Inc. [Ver = 1, 0, 0, 5 | Size = 6912 bytes | Modified Date = 02/06/2003 12.23.40 | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (POWERKEY) POWERKEY [Kernel | On_Demand | Running] -> %ProgramFiles%\Launch Manager\POWERKEY.sys -> [Ver = | Size = 2343 bytes | Modified Date = 19/12/2000 18.29.52 | Attr = ] (PRISM) IEEE 802.11 Wireless NIC Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\EXPRESS.sys -> Intersil Americas Inc. [Ver = 2.01.00 | Size = 614912 bytes | Modified Date = 15/11/2002 11.02.56 | Attr = ] (Ptilink) Driver Direct Parallel Link [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 31/08/2001 20.00.00 | Attr = ] (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\Drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.09a | Size = 46080 bytes | Modified Date = 19/08/2005 3.00.00 | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (rtl8139) Driver NT scheda Fast Ethernet PCI Realtek basata su RTL8139 [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\RTL8139.SYS -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 04/08/2004 6.31.32 | Attr = ] (SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASDIFSV.SYS -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 12.53.48 | Attr = ] (SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 16/02/2006 16.51.08 | Attr = R ] (SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.sys -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 27/02/2007 11.39.26 | Attr = ] (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\System32\DRIVERS\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 11.25.54 | Attr = ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found (Wbutton) Wbutton [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\Wbutton.sys -> File not found (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found ({6080A529-897E-4629-A488-ABA0C29B635E}) Intel(R) Graphics Platform (SoftBIOS) Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.10.3510 | Size = 113504 bytes | Modified Date = 15/04/2003 10.40.54 | Attr = ] ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel(R) Graphics Chipset (KCH) Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.10.3510 | Size = 78752 bytes | Modified Date = 15/04/2003 10.40.46 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AcerNotebookManager -> %ProgramFiles%\Acer\Notebook Manager\almxptray.exe -> File not found Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> File not found AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 11.59.00 | Attr = ] avast! -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 04/12/2007 14.00.24 | Attr = ] CamMonitor -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe -> File not found CnxDslTaskBar -> %ProgramFiles%\digicomt\Michelangelo USB ADSL\CnxDslTb.exe -> File not found CtrlVol -> %ProgramFiles%\Launch Manager\CtrlVol.exe -> File not found HotKeysCmds -> %SystemRoot%\System32\hkcmd.exe -> File not found HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> File not found HP Software Update -> %ProgramFiles%\Hewlett-Packard\HP Software Update\HPWuSchd.exe -> File not found IgfxTray -> %SystemRoot%\System32\igfxtray.exe -> File not found LaunchAp -> %ProgramFiles%\Launch Manager\LaunchAp.exe -> File not found LaunchApp -> %SystemRoot%\LaunApp.exe -> Wistron Corp. [Ver = 1, 0, 0, 9 | Size = 164099 bytes | Modified Date = 19/03/2002 1.00.58 | Attr = ] LManager -> %ProgramFiles%\Launch Manager\HotkeyApp.exe -> File not found NeroCheck -> %SystemRoot%\system32\NeroCheck.exe -> File not found PowerKey -> %ProgramFiles%\Launch Manager\PowerKey.exe -> [Ver = | Size = 14348 bytes | Modified Date = 04/02/2008 19.14.36 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\bak\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25/10/2006 18.58.18 | Attr = ] Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> File not found SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 25/09/2007 1.11.36 | Attr = ] Wbutton -> %ProgramFiles%\Launch Manager\Wbutton.exe -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 27/02/2007 11.39.26 | Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> File not found < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica -> < Principale Startup Folder > -> C:\Documents and Settings\Principale\Menu Avvio\Programmi\Esecuzione automatica -> %UserProfile%\Menu Avvio\Programmi\Esecuzione automatica\SpywareGuard.lnk -> %ProgramFiles%\SpywareGuard\sgmain.exe -> [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29/08/2003 19.05.36 | Attr = ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 13.29.58 | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20/12/2006 12.55.48 | Attr = ] {81559C35-8464-49F7-BB0E-07A383BEF910} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [] -> [Ver = 2.02 | Size = 126976 bytes | Modified Date = 02/08/2003 23.20.58 | Attr = R ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 27/02/2007 11.39.26 | Attr = ] igfxcui -> %SystemRoot%\System32\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 07/04/2003 0.06.48 | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (736 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.virgilio.it/free -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.it/ -> HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[gogl] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6330 domain(s) found. -> .[msn] -> Risorse del computer -> 38 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Supporto di collegamento per Adobe PDF Reader] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23.08.42 | Attr = ] {4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [SpywareGuardDLBLOCK.CBrowserHelper] -> [Ver = 2.02 | Size = 192512 bytes | Modified Date = 02/08/2003 23.24.02 | Attr = R ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\SPYBOT~1\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31/05/2005 1.04.00 | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 18/11/2007 12.19.20 | Attr = R ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 18/11/2007 12.19.20 | Attr = R ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 18/11/2007 12.19.20 | Attr = R ] WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 18/11/2007 12.19.20 | Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 25/09/2007 1.11.34 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 25/09/2007 1.11.34 | Attr = ] {85d1f590-48f4-11d9-9669-0800200c9a66}:Exec -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [Ver = | Size = 53248 bytes | Modified Date = 25/05/2006 1.22.06 | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [Ver = | Size = 53248 bytes | Modified Date = 25/05/2006 1.22.06 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Galleria ActiveX Microsoft -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {B9554594-10DA-4384-BF04-9652704E3362} -> (NIC Fast Ethernet PCI Realtek RTL8139 Family) -> {FDDAC8D9-4209-49C7-912A-C411A9665B85} -> (LAN-Express IEEE 802.11 PCI Adapter) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll[CZipHandler Object] -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 22/12/2003 8.38.40 | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0B79F48A-E8D6-11DB-9283-E25056D89593}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.1] -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab[CKAVWebScan Object] -> {193C772A-87BE-4B19-A7BB-445B226FE9A1}[HKEY_LOCAL_MACHINE] -> http://download.ewido.net/ewidoOnlineScan.cab[ewidoOnlineScan Control] -> {215B8138-A3CF-44C5-803F-8226143CFC0A}[HKEY_LOCAL_MACHINE] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[Trend Micro ActiveX Scan Agent 6.6] -> {33564D57-0000-0010-8000-00AA00389B71}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB[Reg Error: Key does not exist or could not be opened.] -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}[HKEY_LOCAL_MACHINE] -> http://download.bitdefender.com/resources/scan8/oscan8.cab[BDSCANONLINE Control] -> {7B297BFD-85E4-4092-B2AF-16A91B2EA103}[HKEY_LOCAL_MACHINE] -> http://www3.ca.com/securityadvisor/virusinfo/webscan.cab[WScanCtl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab[Java Plug-in 1.6.0_03] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {9D190AE6-C81E-4039-8061-978EBAD10073}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.0] -> {9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38182.5860416667[Reg Error: Key does not exist or could not be opened.] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\\DisableMonitoring -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 19/08/2004 23.39.18 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\System32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 18.50.12 | Attr = ] msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 19/08/2004 23.39.18 | Attr = ] schannel -> %SystemRoot%\System32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 16.21.04 | Attr = ] wdigest -> %SystemRoot%\System32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 19/08/2004 23.39.30 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 468 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\enabledcom -> y -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119808 bytes | Modified Date = 19/08/2004 23.39.22 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\System32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 19/08/2004 23.39.44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall / Condivisione connessione Internet (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Fornisce servizi di conversione indirizzi di rete, indirizzamento e risoluzione nomi e/o servizi di prevenzione intrusione per una rete domestica o una piccola rete aziendale. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 12298 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\System32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 332288 bytes | Modified Date = 19/08/2004 23.39.12 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 19/08/2004 23.39.44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 19/08/2004 23.39.44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Programmi\Internet Explorer\IEXPLORE.EXE -> C:\Programmi\Internet Explorer\IEXPLORE.EXE [C:\Programmi\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 19/08/2004 23.39.36 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll [139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll [445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll [137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll [138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{FDDAC8D9-4209-49C7-912A-C411A9665B85} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 19/08/2004 23.39.44 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Aggiornamenti automatici -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Consente il download e l'installazione di aggiornamenti da Windows Update. Se il servizio è disabilitato, il computer non sarà in grado di utilizzare la funzionalità Aggiornamenti automatici né il sito Web Windows Update. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 19/08/2004 23.39.32 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\EnableAutodial -> (binary data) -> [Files/Folders - Created Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 518508544 bytes | Modified Date = 21/02/2008 18.44.54 | Attr = HS] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 13.10.42 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Modified Date = 24/09/2007 22.30.28 | Attr = ] ijl15.dll -> %SystemRoot%\System32\ijl15.dll -> Intel Corporation [Ver = 1,51,12,44 | Size = 352256 bytes | Modified Date = 30/05/2001 | Attr = ] bak -> %SystemRoot%\System32\bak -> [Folder | Created Date = 03/02/2008 18.28.56 | Attr = ] 6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Modified Date = 24/09/2007 22.30.30 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 139264 bytes | Modified Date = 24/09/2007 23.31.42 | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 69632 bytes | Modified Date = 24/09/2007 23.31.42 | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 14/12/2007 11.32.52 | Attr = ] XGraphics.dll -> %SystemRoot%\System32\XGraphics.dll -> CB [Ver = 1, 0, 0, 2 | Size = 363520 bytes | Modified Date = 13/03/2002 18.19.28 | Attr = ] Pgraph.dll -> %SystemRoot%\System32\Pgraph.dll -> BC 1997 [Ver = 1, 0, 0, 1 | Size = 28160 bytes | Modified Date = 29/11/1997 23.38.04 | Attr = ] XBitmap2.dll -> %SystemRoot%\System32\XBitmap2.dll -> BC [Ver = 2, 0, 0, 1 | Size = 131072 bytes | Modified Date = 25/02/2003 0.49.00 | Attr = ] XDraw2.dll -> %SystemRoot%\System32\XDraw2.dll -> BC [Ver = 2, 0, 0, 0 | Size = 80896 bytes | Modified Date = 01/12/2001 14.52.04 | Attr = ] XText2.dll -> %SystemRoot%\System32\XText2.dll -> BC [Ver = 2, 0, 0, 0 | Size = 64000 bytes | Modified Date = 01/12/2001 15.32.24 | Attr = ] XFill2.dll -> %SystemRoot%\System32\XFill2.dll -> BC [Ver = 2, 0, 0, 0 | Size = 28672 bytes | Modified Date = 25/02/2003 0.32.06 | Attr = ] FinsonLU.dll -> %SystemRoot%\System32\FinsonLU.dll -> FINSON SPA [Ver = 1.1.0.24 | Size = 79872 bytes | Modified Date = 15/03/2002 18.06.54 | Attr = ] FinsonRG.exe -> %SystemRoot%\System32\FinsonRG.exe -> FINSON [Ver = 1.1.0.14 | Size = 818176 bytes | Modified Date = 23/04/2002 18.11.10 | Attr = ] FINSON.INI -> %SystemRoot%\FINSON.INI -> [Ver = | Size = 61 bytes | Modified Date = 13/01/2008 10.00.48 | Attr = ] FinsonLiveUpdate.ini -> %SystemRoot%\FinsonLiveUpdate.ini -> [Ver = | Size = 175 bytes | Modified Date = 13/01/2008 10.04.36 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 06/02/2008 23.47.29 | Attr = ] 8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> [Files Created - Additional Folder Scans - Non-Microsoft Only] Kaspersky Lab -> %AllUsersProfile%\Dati applicazioni\Kaspersky Lab -> [Folder | Created Date = 06/02/2008 21.48.14 | Attr = ] Grisoft -> %AllUsersProfile%\Dati applicazioni\Grisoft -> [Folder | Created Date = 10/02/2008 18.45.04 | Attr = ] Lavasoft -> %AllUsersProfile%\Dati applicazioni\Lavasoft -> [Folder | Created Date = 10/02/2008 19.09.11 | Attr = ] Sun -> %AppData%\Sun -> [Folder | Created Date = 06/02/2008 23.47.29 | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Created Date = 10/02/2008 18.45.14 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 10/02/2008 19.14.56 | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Created Date = 17/02/2008 19.39.44 | Attr = ] antivirus 02 -08 -> %UserProfile%\Documenti\antivirus 02 -08 -> [Folder | Created Date = 06/02/2008 22.55.28 | Attr = ] Scansione0003.jpg -> %UserProfile%\Documenti\Scansione0003.jpg -> [Ver = | Size = 69636 bytes | Modified Date = 07/02/2008 22.28.08 | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1666 bytes | Modified Date = 10/02/2008 19.09.18 | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 656 bytes | Modified Date = 10/02/2008 19.14.58 | Attr = ] Origini di Famiglia 3.lnk -> %UserProfile%\Desktop\Origini di Famiglia 3.lnk -> [Ver = | Size = 590 bytes | Modified Date = 13/01/2008 10.02.14 | Attr = ] Ad-Aware 2007.lnk -> %UserProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1684 bytes | Modified Date = 10/02/2008 19.13.18 | Attr = ] AVG Anti-Spyware.lnk -> %UserProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 737 bytes | Modified Date = 10/02/2008 19.13.30 | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Created Date = 06/02/2008 23.43.26 | Attr = ] [Files/Folders - Modified Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 518508544 bytes | Modified Date = 21/02/2008 18.44.54 | Attr = HS] aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Modified Date = 04/12/2007 15.56.02 | Attr = ] aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 04/12/2007 15.55.46 | Attr = ] aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 04/12/2007 15.49.02 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 04/12/2007 15.51.52 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 04/12/2007 15.53.40 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 21/02/2008 18.45.36 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 64058 bytes | Modified Date = 01/12/2007 11.58.44 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 405508 bytes | Modified Date = 01/12/2007 11.58.44 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Modified Date = 04/12/2007 14.04.28 | Attr = ] bak -> %SystemRoot%\System32\bak -> [Folder | Modified Date = 03/02/2008 18.28.58 | Attr = ] 6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 14/12/2007 11.32.52 | Attr = ] perfc010.dat -> %SystemRoot%\System32\perfc010.dat -> [Ver = | Size = 76100 bytes | Modified Date = 01/12/2007 11.58.44 | Attr = ] perfh010.dat -> %SystemRoot%\System32\perfh010.dat -> [Ver = | Size = 451846 bytes | Modified Date = 01/12/2007 11.58.44 | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 10/02/2008 22.28.44 | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 10/02/2008 22.28.46 | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 141240 bytes | Modified Date = 13/01/2008 14.42.20 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 984228 bytes | Modified Date = 01/12/2007 11.58.44 | Attr = ] AVASTSS.scr -> %SystemRoot%\System32\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Modified Date = 04/12/2007 13.54.04 | Attr = ] pavas.ico -> %SystemRoot%\System32\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 10/02/2008 22.28.44 | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2934 bytes | Modified Date = 04/02/2008 20.17.06 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 21/02/2008 18.44.56 | Attr = S] lviewpro.ini -> %SystemRoot%\lviewpro.ini -> [Ver = | Size = 8495 bytes | Modified Date = 02/01/2008 20.34.38 | Attr = ] FINSON.INI -> %SystemRoot%\FINSON.INI -> [Ver = | Size = 61 bytes | Modified Date = 13/01/2008 10.00.48 | Attr = ] FinsonLiveUpdate.ini -> %SystemRoot%\FinsonLiveUpdate.ini -> [Ver = | Size = 175 bytes | Modified Date = 13/01/2008 10.04.36 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 06/02/2008 23.47.30 | Attr = ] 8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21/02/2008 18.45.14 | Attr = H ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 276 bytes | Modified Date = 19/02/2008 20.47.02 | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6718 bytes | Modified Date = 21/02/2008 18.46.50 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 6718 bytes | Modified Date = 21/02/2008 18.46.50 | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 11094 bytes | Modified Date = 21/06/2004 16.41.22 | Attr = ] SSUPDATE.EXE -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 143360 bytes | Modified Date = 17/02/2006 15.55.46 | Attr = ] 2845692890.exe -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\2845692890.exe -> [Ver = | Size = 11060 bytes | Modified Date = 21/02/2008 16.53.04 | Attr = ] 1365943394.exe -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\1365943394.exe -> [Ver = | Size = 11060 bytes | Modified Date = 21/02/2008 14.07.28 | Attr = ] 30 C:\Documents and Settings\Principale\Impostazioni locali\Temp\*.tmp files -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\*.tmp -> drm_dyndata_7240008.dll -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\drm_dyndata_7240008.dll -> Sony DADC Austria AG [Ver = 1, 0, 0, 3 | Size = 196608 bytes | Modified Date = 21/02/2008 9.32.58 | Attr = ] drm_dialogs.dll -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\drm_dialogs.dll -> Sony DADC Austria AG [Ver = 1, 2, 0, 1 | Size = 46592 bytes | Modified Date = 21/02/2008 9.33.00 | Attr = ] 30 C:\Documents and Settings\Principale\Impostazioni locali\Temp\*.tmp files -> C:\Documents and Settings\Principale\Impostazioni locali\Temp\*.tmp -> Perflib_Perfdata_4b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4b8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 21/02/2008 18.45.20 | Attr = ] Perflib_Perfdata_498.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_498.dat -> [Ver = | Size = 16384 bytes | Modified Date = 18/02/2008 19.56.22 | Attr = ] Perflib_Perfdata_4ac.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4ac.dat -> [Ver = | Size = 16384 bytes | Modified Date = 20/02/2008 21.26.42 | Attr = ] Perflib_Perfdata_4a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4a4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 21/02/2008 9.31.48 | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Kaspersky Lab -> %AllUsersProfile%\Dati applicazioni\Kaspersky Lab -> [Folder | Modified Date = 06/02/2008 21.48.16 | Attr = ] Grisoft -> %AllUsersProfile%\Dati applicazioni\Grisoft -> [Folder | Modified Date = 10/02/2008 18.45.06 | Attr = ] Lavasoft -> %AllUsersProfile%\Dati applicazioni\Lavasoft -> [Folder | Modified Date = 10/02/2008 19.09.12 | Attr = ] Sun -> %AppData%\Sun -> [Folder | Modified Date = 06/02/2008 23.47.30 | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Modified Date = 10/02/2008 18.45.16 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 10/02/2008 19.14.58 | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Modified Date = 17/02/2008 19.39.46 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 31824 bytes | Modified Date = 15/01/2008 16.49.50 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 10240 bytes | Modified Date = 22/12/2007 18.05.12 | Attr = ] IconCache.db -> %UserProfile%\Impostazioni locali\Dati applicazioni\IconCache.db -> [Ver = | Size = 2113846 bytes | Modified Date = 18/02/2008 17.59.10 | Attr = H ] Thumbs.db -> %UserProfile%\Documenti\Thumbs.db -> [Ver = | Size = 8704 bytes | Modified Date = 10/02/2008 18.43.54 | Attr = HS] antivirus 02 -08 -> %UserProfile%\Documenti\antivirus 02 -08 -> [Folder | Modified Date = 06/02/2008 22.55.30 | Attr = ] Scansione0003.jpg -> %UserProfile%\Documenti\Scansione0003.jpg -> [Ver = | Size = 69636 bytes | Modified Date = 07/02/2008 22.28.08 | Attr = ] Michelangelo USB ADSL.lnk -> %AllUsersProfile%\Desktop\Michelangelo USB ADSL.lnk -> [Ver = | Size = 694 bytes | Modified Date = 03/02/2008 14.37.20 | Attr = ] Michelangelo USB ADSL Control Panel.lnk -> %AllUsersProfile%\Desktop\Michelangelo USB ADSL Control Panel.lnk -> [Ver = | Size = 275 bytes | Modified Date = 03/02/2008 14.37.14 | Attr = ] Ad-Watch 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Watch 2007.lnk -> [Ver = | Size = 1666 bytes | Modified Date = 10/02/2008 19.09.18 | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 656 bytes | Modified Date = 10/02/2008 19.14.58 | Attr = ] Microsoft Office Word 2003.lnk -> %UserProfile%\Desktop\Microsoft Office Word 2003.lnk -> [Ver = | Size = 2531 bytes | Modified Date = 21/02/2008 19.51.20 | Attr = ] Microsoft Office Excel 2003.lnk -> %UserProfile%\Desktop\Microsoft Office Excel 2003.lnk -> [Ver = | Size = 2503 bytes | Modified Date = 14/02/2008 17.06.26 | Attr = ] Origini di Famiglia 3.lnk -> %UserProfile%\Desktop\Origini di Famiglia 3.lnk -> [Ver = | Size = 590 bytes | Modified Date = 13/01/2008 10.02.14 | Attr = ] Ad-Aware 2007.lnk -> %UserProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1684 bytes | Modified Date = 10/02/2008 19.13.18 | Attr = ] Impostazioni accesso ai programmi.lnk -> %UserProfile%\Desktop\Impostazioni accesso ai programmi.lnk -> [Ver = | Size = 1511 bytes | Modified Date = 31/12/2007 16.50.06 | Attr = ] Deframmentazione dischi.lnk -> %UserProfile%\Desktop\Deframmentazione dischi.lnk -> [Ver = | Size = 1458 bytes | Modified Date = 31/12/2007 16.50.06 | Attr = ] AVG Anti-Spyware.lnk -> %UserProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 737 bytes | Modified Date = 10/02/2008 19.13.30 | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 06/02/2008 23.43.28 | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Dati applicazioni\ -> C:\Documents and Settings\All Users\Dati applicazioni -> [Folder | Modified Date = 30/05/2003 15.12.46 | Attr = RH ] Adobe -> C:\Documents and Settings\All Users\Dati applicazioni\Adobe -> [Folder | Modified Date = 11/03/2007 16.24.22 | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer -> [Folder | Modified Date = 07/11/2006 23.56.24 | Attr = ] Avg7 -> C:\Documents and Settings\All Users\Dati applicazioni\Avg7 -> [Folder | Modified Date = 20/12/2006 21.44.46 | Attr = ] CyberLink -> C:\Documents and Settings\All Users\Dati applicazioni\CyberLink -> [Folder | Modified Date = 30/05/2003 15.44.18 | Attr = ] Google -> C:\Documents and Settings\All Users\Dati applicazioni\Google -> [Folder | Modified Date = 15/10/2006 10.23.14 | Attr = ] Grisoft -> C:\Documents and Settings\All Users\Dati applicazioni\Grisoft -> [Folder | Modified Date = 10/02/2008 18.45.06 | Attr = ] HP -> C:\Documents and Settings\All Users\Dati applicazioni\HP -> [Folder | Modified Date = 06/10/2004 18.26.54 | Attr = ] Kaspersky Lab -> C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab -> [Folder | Modified Date = 06/02/2008 21.48.16 | Attr = ] Lavasoft -> C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft -> [Folder | Modified Date = 10/02/2008 19.09.12 | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft -> [Folder | Modified Date = 30/05/2003 15.12.28 | Attr = S] Microsoft s.r.l -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft s.r.l -> [Folder | Modified Date = 29/12/2006 22.31.16 | Attr = ] MSN6 -> C:\Documents and Settings\All Users\Dati applicazioni\MSN6 -> [Folder | Modified Date = 22/06/2004 22.48.06 | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Dati applicazioni\QuickTime -> [Folder | Modified Date = 12/12/2004 16.49.44 | Attr = ] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy -> [Folder | Modified Date = 22/12/2004 22.05.00 | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com -> [Folder | Modified Date = 06/03/2007 10.54.06 | Attr = ] Symantec -> C:\Documents and Settings\All Users\Dati applicazioni\Symantec -> [Folder | Modified Date = 01/07/2004 20.17.10 | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage -> [Folder | Modified Date = 08/03/2007 18.04.42 | Attr = ] C:\Documents and Settings\Principale\Dati applicazioni\ -> C:\Documents and Settings\Principale\Dati applicazioni -> [Folder | Modified Date = 30/05/2003 15.12.46 | Attr = RH ] Adobe -> C:\Documents and Settings\Principale\Dati applicazioni\Adobe -> [Folder | Modified Date = 22/06/2004 19.10.38 | Attr = ] Apple Computer -> C:\Documents and Settings\Principale\Dati applicazioni\Apple Computer -> [Folder | Modified Date = 07/11/2006 23.58.28 | Attr = ] Cartella di caricamento Share-to-Web -> C:\Documents and Settings\Principale\Dati applicazioni\Cartella di caricamento Share-to-Web -> [Folder | Modified Date = 17/07/2004 14.16.42 | Attr = ] Google -> C:\Documents and Settings\Principale\Dati applicazioni\Google -> [Folder | Modified Date = 05/06/2006 15.53.24 | Attr = ] Grisoft -> C:\Documents and Settings\Principale\Dati applicazioni\Grisoft -> [Folder | Modified Date = 10/02/2008 18.45.16 | Attr = ] Help -> C:\Documents and Settings\Principale\Dati applicazioni\Help -> [Folder | Modified Date = 07/07/2004 12.36.46 | Attr = ] Hewlett-Packard -> C:\Documents and Settings\Principale\Dati applicazioni\Hewlett-Packard -> [Folder | Modified Date = 18/07/2004 14.48.38 | Attr = ] HP -> C:\Documents and Settings\Principale\Dati applicazioni\HP -> [Folder | Modified Date = 06/10/2004 18.26.54 | Attr = ] Identities -> C:\Documents and Settings\Principale\Dati applicazioni\Identities -> [Folder | Modified Date = 30/05/2003 15.25.28 | Attr = ] InterTrust -> C:\Documents and Settings\Principale\Dati applicazioni\InterTrust -> [Folder | Modified Date = 30/05/2003 15.43.24 | Attr = ] Lavasoft -> C:\Documents and Settings\Principale\Dati applicazioni\Lavasoft -> [Folder | Modified Date = 29/06/2005 19.24.00 | Attr = ] Macromedia -> C:\Documents and Settings\Principale\Dati applicazioni\Macromedia -> [Folder | Modified Date = 20/01/2005 15.06.42 | Attr = ] Microsoft -> C:\Documents and Settings\Principale\Dati applicazioni\Microsoft -> [Folder | Modified Date = 30/05/2003 15.12.28 | Attr = S] MSN6 -> C:\Documents and Settings\Principale\Dati applicazioni\MSN6 -> [Folder | Modified Date = 22/06/2004 22.48.06 | Attr = ] SecuROM -> C:\Documents and Settings\Principale\Dati applicazioni\SecuROM -> [Folder | Modified Date = 08/10/2006 10.15.46 | Attr = RH ] Sun -> C:\Documents and Settings\Principale\Dati applicazioni\Sun -> [Folder | Modified Date = 06/02/2008 23.47.30 | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\Principale\Dati applicazioni\SUPERAntiSpyware.com -> [Folder | Modified Date = 10/02/2008 19.14.58 | Attr = ] Symantec -> C:\Documents and Settings\Principale\Dati applicazioni\Symantec -> [Folder | Modified Date = 01/07/2004 20.17.18 | Attr = ] tin.it -> C:\Documents and Settings\Principale\Dati applicazioni\tin.it -> [Folder | Modified Date = 01/10/2005 19.57.24 | Attr = ] TrojanHunter -> C:\Documents and Settings\Principale\Dati applicazioni\TrojanHunter -> [Folder | Modified Date = 08/03/2007 9.53.26 | Attr = ] WinRAR -> C:\Documents and Settings\Principale\Dati applicazioni\WinRAR -> [Folder | Modified Date = 17/02/2008 19.39.46 | Attr = ] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 30/05/2003 15.19.14 | Attr = S] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 31/08/2001 20.00.00 | Attr = RH ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21/02/2008 18.45.14 | Attr = H ] SCHEDLGU.TXT -> C:\WINDOWS\Tasks\SCHEDLGU.TXT -> [Ver = | Size = 32522 bytes | Modified Date = 21/02/2008 17.08.20 | Attr = ] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 276 bytes | Modified Date = 19/02/2008 20.47.02 | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 < Document and Settings folder & sub folders > scanning hidden files ... scan completed successfully hidden files: 0 < End of report > [/code]