My computer was infected with spyware after plugging into a university network. I followed the Antivirus and Malware Removal Guide. Everything seems to be working fine now; however, when I run Avast! full scan it still detects Win32 trojan-gen virus everytime. At the end of the scan, in the "actions taken" box, some of the infected files say "No action taken because the file is password protected". Thanks for the help; log files are below:
OTL Extras logfile created on: 24/10/2009 23.16.14 - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1022,02 Mb Total Physical Memory | 646,19 Mb Available Physical Memory | 63,23% Memory free
2,40 Gb Paging File | 2,22 Gb Available in Paging File | 92,38% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 111,78 Gb Total Space | 26,95 Gb Free Space | 24,11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVIDE
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Programmi\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Programmi\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Programmi\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Programmi\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programmi\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programmi\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Programmi\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programmi\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programmi\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programmi\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programmi\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programmi\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programmi\Winamp Remote\bin\Orb.exe" = C:\Programmi\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Programmi\Winamp Remote\bin\OrbTray.exe" = C:\Programmi\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Programmi\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Programmi\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programmi\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programmi\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programmi\Audiogalaxy Satellite\AGSatellite609.exe" = C:\Programmi\Audiogalaxy Satellite\AGSatellite609.exe:*:Disabled:AGSatellite609 -- ()
"C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programmi\File comuni\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programmi\File comuni\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programmi\File comuni\Nero\Nero Web\SetupX.exe" = C:\Programmi\File comuni\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"C:\Programmi\Nero\Nero8\Nero Home\NeroHome.exe" = C:\Programmi\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Programmi\FrostWire\FrostWire.exe" = C:\Programmi\FrostWire\FrostWire.exe:*:Enabled:LimeWire -- File not found
"C:\Programmi\Zapu\Zapu\wDivi.exe" = C:\Programmi\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control -- File not found
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programmi\KONAMI\Pro Evolution Soccer 2008\PES2008.exe" = C:\Programmi\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Programmi\DNA\btdna.exe" = C:\Programmi\DNA\btdna.exe:*:Enabled:DNA -- File not found
"C:\Programmi\BitTorrent\bittorrent.exe" = C:\Programmi\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- ()
"C:\Programmi\ViaVoice\Bin\audmig.exe" = C:\Programmi\ViaVoice\Bin\audmig.exe:*:Enabled:audmig -- (IBM Corporation)
"C:\Programmi\ViaVoice\Bin\engine.exe" = C:\Programmi\ViaVoice\Bin\engine.exe:*:Enabled:IBM ViaVoice ® Speech Recognition -- (IBM Corporation)
"C:\Documents and Settings\DOTT CAPONE\Impostazioni locali\Temp\_ISTMP1.DIR\_INS5576._MP" = C:\Documents and Settings\DOTT CAPONE\Impostazioni locali\Temp\_ISTMP1.DIR\_INS5576._MP:*:Enabled:InstallShield Engine -- File not found
"C:\Programmi\ViaVoice\Bin\macroeditor.exe" = C:\Programmi\ViaVoice\Bin\macroeditor.exe:*:Enabled:macroeditor -- (IBM Corporation)
"C:\Programmi\ViaVoice\Bin\speechbar.exe" = C:\Programmi\ViaVoice\Bin\speechbar.exe:*:Enabled:speechbar -- (IBM Corporation)
"C:\Programmi\ViaVoice\Bin\userwiz.exe" = C:\Programmi\ViaVoice\Bin\userwiz.exe:*:Enabled:userwiz -- (IBM Corporation)
"C:\Programmi\ViaVoice\Bin\smart.exe" = C:\Programmi\ViaVoice\Bin\smart.exe:*:Enabled:smart -- (IBM Corporation)
"C:\Programmi\ViaVoice\Bin\ewiz.exe" = C:\Programmi\ViaVoice\Bin\ewiz.exe:*:Enabled:ewiz -- (IBM Corporation)
"C:\Documents and Settings\DOTT CAPONE\Impostazioni locali\Temp\_ISTMP2.DIR\_INS5576._MP" = C:\Documents and Settings\DOTT CAPONE\Impostazioni locali\Temp\_ISTMP2.DIR\_INS5576._MP:*:Enabled:InstallShield Engine -- File not found
"C:\Programmi\iTunes\iTunes.exe" = C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\APPS\skype\phone\Skype.exe" = C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0C123C63-84FD-4D13-96E7-EEB5C11893F2}" = LEC Translate
"{0FC76B71-2534-4354-B255-3468578E3F47}" = Nokia PC Suite
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{23170F69-40C1-2701-0456-000001000000}" = 7-Zip 4.56
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 10
"{286EA5EB-C224-4B38-8E27-D349ED196838}" = Installazione Guidata Alice
"{2B06E7FD-C5A1-403E-B387-A8D4AA858F48}" = Nokia Software Updater
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2F7E5F47-40EC-403E-844C-0874E07F5358}" = RealSpeak Solo per l'Italiano, Silvia
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3E902618-8D1E-4323-B190-FAC1C703325F}" = ATI Catalyst Control Center
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4CFB3821-1582-4F3B-BF8D-30986923B36B}" = Nokia Multimedia Factory
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5E6EC4DD-7B1F-4E10-82B9-EA1B90791040}" = Nero 8 Demo
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.05
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Alice MOBILE
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9C68CD57-4E45-4230-A743-44D2CA9BF714}" = OpenOffice.org 2.4
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A9D65D46-3708-4F5B-9117-0199C7098D11}" = WanMiniport1st
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1034-4700-7760-000000000002}" = Adobe Acrobat 7.0 Professional - Español, Italiano, Português
"{AC76BA86-7AD7-1040-7B44-A70000000000}" = Adobe Reader 7.0 - Italiano
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C82185E8-C27B-4EF4-2007-3333BC2C2B6D}" = Microsoft AutoRoute 2007
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}" = Dragon NaturallySpeaking 9 Recorder Edition
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = HP Basic Starter Camera
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Pacchetto driver Windows - Nokia Modem (02/15/2007 3.1)
"24894EA20BE8E62AA4FC3DD3AA85785356B52BF5" = Pacchetto driver Windows - Nokia Modem (08/08/2007 3.3)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Pacchetto driver Windows - Nokia Modem (10/12/2007 3.6)
"7-Zip" = 7-Zip 4.56 beta
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Pacchetto driver Windows - Nokia Modem (08/03/2007 6.84.0.2)
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 7.0 Professional - Español, Italiano, Português" = Adobe Acrobat 7.0 Professional - Español, Italiano, Português
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Premiere 6.5" = Adobe Premiere 6.5
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AliceRE.MCCInstall" = Alice ti aiuta
"avast!" = avast! Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Pacchetto driver Windows - Nokia Modem (02/15/2007 3.1)
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Pacchetto driver Windows - Nokia Modem (03/05/2008 3.7)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Pacchetto driver Windows - Nokia Modem (05/24/2007 6.84.0.1)
"CSCLIB" = Canon Camera Support Core Library
"DeleteProdVVFW100Full_IT" = IBM ViaVoice Pro 10.0 - Italiano
"Dynamic Toolbar_is1" = Packard Bell Toolbar 1.0
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Pacchetto driver Windows - Nokia Modem (03/13/2008 6.86.0.1)
"eMule" = eMule
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"FaxTalk Communicator 4.5" = FaxTalk Communicator 4.5
"hp deskjet 840c series_Driver" = hp deskjet 840c series
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MUSTEK 1200 UB v2.1" = MUSTEK 1200 UB v2.1
"MVApplication1" = CD Stomper 32 bit
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Multimedia Factory{4CFB3821-1582-4F3B-BF8D-30986923B36B}" = Nokia Multimedia Factory
"Nokia PC Suite" = Nokia PC Suite
"PhotoStitch" = Canon Utilities PhotoStitch
"PROSet" = Intel® PRO Network Connections Drivers
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Tr@nslation Plus" = Tr@nslation Plus
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 23/10/2009 0.02.48 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.
Error - 23/10/2009 0.09.10 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.
Error - 23/10/2009 0.10.10 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.
Error - 23/10/2009 0.10.12 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.
Error - 24/10/2009 2.31.42 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.
Error - 24/10/2009 16.53.18 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.
Error - 24/10/2009 16.53.18 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.
Error - 24/10/2009 16.53.38 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().
Error - 24/10/2009 17.02.01 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.
Error - 24/10/2009 17.02.01 | Computer Name = DAVIDE | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.
[ System Events ]
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7001
Description = Il servizio Client DHCP dipende dal servizio NetBios su Tcpip che
non è stato avviato per il seguente errore: %%31
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7001
Description = Il servizio Client DNS dipende dal servizio Driver protocollo TCP/IP
che non è stato avviato per il seguente errore: %%31
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7001
Description = Il servizio Helper NetBIOS di TCP/IP dipende dal servizio AFD che
non è stato avviato per il seguente errore: %%31
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7001
Description = Il servizio Apple Mobile Device dipende dal servizio Driver protocollo
TCP/IP che non è stato avviato per il seguente errore: %%31
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7001
Description = Il servizio Servizi IPSEC dipende dal servizio Driver IPSEC che non
è stato avviato per il seguente errore: %%31
Error - 20/10/2009 13.24.09 | Computer Name = DAVIDE | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: Aavmker4
AFD
aswSP
aswTdi
Fips
intelppm
IPSec
kioport
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
Error - 20/10/2009 13.29.48 | Computer Name = DAVIDE | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1084" durante il tentativo di avviare
il servizio StiSvc con gli argomenti "" per eseguire il server {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 20/10/2009 13.51.26 | Computer Name = DAVIDE | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1084" durante il tentativo di avviare
il servizio netman con gli argomenti "" per eseguire il server {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 20/10/2009 14.26.32 | Computer Name = DAVIDE | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1084" durante il tentativo di avviare
il servizio StiSvc con gli argomenti "" per eseguire il server {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 20/10/2009 17.16.09 | Computer Name = DAVIDE | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1084" durante il tentativo di avviare
il servizio EventSystem con gli argomenti "" per eseguire il server {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
OTL logfile created on: 24/10/2009 23.16.14 - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1022,02 Mb Total Physical Memory | 646,19 Mb Available Physical Memory | 63,23% Memory free
2,40 Gb Paging File | 2,22 Gb Available in Paging File | 92,38% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 111,78 Gb Total Space | 26,95 Gb Free Space | 24,11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVIDE
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/22 23.34.01 | 00,781,656 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/08/27 07.18.44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Internet Explorer\iexplore.exe
PRC - [2009/02/06 12.10.02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2008/04/14 04.14.07 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/19 15.00.00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/09/15 12.56.43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/09/15 12.56.28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.54.13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.49.40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
SRV - [2008/11/30 19.58.22 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2008/09/16 12.38.35 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\onda_mon.exe -- (ONDA Autorun CDROM Monitor [Auto | Stopped])
SRV - [2008/07/29 21.10.04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19.24.50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19.16.38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11.17.02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11.16.40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/14 04.13.49 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/07 09.17.30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2008/03/30 10.36.30 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Programmi\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2007/11/12 18.46.06 | 00,069,632 | ---- | M] (Adobe Systems) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/11/07 14.25.04 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor [Auto | Stopped])
SRV - [2007/10/31 15.09.16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2007/09/20 16.35.38 | 00,382,248 | ---- | M] (Nero AG) -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007/09/20 10.51.46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Disabled | Stopped])
SRV - [2007/08/09 09.27.52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2007/01/31 15.55.42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Programmi\Canon\CAL\CALMAIN.exe -- (CCALib8 [Disabled | Stopped])
SRV - [2006/08/31 13.49.32 | 01,101,824 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Programmi\Power Translator 11\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server [Auto | Stopped])
SRV - [2006/01/10 22.48.54 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Disabled | Stopped])
SRV - [2005/05/11 14.52.00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Programmi\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Stopped])
SRV - [2005/05/11 14.50.34 | 00,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Stopped])
SRV - [2005/05/11 14.50.14 | 00,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Stopped])
SRV - [2005/01/07 12.01.52 | 00,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HIDSERVICE.exe -- (GenericHidService [Auto | Stopped])
SRV - [2004/10/22 03.24.18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/08/10 23.05.14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Stopped])
SRV - [2003/07/28 21.28.22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 00.25.00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Stopped])
SRV - [2003/04/18 18.06.26 | 00,008,192 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe -- (Network WanMiniport First Position [Auto | Stopped])
========== Modules (SafeList) ==========
MOD - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/14 04.11.47 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.microsoft...r=6&ar=msnhome"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}:1.9.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programmi\Real\RealPlayer\browserrecord [2008/02/07 17.56.53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2008/11/30 19.58.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/22 06.11.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}: C:\Documents and Settings\Lia\Impostazioni locali\Dati applicazioni\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559} [2009/10/23 08.52.17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2009/10/23 08.52.19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2009/10/23 08.51.44 | 00,000,000 | ---D | M]
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\staged-xpis
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/24 22.20.53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22.20.53 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\brwsrcmp.dll
[2009/08/24 22.20.53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Programmi\mozilla firefox\plugins\npnul32.dll
[2009/08/24 21.02.19 | 00,001,534 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 21.02.19 | 00,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2009/08/24 21.02.19 | 00,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2009/08/24 21.02.19 | 00,002,371 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\google.xml
[2009/08/24 21.02.19 | 00,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2009/08/24 21.02.19 | 00,000,649 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: (346438 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11904 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Programmi\Web Accelerator\components\NOWImaging.dll File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 11\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Programmi\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Axuwif] C:\WINDOWS\ovifavinaso.DLL ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [DNS7reminder] C:\Programmi\Nuance\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Motive SmartBridge] C:\Programmi\Alice ti aiuta\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe File not found
O4 - HKLM..\Run: [WLAN] C:\WINDOWS\System32\WLan.exe ()
O4 - HKCU..\Run: [MSMSGS] C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InstallHelper C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer] C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\InstallHelper.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1256278635343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.59.62.10 128.59.59.70
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/r) - File not found
O34 - HKLM BootExecute: (\??\G:) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/22 06.38.46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
[2009/10/23 15.42.26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2009/10/22 18.07.43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2009/10/24 04.37.34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Adobe
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 06.55.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\DivX
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Identities
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Macromedia
[2009/10/24 05.01.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Malwarebytes
[2009/10/22 18.07.43 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Real
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Symantec
[2009/10/22 18.07.43 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\{3248F0A6-6813-11D6-A77B-00B0D0150040}
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ApplicationHistory
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ATI
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\PowerCinema
[2009/10/20 04.54.53 | 00,000,000 | ---D | C] -- C:\Programmi\dxtmfp
[2009/10/24 23.06.52 | 00,000,000 | ---D | C] -- C:\Programmi\ERUNT
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Programmi\Lavasoft
[2009/10/24 23.08.33 | 00,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2009/10/23 08.31.38 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft CAPICOM 2.1.0.2
[2009/10/23 09.25.55 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft Silverlight
[2009/10/23 08.51.39 | 00,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2009/10/20 05.13.11 | 00,000,000 | ---D | C] -- C:\Programmi\MSBuild
[2009/10/20 05.12.56 | 00,000,000 | ---D | C] -- C:\Programmi\Reference Assemblies
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2009/10/24 23.10.51 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.35 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/24 23.08.33 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/24 23.08.00 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.05.35 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.18 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 05.00.11 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/23 08.02.37 | 00,000,000 | ---D | C] -- C:\desktopclean
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Musica
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Immagini
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Documenti\My Skype Pictures
[2009/10/22 16.58.58 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/20 05.13.18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/10/20 05.13.07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/10/20 05.12.12 | 00,000,000 | ---D | C] -- C:\cdb672957816aceec11fb2d9a367
[2009/10/20 05.11.55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/10/18 23.11.49 | 00,000,000 | ---D | C] -- C:\19208fa518f8172a0a9d
[2009/10/18 23.11.39 | 00,000,000 | ---D | C] -- C:\cebaf64651a8a8d9e2d74c16fb35ce
[2008/04/15 20.53.04 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/04/15 20.52.58 | 00,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
========== Files - Modified Within 14 Days ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.37 | 00,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.08.02 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.06.53 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/24 23.05.36 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.19 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 22.58.34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/24 08.04.20 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Garanzia estesa.job
[2009/10/24 06.41.24 | 00,002,319 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
[2009/10/24 06.35.12 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/24 06.20.47 | 00,346,438 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/24 06.03.12 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/24 05.56.47 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/24 05.45.23 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/24 05.45.22 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Tziruq.dat
[2009/10/24 05.14.32 | 01,107,216 | -H-- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/24 04.57.53 | 00,107,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/23 09.13.03 | 00,000,825 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/23 08.52.24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/23 08.48.02 | 00,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/22 16.57.49 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 07.32.25 | 00,002,934 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/22 06.54.17 | 00,346,562 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091023-063117.backup
[2009/10/22 06.21.05 | 01,066,822 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/22 06.21.05 | 00,493,144 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2009/10/22 06.21.05 | 00,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 06.21.05 | 00,085,626 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2009/10/22 06.21.05 | 00,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 06.13.07 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/20 19.18.38 | 00,000,145 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091022-065417.backup
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
========== Files - No Company Name ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.08.37 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.06.53 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 05.56.47 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/23 08.52.24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.52.21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/23 08.52.19 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Tziruq.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/22 18.07.46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dati applicazioni\desktop.ini
[2009/10/22 18.07.44 | 01,107,216 | -H-- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/22 18.07.44 | 00,107,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/22 18.07.44 | 00,000,141 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2009/10/22 17.33.30 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/22 17.00.22 | 00,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/22 16.57.49 | 00,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 06.07.03 | 01,090,181 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2008/05/11 03.00.33 | 00,162,304 | ---- | C] () -- C:\WINDOWS\ovifavinaso.dll
[2008/04/15 20.53.07 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/03/31 18.29.42 | 00,320,000 | ---- | C] () -- C:\WINDOWS\System32\roboex32.dll
[2008/03/30 20.39.16 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/03/10 20.26.13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Ui.INI
[2008/01/04 23.58.50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 23.56.24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/12/30 20.50.30 | 00,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/11/30 20.24.09 | 00,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007/11/23 22.20.32 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/11/20 11.13.38 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/11/17 10.32.24 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/11/17 10.07.42 | 00,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\hpzinstall.log
[2007/11/16 00.25.32 | 00,004,061 | ---- | C] () -- C:\WINDOWS\sonymap.ini
[2007/11/12 18.48.44 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\12kUBusd.dll
[2007/11/12 00.37.00 | 00,000,704 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/10 17.14.28 | 00,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/10 15.25.34 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/10 15.20.41 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007/11/10 15.20.16 | 00,000,604 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2007/11/10 15.13.25 | 00,007,585 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2007/11/10 15.05.22 | 00,000,534 | ---- | C] () -- C:\WINDOWS\System32\Wsetting.ini
[2007/11/10 15.04.43 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/03/29 23.00.40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006/03/06 11.41.02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2005/05/20 15.05.02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/09/03 13.11.59 | 00,000,825 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/03 12.45.41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
[2004/09/03 12.36.54 | 00,000,825 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/09/03 12.36.50 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/23 14.14.44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/04/01 12.49.16 | 00,005,360 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 04.00.02 | 00,003,267 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== LOP Check ==========
[2009/10/24 05.01.48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2007/11/10 15.11.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 15.42.26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni
[2009/10/22 16.58.11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2007/11/12 02.41.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
[2008/04/27 23.09.48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2007/11/15 23.09.02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrovision
[2008/04/24 21.20.04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Maxtor
[2008/05/17 14.56.14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Motive
[2008/02/05 22.08.21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MSScanAppDataDir
[2007/11/18 20.00.33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2009/08/09 09.16.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nuance
[2007/11/11 19.43.58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2004/09/03 13.13.42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SBSI
[2009/08/09 09.16.50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2008/02/08 16.10.54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2008/03/23 22.25.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ZoomBrowser
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/19 15.00.00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Garanzia estesa.job
[2007/11/18 00.50.11 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 2.job
[2007/11/24 20.50.13 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 3.job
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2001/05/24 12.59.30 | 00,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %systemroot%\system32\eventlog.dll >
[2008/04/14 04.13.39 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/14 04.13.49 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< %systemroot%\system32\drivers\iaStor.sys >
< %systemroot%\System32\drivers\nvstor.sys >
< %systemroot%\system32\drivers\atapi.sys >
[2008/04/13 20.40.30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< %systemroot%\system32\drivers\IdeChnDr.sys >
< End of report >
OTL logfile created on: 24/10/2009 23.16.14 - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1022,02 Mb Total Physical Memory | 646,19 Mb Available Physical Memory | 63,23% Memory free
2,40 Gb Paging File | 2,22 Gb Available in Paging File | 92,38% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 111,78 Gb Total Space | 26,95 Gb Free Space | 24,11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVIDE
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/22 23.34.01 | 00,781,656 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/08/27 07.18.44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Internet Explorer\iexplore.exe
PRC - [2009/02/06 12.10.02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2008/04/14 04.14.07 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/19 15.00.00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/09/15 12.56.43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/09/15 12.56.28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.54.13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.49.40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
SRV - [2008/11/30 19.58.22 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2008/09/16 12.38.35 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\onda_mon.exe -- (ONDA Autorun CDROM Monitor [Auto | Stopped])
SRV - [2008/07/29 21.10.04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19.24.50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19.16.38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11.17.02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11.16.40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/14 04.13.49 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/07 09.17.30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2008/03/30 10.36.30 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Programmi\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2007/11/12 18.46.06 | 00,069,632 | ---- | M] (Adobe Systems) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/11/07 14.25.04 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor [Auto | Stopped])
SRV - [2007/10/31 15.09.16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2007/09/20 16.35.38 | 00,382,248 | ---- | M] (Nero AG) -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007/09/20 10.51.46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Disabled | Stopped])
SRV - [2007/08/09 09.27.52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2007/01/31 15.55.42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Programmi\Canon\CAL\CALMAIN.exe -- (CCALib8 [Disabled | Stopped])
SRV - [2006/08/31 13.49.32 | 01,101,824 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Programmi\Power Translator 11\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server [Auto | Stopped])
SRV - [2006/01/10 22.48.54 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Disabled | Stopped])
SRV - [2005/05/11 14.52.00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Programmi\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Stopped])
SRV - [2005/05/11 14.50.34 | 00,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Stopped])
SRV - [2005/05/11 14.50.14 | 00,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Stopped])
SRV - [2005/01/07 12.01.52 | 00,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HIDSERVICE.exe -- (GenericHidService [Auto | Stopped])
SRV - [2004/10/22 03.24.18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/08/10 23.05.14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Stopped])
SRV - [2003/07/28 21.28.22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 00.25.00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Stopped])
SRV - [2003/04/18 18.06.26 | 00,008,192 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe -- (Network WanMiniport First Position [Auto | Stopped])
========== Modules (SafeList) ==========
MOD - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/14 04.11.47 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.microsoft...r=6&ar=msnhome"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}:1.9.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programmi\Real\RealPlayer\browserrecord [2008/02/07 17.56.53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2008/11/30 19.58.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/22 06.11.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}: C:\Documents and Settings\Lia\Impostazioni locali\Dati applicazioni\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559} [2009/10/23 08.52.17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2009/10/23 08.52.19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2009/10/23 08.51.44 | 00,000,000 | ---D | M]
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\staged-xpis
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/24 22.20.53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22.20.53 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\brwsrcmp.dll
[2009/08/24 22.20.53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Programmi\mozilla firefox\plugins\npnul32.dll
[2009/08/24 21.02.19 | 00,001,534 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 21.02.19 | 00,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2009/08/24 21.02.19 | 00,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2009/08/24 21.02.19 | 00,002,371 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\google.xml
[2009/08/24 21.02.19 | 00,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2009/08/24 21.02.19 | 00,000,649 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: (346438 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11904 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Programmi\Web Accelerator\components\NOWImaging.dll File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 11\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Programmi\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Axuwif] C:\WINDOWS\ovifavinaso.DLL ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [DNS7reminder] C:\Programmi\Nuance\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Motive SmartBridge] C:\Programmi\Alice ti aiuta\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe File not found
O4 - HKLM..\Run: [WLAN] C:\WINDOWS\System32\WLan.exe ()
O4 - HKCU..\Run: [MSMSGS] C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InstallHelper C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer] C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\InstallHelper.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1256278635343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.59.62.10 128.59.59.70
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/r) - File not found
O34 - HKLM BootExecute: (\??\G:) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/22 06.38.46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
[2009/10/23 15.42.26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2009/10/22 18.07.43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2009/10/24 04.37.34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Adobe
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 06.55.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\DivX
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Identities
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Macromedia
[2009/10/24 05.01.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Malwarebytes
[2009/10/22 18.07.43 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Real
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Symantec
[2009/10/22 18.07.43 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\{3248F0A6-6813-11D6-A77B-00B0D0150040}
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ApplicationHistory
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ATI
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\PowerCinema
[2009/10/20 04.54.53 | 00,000,000 | ---D | C] -- C:\Programmi\dxtmfp
[2009/10/24 23.06.52 | 00,000,000 | ---D | C] -- C:\Programmi\ERUNT
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Programmi\Lavasoft
[2009/10/24 23.08.33 | 00,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2009/10/23 08.31.38 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft CAPICOM 2.1.0.2
[2009/10/23 09.25.55 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft Silverlight
[2009/10/23 08.51.39 | 00,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2009/10/20 05.13.11 | 00,000,000 | ---D | C] -- C:\Programmi\MSBuild
[2009/10/20 05.12.56 | 00,000,000 | ---D | C] -- C:\Programmi\Reference Assemblies
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2009/10/24 23.10.51 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.35 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/24 23.08.33 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/24 23.08.00 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.05.35 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.18 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 05.00.11 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/23 08.02.37 | 00,000,000 | ---D | C] -- C:\desktopclean
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Musica
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Immagini
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Documenti\My Skype Pictures
[2009/10/22 16.58.58 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/20 05.13.18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/10/20 05.13.07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/10/20 05.12.12 | 00,000,000 | ---D | C] -- C:\cdb672957816aceec11fb2d9a367
[2009/10/20 05.11.55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/10/18 23.11.49 | 00,000,000 | ---D | C] -- C:\19208fa518f8172a0a9d
[2009/10/18 23.11.39 | 00,000,000 | ---D | C] -- C:\cebaf64651a8a8d9e2d74c16fb35ce
[2008/04/15 20.53.04 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/04/15 20.52.58 | 00,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
========== Files - Modified Within 14 Days ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.37 | 00,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.08.02 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.06.53 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/24 23.05.36 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.19 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 22.58.34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/24 08.04.20 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Garanzia estesa.job
[2009/10/24 06.41.24 | 00,002,319 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
[2009/10/24 06.35.12 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/24 06.20.47 | 00,346,438 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/24 06.03.12 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/24 05.56.47 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/24 05.45.23 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/24 05.45.22 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Tziruq.dat
[2009/10/24 05.14.32 | 01,107,216 | -H-- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/24 04.57.53 | 00,107,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/23 09.13.03 | 00,000,825 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/23 08.52.24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/23 08.48.02 | 00,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/22 16.57.49 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 07.32.25 | 00,002,934 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/22 06.54.17 | 00,346,562 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091023-063117.backup
[2009/10/22 06.21.05 | 01,066,822 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/22 06.21.05 | 00,493,144 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2009/10/22 06.21.05 | 00,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 06.21.05 | 00,085,626 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2009/10/22 06.21.05 | 00,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 06.13.07 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/20 19.18.38 | 00,000,145 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091022-065417.backup
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
========== Files - No Company Name ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.08.37 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.06.53 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 05.56.47 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/23 08.52.24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.52.21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/23 08.52.19 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Tziruq.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/22 18.07.46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dati applicazioni\desktop.ini
[2009/10/22 18.07.44 | 01,107,216 | -H-- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/22 18.07.44 | 00,107,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/22 18.07.44 | 00,000,141 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2009/10/22 17.33.30 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/22 17.00.22 | 00,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/22 16.57.49 | 00,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 06.07.03 | 01,090,181 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2008/05/11 03.00.33 | 00,162,304 | ---- | C] () -- C:\WINDOWS\ovifavinaso.dll
[2008/04/15 20.53.07 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/03/31 18.29.42 | 00,320,000 | ---- | C] () -- C:\WINDOWS\System32\roboex32.dll
[2008/03/30 20.39.16 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/03/10 20.26.13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Ui.INI
[2008/01/04 23.58.50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 23.56.24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/12/30 20.50.30 | 00,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/11/30 20.24.09 | 00,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007/11/23 22.20.32 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/11/20 11.13.38 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/11/17 10.32.24 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/11/17 10.07.42 | 00,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\hpzinstall.log
[2007/11/16 00.25.32 | 00,004,061 | ---- | C] () -- C:\WINDOWS\sonymap.ini
[2007/11/12 18.48.44 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\12kUBusd.dll
[2007/11/12 00.37.00 | 00,000,704 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/10 17.14.28 | 00,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/10 15.25.34 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/10 15.20.41 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007/11/10 15.20.16 | 00,000,604 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2007/11/10 15.13.25 | 00,007,585 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2007/11/10 15.05.22 | 00,000,534 | ---- | C] () -- C:\WINDOWS\System32\Wsetting.ini
[2007/11/10 15.04.43 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/03/29 23.00.40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006/03/06 11.41.02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2005/05/20 15.05.02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/09/03 13.11.59 | 00,000,825 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/03 12.45.41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
[2004/09/03 12.36.54 | 00,000,825 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/09/03 12.36.50 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/23 14.14.44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/04/01 12.49.16 | 00,005,360 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 04.00.02 | 00,003,267 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== LOP Check ==========
[2009/10/24 05.01.48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2007/11/10 15.11.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 15.42.26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni
[2009/10/22 16.58.11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2007/11/12 02.41.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
[2008/04/27 23.09.48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2007/11/15 23.09.02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrovision
[2008/04/24 21.20.04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Maxtor
[2008/05/17 14.56.14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Motive
[2008/02/05 22.08.21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MSScanAppDataDir
[2007/11/18 20.00.33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2009/08/09 09.16.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nuance
[2007/11/11 19.43.58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2004/09/03 13.13.42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SBSI
[2009/08/09 09.16.50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2008/02/08 16.10.54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2008/03/23 22.25.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ZoomBrowser
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/19 15.00.00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Garanzia estesa.job
[2007/11/18 00.50.11 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 2.job
[2007/11/24 20.50.13 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 3.job
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2001/05/24 12.59.30 | 00,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %systemroot%\system32\eventlog.dll >
[2008/04/14 04.13.39 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/14 04.13.49 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< %systemroot%\system32\drivers\iaStor.sys >
< %systemroot%\System32\drivers\nvstor.sys >
< %systemroot%\system32\drivers\atapi.sys >
[2008/04/13 20.40.30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< %systemroot%\system32\drivers\IdeChnDr.sys >
< End of report >
And latest log file of Malwarebytes scan, which is clean (a previous scan had detected files to remove which I did, but I no longer have that log file):
OTL logfile created on: 24/10/2009 23.16.14 - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1022,02 Mb Total Physical Memory | 646,19 Mb Available Physical Memory | 63,23% Memory free
2,40 Gb Paging File | 2,22 Gb Available in Paging File | 92,38% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 111,78 Gb Total Space | 26,95 Gb Free Space | 24,11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVIDE
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/22 23.34.01 | 00,781,656 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/08/27 07.18.44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Internet Explorer\iexplore.exe
PRC - [2009/02/06 12.10.02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2008/04/14 04.14.07 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/19 15.00.00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/10/22 23.34.01 | 01,170,768 | ---- | M] (Lavasoft) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/09/15 12.56.43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/09/15 12.56.28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.54.13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2009/09/15 12.49.40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
SRV - [2008/11/30 19.58.22 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2008/09/16 12.38.35 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\onda_mon.exe -- (ONDA Autorun CDROM Monitor [Auto | Stopped])
SRV - [2008/07/29 21.10.04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19.24.50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19.16.38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11.17.02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11.16.40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/14 04.13.49 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/07 09.17.30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2008/03/30 10.36.30 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Programmi\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2007/11/12 18.46.06 | 00,069,632 | ---- | M] (Adobe Systems) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/11/07 14.25.04 | 00,086,016 | R--- | M] () -- C:\WINDOWS\System32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor [Auto | Stopped])
SRV - [2007/10/31 15.09.16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2007/09/20 16.35.38 | 00,382,248 | ---- | M] (Nero AG) -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007/09/20 10.51.46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Disabled | Stopped])
SRV - [2007/08/09 09.27.52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2007/01/31 15.55.42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Programmi\Canon\CAL\CALMAIN.exe -- (CCALib8 [Disabled | Stopped])
SRV - [2006/08/31 13.49.32 | 01,101,824 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Programmi\Power Translator 11\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server [Auto | Stopped])
SRV - [2006/01/10 22.48.54 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Disabled | Stopped])
SRV - [2005/05/11 14.52.00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Programmi\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Stopped])
SRV - [2005/05/11 14.50.34 | 00,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Stopped])
SRV - [2005/05/11 14.50.14 | 00,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Stopped])
SRV - [2005/01/07 12.01.52 | 00,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HIDSERVICE.exe -- (GenericHidService [Auto | Stopped])
SRV - [2004/10/22 03.24.18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/08/10 23.05.14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Stopped])
SRV - [2003/07/28 21.28.22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 00.25.00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Stopped])
SRV - [2003/04/18 18.06.26 | 00,008,192 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe -- (Network WanMiniport First Position [Auto | Stopped])
========== Modules (SafeList) ==========
MOD - [2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/14 04.11.47 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.microsoft...r=6&ar=msnhome"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}:1.9.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programmi\Real\RealPlayer\browserrecord [2008/02/07 17.56.53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2008/11/30 19.58.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/22 06.11.26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559}: C:\Documents and Settings\Lia\Impostazioni locali\Dati applicazioni\{F1206DF8-CB3C-416F-84A5-6BC5DDAE3559} [2009/10/23 08.52.17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2009/10/23 08.52.19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2009/10/23 08.51.44 | 00,000,000 | ---D | M]
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions
[2009/10/24 04.36.15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 04.36.31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\Firefox\Profiles\0pef0l13.default\extensions\staged-xpis
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions
[2009/10/23 08.51.44 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/24 22.20.53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22.20.53 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\brwsrcmp.dll
[2009/08/24 22.20.53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Programmi\mozilla firefox\plugins\npnul32.dll
[2009/08/24 21.02.19 | 00,001,534 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 21.02.19 | 00,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2009/08/24 21.02.19 | 00,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2009/08/24 21.02.19 | 00,002,371 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\google.xml
[2009/08/24 21.02.19 | 00,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2009/08/24 21.02.19 | 00,000,649 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: (346438 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11904 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Programmi\Web Accelerator\components\NOWImaging.dll File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 11\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Programmi\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Axuwif] C:\WINDOWS\ovifavinaso.DLL ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [DNS7reminder] C:\Programmi\Nuance\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Motive SmartBridge] C:\Programmi\Alice ti aiuta\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe File not found
O4 - HKLM..\Run: [WLAN] C:\WINDOWS\System32\WLan.exe ()
O4 - HKCU..\Run: [MSMSGS] C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InstallHelper C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer] C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\InstallHelper.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk = C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1256278635343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.59.62.10 128.59.59.70
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/r) - File not found
O34 - HKLM BootExecute: (\??\G:) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/10/22 06.38.46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
[2009/10/23 15.42.26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2009/10/22 18.07.43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2009/10/24 04.37.34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Adobe
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 06.55.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\DivX
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Identities
[2009/10/22 18.07.44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Macromedia
[2009/10/24 05.01.48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Malwarebytes
[2009/10/22 18.07.43 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Real
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Symantec
[2009/10/22 18.07.43 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\{3248F0A6-6813-11D6-A77B-00B0D0150040}
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ApplicationHistory
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ATI
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft
[2009/10/24 04.35.58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\PowerCinema
[2009/10/20 04.54.53 | 00,000,000 | ---D | C] -- C:\Programmi\dxtmfp
[2009/10/24 23.06.52 | 00,000,000 | ---D | C] -- C:\Programmi\ERUNT
[2009/10/22 16.56.49 | 00,000,000 | ---D | C] -- C:\Programmi\Lavasoft
[2009/10/24 23.08.33 | 00,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2009/10/23 08.31.38 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft CAPICOM 2.1.0.2
[2009/10/23 09.25.55 | 00,000,000 | ---D | C] -- C:\Programmi\Microsoft Silverlight
[2009/10/23 08.51.39 | 00,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2009/10/20 05.13.11 | 00,000,000 | ---D | C] -- C:\Programmi\MSBuild
[2009/10/20 05.12.56 | 00,000,000 | ---D | C] -- C:\Programmi\Reference Assemblies
[2009/10/22 06.33.11 | 00,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2009/10/24 23.10.51 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.35 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/24 23.08.33 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/24 23.08.00 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.05.35 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.18 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 05.00.11 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/23 08.02.37 | 00,000,000 | ---D | C] -- C:\desktopclean
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Musica
[2009/10/22 18.07.43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Documenti\Immagini
[2009/10/22 18.07.43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Documenti\My Skype Pictures
[2009/10/22 16.58.58 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/20 05.13.18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/10/20 05.13.07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/10/20 05.12.12 | 00,000,000 | ---D | C] -- C:\cdb672957816aceec11fb2d9a367
[2009/10/20 05.11.55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/10/18 23.11.49 | 00,000,000 | ---D | C] -- C:\19208fa518f8172a0a9d
[2009/10/18 23.11.39 | 00,000,000 | ---D | C] -- C:\cebaf64651a8a8d9e2d74c16fb35ce
[2008/04/15 20.53.04 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/04/15 20.52.58 | 00,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008/04/15 20.52.58 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
========== Files - Modified Within 14 Days ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.10.52 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/10/24 23.09.25 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/10/24 23.08.37 | 00,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.08.02 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/10/24 23.06.53 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/24 23.05.36 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/10/24 23.05.28 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/10/24 23.05.19 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/10/24 22.58.34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/24 08.04.20 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Garanzia estesa.job
[2009/10/24 06.41.24 | 00,002,319 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
[2009/10/24 06.35.12 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/24 06.20.47 | 00,346,438 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/24 06.03.12 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/24 05.56.47 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/24 05.45.23 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/24 05.45.22 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Tziruq.dat
[2009/10/24 05.14.32 | 01,107,216 | -H-- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/24 04.57.53 | 00,107,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/23 09.13.03 | 00,000,825 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/23 08.52.24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/23 08.48.02 | 00,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/22 16.57.49 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 07.32.25 | 00,002,934 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/22 06.54.17 | 00,346,562 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091023-063117.backup
[2009/10/22 06.21.05 | 01,066,822 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/22 06.21.05 | 00,493,144 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2009/10/22 06.21.05 | 00,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 06.21.05 | 00,085,626 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2009/10/22 06.21.05 | 00,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 06.13.07 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/20 19.18.38 | 00,000,145 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091022-065417.backup
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
========== Files - No Company Name ==========
[2009/10/24 23.14.11 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/10/24 23.08.37 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 23.06.53 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/10/24 23.06.53 | 00,000,575 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/10/24 05.56.47 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/23 08.52.24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/23 08.52.21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Mmajuburuyaxub.bin
[2009/10/23 08.52.19 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Tziruq.dat
[2009/10/23 08.51.52 | 00,001,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/22 18.07.46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dati applicazioni\desktop.ini
[2009/10/22 18.07.44 | 01,107,216 | -H-- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\IconCache.db
[2009/10/22 18.07.44 | 00,107,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
[2009/10/22 18.07.44 | 00,000,141 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2009/10/22 17.33.30 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/22 17.00.22 | 00,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/22 16.57.49 | 00,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/10/22 06.07.03 | 01,090,181 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2008/05/11 03.00.33 | 00,162,304 | ---- | C] () -- C:\WINDOWS\ovifavinaso.dll
[2008/04/15 20.53.07 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/03/31 18.29.42 | 00,320,000 | ---- | C] () -- C:\WINDOWS\System32\roboex32.dll
[2008/03/30 20.39.16 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/03/10 20.26.13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Ui.INI
[2008/01/04 23.58.50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 23.57.22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 23.56.24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/12/30 20.50.30 | 00,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/11/30 20.24.09 | 00,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007/11/23 22.20.32 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/11/20 11.13.38 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/11/17 10.32.24 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/11/17 10.07.42 | 00,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\hpzinstall.log
[2007/11/16 00.25.32 | 00,004,061 | ---- | C] () -- C:\WINDOWS\sonymap.ini
[2007/11/12 18.48.44 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\12kUBusd.dll
[2007/11/12 00.37.00 | 00,000,704 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/10 17.14.28 | 00,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/10 15.25.34 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/10 15.20.41 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007/11/10 15.20.16 | 00,000,604 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2007/11/10 15.13.25 | 00,007,585 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2007/11/10 15.05.22 | 00,000,534 | ---- | C] () -- C:\WINDOWS\System32\Wsetting.ini
[2007/11/10 15.04.43 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/03/29 23.00.40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006/03/06 11.41.02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2005/05/20 15.05.02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 14.26.40 | 00,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/09/03 13.11.59 | 00,000,825 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/03 12.45.41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
[2004/09/03 12.36.54 | 00,000,825 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/09/03 12.36.50 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/23 14.14.44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/04/01 12.49.16 | 00,005,360 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 04.00.02 | 00,003,267 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== LOP Check ==========
[2009/10/24 05.01.48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni
[2007/11/10 15.11.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\ATI
[2009/10/23 15.42.26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni
[2009/10/22 16.58.11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2007/11/12 02.41.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
[2008/04/27 23.09.48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2007/11/15 23.09.02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrovision
[2008/04/24 21.20.04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Maxtor
[2008/05/17 14.56.14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Motive
[2008/02/05 22.08.21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MSScanAppDataDir
[2007/11/18 20.00.33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2009/08/09 09.16.10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nuance
[2007/11/11 19.43.58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2004/09/03 13.13.42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SBSI
[2009/08/09 09.16.50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2008/02/08 16.10.54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2008/03/23 22.25.59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ZoomBrowser
[2009/10/24 23.06.09 | 00,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/10/20 14.37.00 | 00,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/19 15.00.00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/24 08.00.00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Garanzia estesa.job
[2007/11/18 00.50.11 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 2.job
[2007/11/24 20.50.13 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Promemoria registrazione 3.job
[2009/10/24 08.04.31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2001/05/24 12.59.30 | 00,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %systemroot%\system32\eventlog.dll >
[2008/04/14 04.13.39 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/14 04.13.49 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< %systemroot%\system32\drivers\iaStor.sys >
< %systemroot%\System32\drivers\nvstor.sys >
< %systemroot%\system32\drivers\atapi.sys >
[2008/04/13 20.40.30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< %systemroot%\system32\drivers\IdeChnDr.sys >
< End of report >
Sign In
Create Account
