Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

after virus removal can start normal not safe mode


  • Please log in to reply

#1
Fulvio65

Fulvio65

    New Member

  • Member
  • Pip
  • 1 posts
Hello,

I thought I've successfully removed "guardia di finanza virus",
Now the computer can start in normal mode but not in safe mode.
In safe mode F8, an error screen appears for a short time,
then the system is rebooted.

Thanks

OTL logfile created on: 26/02/2012 11:58:28 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\amministratore\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 63.50% Memory free
4.84 Gb Paging File | 3.52 Gb Available in Paging File | 72.65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 71.82 Gb Total Space | 11.87 Gb Free Space | 16.53% Space Free | Partition Type: FAT32
Drive D: | 72.30 Gb Total Space | 11.51 Gb Free Space | 15.91% Space Free | Partition Type: FAT32

Computer Name: ACER-7FF3BD7BD4 | User Name: amministratore | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\amministratore\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\amministratore\Impostazioni locali\temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programmi\File comuni\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Programmi\File comuni\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe (SIEMENS AG)
PRC - C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
PRC - C:\Programmi\Siemens\SIMATIC.NET\SimNetCom\pniopcac.exe (SIEMENS AG)
PRC - C:\Programmi\File comuni\Siemens\SWS\ALMSRV\almsrvx.exe (SIEMENS AG)
PRC - C:\Programmi\File comuni\Siemens\SimNetCom\pniomgr.exe (SIEMENS AG)
PRC - C:\Programmi\Siemens\Step7\S7BIN\s7asysvx.exe (SIEMENS AG)
PRC - C:\Programmi\File comuni\Rockwell\RsvcHost.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\RnaDirServer.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\RNADirMultiplexor.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe (Rockwell Automation Inc.)
PRC - C:\Programmi\File comuni\Rockwell\RdcyHost.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\NmspHost.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\EventServer.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\File comuni\Rockwell\EventClientMultiplexer.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\Rockwell Automation\Rockwell Automation USBCIP Driver Package\UsbCipHelper\UsbCipHelper.exe (Rockwell Automation, Inc.)
PRC - C:\Programmi\Rockwell Software\RSCOMMON\RSOBSERV.EXE (Rockwell Automation, Inc.)
PRC - C:\Programmi\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programmi\SonicWALL\SSL-VPN\NetExtender\NEService.exe (SonicWALL Inc.)
PRC - C:\Programmi\SonicWALL\SSL-VPN\NetExtender\NEGui.exe (SonicWALL Inc.)
PRC - C:\Programmi\File comuni\Siemens\S7UBTOOX\S7ubTstx.exe (SIEMENS AG)
PRC - C:\Programmi\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe (SIEMENS AG)
PRC - C:\WINDOWS\system32\UsbConsole.exe (Schneider Automation)
PRC - C:\Programmi\Schneider Electric\Vijeo-Designer\Vijeo-Frame\XBTZG935\XBTZG935svr.exe (INDE Electronics, Inc.)
PRC - C:\Programmi\File comuni\Siemens\ALMPanelPlugin\ALMPanelPlugin.exe (Siemens AG)
PRC - C:\WINDOWS\system32\NA_Service.exe (Schneider Automation SAS)
PRC - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\WINDOWS\system32\Crypserv.exe (CrypKey (Canada) Ltd.)
PRC - C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\WINDOWS\system32\UsbConnect.exe (Schneider Automation)
PRC - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\ModbusDrv.exe (Schneider Automation)
PRC - C:\Programmi\File comuni\Siemens\SQLANY\dbsrv9.exe (iAnywhere Solutions, Inc.)
PRC - C:\WINDOWS\system32\NA_XWAY.exe (Schneider Electric)
PRC - C:\Programmi\File comuni\ArchestrA\aaLogger.exe (Invensys Systems, Inc.)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
PRC - C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programmi\File comuni\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)
PRC - c:\Programmi\Infineon\Security Platform Software\SpTNA.exe (Infineon Technologies AG)
PRC - c:\Programmi\Infineon\Security Platform Software\PSDrt.exe (Infineon Technologies AG)
PRC - C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - c:\Programmi\Infineon\Security Platform Software\PSDsrvc.EXE (Infineon Technologies AG)
PRC - C:\WINDOWS\system32\o2flash.exe ()
PRC - C:\WINDOWS\system32\PAStiSvc.exe ()
PRC - C:\Programmi\File comuni\ArchestrA\slssvc.exe (Invensys Systems, Inc.)
PRC - C:\Programmi\File comuni\ArchestrA\NTServApp.exe (Wonderware Corporation)
PRC - C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Programmi\Rockwell Software\RSLINX\RSLINX.EXE (Rockwell Software, Inc.)
PRC - C:\Programmi\File comuni\OPC Foundation\OPCENUM.EXE ()


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_fa7ba814\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_726bee3e\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1f65eecd\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_25c3b08c\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_64645eb0\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Programmi\Yahoo!\Messenger\yui.dll ()
MOD - C:\WINDOWS\system32\sn_regbase.dll ()
MOD - C:\Programmi\File comuni\Rockwell\FTDiagnosticsODBCEnu.dll ()
MOD - C:\Programmi\Rockwell Automation\Rockwell Automation USBCIP Driver Package\UsbCipHelper\rausbciplib.dll ()
MOD - C:\Programmi\File comuni\Siemens\SWS\PLUGINS\SCP\scpwin32.dll ()
MOD - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe ()
MOD - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcnet.dll ()
MOD - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sqlite3.dll ()
MOD - C:\Programmi\Siemens\S7-200 Explorer\bin\WindowsShell.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_it_b77a5c561934e089\system.windows.forms.resources.dll ()
MOD - c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_it_b03f5f7f11d50a3a\system.serviceprocess.resources.dll ()
MOD - C:\Programmi\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Programmi\Intel\Wireless\Bin\Libeay32.dll ()
MOD - C:\Programmi\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\Programmi\Intel\Wireless\Bin\IntStngs.dll ()
MOD - C:\WINDOWS\system32\o2flash.exe ()
MOD - C:\WINDOWS\system32\PAStiSvc.exe ()
MOD - C:\WINDOWS\system32\tsd32.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
MOD - C:\Programmi\File comuni\OPC Foundation\OPCENUM.EXE ()


========== Win32 Services (SafeList) ==========

SRV - (Microsoft Windows VHP Control) -- File not found
SRV - (U7Service) -- C:\Programmi\Siemens\Step7\S7bin\u7csvrax.exe (SIEMENS AG)
SRV - (S7TraceServiceX) -- C:\Programmi\File comuni\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe (SIEMENS AG)
SRV - (s7oiehsx) -- C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
SRV - (almservice) -- C:\Programmi\File comuni\Siemens\sws\almsrv\almsrvx.exe (SIEMENS AG)
SRV - (s7asysvx) -- C:\Programmi\Siemens\Step7\S7BIN\s7asysvx.exe (SIEMENS AG)
SRV - (RsvcHost) -- C:\Programmi\File comuni\Rockwell\RsvcHost.exe (Rockwell Automation, Inc.)
SRV - (RNADirectory) -- C:\Programmi\File comuni\Rockwell\RnaDirServer.exe (Rockwell Automation, Inc.)
SRV - (RNADirMultiplexor) -- C:\Programmi\File comuni\Rockwell\RNADirMultiplexor.exe (Rockwell Automation, Inc.)
SRV - (RNADiagReceiver) -- C:\Programmi\File comuni\Rockwell\RNADiagReceiver.exe (Rockwell Automation, Inc.)
SRV - (RNADiagnosticsService) -- C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe (Rockwell Automation Inc.)
SRV - (RdcyHost) -- C:\Programmi\File comuni\Rockwell\RdcyHost.exe (Rockwell Automation, Inc.)
SRV - (NmspHost) -- C:\Programmi\File comuni\Rockwell\NmspHost.exe (Rockwell Automation, Inc.)
SRV - (EventServer) -- C:\Programmi\File comuni\Rockwell\EventServer.exe (Rockwell Automation, Inc.)
SRV - (EventClientMultiplexer) -- C:\Programmi\File comuni\Rockwell\EventClientMultiplexer.exe (Rockwell Automation, Inc.)
SRV - (Harmony) -- C:\Programmi\Rockwell Software\RSCommon\RSOBSERV.EXE (Rockwell Automation, Inc.)
SRV - (SONICWALL_NetExtender) -- C:\Programmi\SonicWALL\SSL-VPN\NetExtender\NEService.exe (SonicWALL Inc.)
SRV - (XBTZG935 USB Link Cable) -- C:\Programmi\Schneider Electric\Vijeo-Designer\Vijeo-Frame\XBTZG935\XBTZG935svr.exe (INDE Electronics, Inc.)
SRV - (NA_Service) -- C:\WINDOWS\system32\NA_Service.exe (Schneider Automation SAS)
SRV - (Symantec Core LC) -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (CrypKey (Canada) Ltd.)
SRV - (UsbConnect) -- C:\WINDOWS\system32\UsbConnect.exe (Schneider Automation)
SRV - (AntiVirScheduler) -- C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (aaLogger) -- C:\Programmi\File comuni\ArchestrA\aaLogger.exe (Invensys Systems, Inc.)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
SRV - (LightScribeService) -- C:\Programmi\File comuni\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (WinVNC4) -- C:\Programmi\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)
SRV - (PersonalSecureDriveService) -- c:\Programmi\Infineon\Security Platform Software\PSDsrvc.EXE (Infineon Technologies AG)
SRV - (IDriverT) -- C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (O2Flash) -- C:\WINDOWS\system32\o2flash.exe ()
SRV - (STI Simulator) -- C:\WINDOWS\system32\PAStiSvc.exe ()
SRV - (WWNetDDE) -- C:\Programmi\File comuni\ArchestrA\wwnetdde.exe (Invensys Systems, Inc.)
SRV - (DASSIDirect) -- C:\Programmi\Wonderware\DAServer\DASSIDirect\Bin\DASSIDirect.exe (Invensys Systems, Inc.)
SRV - (slssvc) -- C:\Programmi\File comuni\ArchestrA\slssvc.exe (Invensys Systems, Inc.)
SRV - (FS Service Control) -- C:\Programmi\File comuni\ArchestrA\NTServApp.exe (Wonderware Corporation)
SRV - (MDM) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (RSLinx) -- C:\Programmi\Rockwell Software\RSLINX\RSLINX.EXE (Rockwell Software, Inc.)
SRV - (dnWhoDisp) -- C:\Programmi\Rockwell Software\RSLINX\dnwhodisp.exe ()
SRV - (OpcEnum) -- C:\Programmi\File comuni\OPC Foundation\OPCENUM.EXE ()


========== Driver Services (SafeList) ==========

DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (Haspnt) -- C:\WINDOWS\system32\drivers\Haspnt.sys (Aladdin Knowledge Systems)
DRV - (s7ousbu32x) -- C:\WINDOWS\system32\drivers\s7ousbu32x.sys (SIEMENS AG)
DRV - (s7otsadx) -- C:\WINDOWS\System32\Drivers\s7otsadx.sys (SIEMENS AG)
DRV - (s7otranx) -- C:\WINDOWS\System32\Drivers\s7otranx.sys (SIEMENS AG)
DRV - (S7OTMCDX) -- C:\WINDOWS\System32\Drivers\s7otmcdx.sys (SIEMENS AG)
DRV - (s7osmcax) -- C:\WINDOWS\System32\Drivers\s7osmcax.sys (SIEMENS AG)
DRV - (s7oppinx) -- C:\WINDOWS\System32\Drivers\s7oppinx.sys (SIEMENS AG)
DRV - (s7odpx2x) -- C:\WINDOWS\System32\Drivers\S7odpx2x.sys (SIEMENS AG)
DRV - (S7o5512x) -- C:\WINDOWS\system32\drivers\S7o5512x.sys (SIEMENS AG)
DRV - (s7sn2srtx) -- C:\WINDOWS\system32\drivers\s7sn2srtx.sys (SIEMENS AG)
DRV - (SNTIE) SIMATIC Industrial Ethernet (ISO) -- C:\WINDOWS\system32\drivers\SNTIE.SYS (SIEMENS AG)
DRV - (S7opcsrtx) PROFINET IO RT-Protocol (LLDP) -- C:\WINDOWS\system32\drivers\s7opcsrtx.sys (SIEMENS AG)
DRV - (NxDrv) -- C:\WINDOWS\system32\drivers\NxDrv.sys (SonicWALL Inc.)
DRV - (onda_dc_enum) -- C:\WINDOWS\system32\drivers\onda_dc_enum.sys (ONDA)
DRV - (onda_cdc_acm) -- C:\WINDOWS\system32\drivers\onda_cdc_acm.sys (ONDA)
DRV - (onda_cpo) -- C:\WINDOWS\system32\drivers\onda_cpo.sys (ONDA)
DRV - (dpmconv) -- C:\WINDOWS\System32\Drivers\dpmconv.sys (SIEMENS AG)
DRV - (fwkbdrtm) -- C:\WINDOWS\System32\drivers\fwkbdrtm.sys (Siemens AG)
DRV - (Dpmtrcdd) -- C:\WINDOWS\system32\drivers\dpmtrcdd.sys (SIEMENS AG)
DRV - (NetworkX) -- C:\WINDOWS\system32\ckldrv.sys ()
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (DriverX) -- C:\WINDOWS\System32\Drivers\driverx.sys (Microsoft Corporation)
DRV - (vsnl2ada) -- C:\WINDOWS\System32\Drivers\vsnl2ada.sys (SIEMENS AG)
DRV - (eugss) -- C:\WINDOWS\system32\drivers\eugssxp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (eusk2par) -- C:\WINDOWS\system32\drivers\eusk2par.sys (Aladdin Knowledge Systems Ltd.)
DRV - (v2imount) -- C:\WINDOWS\system32\drivers\v2imount.sys (Symantec Corporation)
DRV - (tap0801) -- C:\WINDOWS\system32\drivers\tap0801.sys (The OpenVPN Project)
DRV - (symsnap) -- C:\WINDOWS\system32\DRIVERS\symsnap.sys (StorageCraft)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (SASKUTIL) -- C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS ()
DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (SASDIFSV) -- C:\Programmi\SUPERAntiSpyware\sasdifsv.sys ()
DRV - (PROFIstack) PROFIBUS V6 Hardware Driver (Softing) -- C:\WINDOWS\System32\drivers\PROFIstack.sys (Softing AG)
DRV - (PROFIbrd) PROFIBUS V5 Hardware Driver (Softing) -- C:\WINDOWS\System32\drivers\PROFIbrd.sys (Softing AG)
DRV - (PROFIusb) PROFIusb Device Driver (Softing AG) -- C:\WINDOWS\System32\drivers\PROFIusb.sys (Softing AG)
DRV - (PROFIprt) PROFIBUS Protocol Driver (Softing) -- C:\WINDOWS\System32\drivers\PROFIprt.sys (Softing AG)
DRV - (PROFIpnp) PROFIBUS PnP Hardware Driver (Softing) -- C:\WINDOWS\System32\drivers\PROFIpnp.sys (Softing AG)
DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys ()
DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (lv321av) Logitech USB PC Camera (VC0321) -- C:\WINDOWS\system32\drivers\lv321av.sys (Logitech)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w39n51) Intel® -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMSC)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WIBUKEY) -- C:\WINDOWS\system32\drivers\WibuKey.sys (WIBU-SYSTEMS AG)
DRV - (Duntlw) -- C:\WINDOWS\system32\drivers\DuntlwNT.sys (Schneider Automation)
DRV - (O2SDRDR) -- C:\WINDOWS\system32\DRIVERS\o2sd.sys (O2Micro )
DRV - (O2MDRDR) -- C:\WINDOWS\system32\DRIVERS\o2media.sys (O2Micro )
DRV - (SASENUM) -- C:\Programmi\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (PersonalSecureDrive) -- C:\WINDOWS\System32\drivers\psd.sys (Infineon Technologies AG)
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (PAC7311) -- C:\WINDOWS\system32\drivers\PA707UCM.SYS (PixArt Imaging Inc.)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (Net6IM) -- C:\WINDOWS\system32\drivers\net6im51.sys (Net6, Inc.)
DRV - (dpmcslv) -- C:\WINDOWS\System32\drivers\dpmcslv.sys (Siemens AG)
DRV - (slabser) -- C:\WINDOWS\system32\drivers\slabser.sys (MCCI)
DRV - (slabbus) FXA195 USB HART Modem device driver (WDM) -- C:\WINDOWS\system32\drivers\slabbus.sys (MCCI)
DRV - (EpmShd) -- C:\WINDOWS\system32\drivers\epm-shd.sys (Acer Value Labs, USA)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (USBDLC) -- C:\WINDOWS\system32\drivers\usbdlc.sys (Digital Electronics Corporation)
DRV - (O2SCBUS) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (EpmPsd) -- C:\WINDOWS\system32\drivers\epm-psd.sys (Acer Value Labs, USA)
DRV - (S5MCD) -- C:\WINDOWS\System32\drivers\S5MCD.SYS (SIEMENS AG)
DRV - (S5AS511) -- C:\WINDOWS\System32\drivers\S5AS511.SYS ()
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (VirtualBackplane) -- C:\WINDOWS\System32\Drivers\VirtualBackplane.sys (Rockwell Automation)
DRV - (RSSERIAL) -- C:\WINDOWS\SYSTEM32\RSSERIAL.SYS (Rockwell Software Inc.)
DRV - (RsiKtControl) -- C:\WINDOWS\system32\RSIKT.SYS (Rockwell Software, Inc.)
DRV - (RS_SS_NT) -- C:\WINDOWS\SYSTEM32\RS_SS_NT.SYS (Rockwell Software, Inc.)
DRV - (ABKTCX) Rockwell Software 1784-KTC(X) -- C:\WINDOWS\System32\Drivers\ABKTCX.sys (Rockwell Software Inc.)
DRV - (s7oefs_x) -- C:\WINDOWS\System32\drivers\s7oefs_x.sys (SIEMENS AG)
DRV - (PcmkWdm) -- C:\WINDOWS\system32\drivers\PcmkWdm.sys (Rockwell Software, Inc.)
DRV - (Sntnlusb) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 170.205.2.200:80

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programmi\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programmi\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programmi\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\amministratore\Impostazioni locali\Dati applicazioni\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/19 13:18:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2009/01/13 19:55:40 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/02/26 10:56:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Supporto di collegamento per Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programmi\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar con blocco Pop-Up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Indirizzo) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (&Indirizzo) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Co&llegamenti) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programmi\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Programmi\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CX-One Upgrade Utility] C:\Programmi\OMRON\CX-One\Upgrade Utility\AutoUpdate.exe ()
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [S7UB Start] C:\Programmi\File comuni\Siemens\S7ubtoox\s7ubtstx.exe (SIEMENS AG)
O4 - HKLM..\Run: [SearchSettings] C:\Programmi\File comuni\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SonicWALLNetExtender] C:\Programmi\SonicWALL\SSL-VPN\NetExtender\NEGui.exe (SonicWALL Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UsbCipHelper] C:\Programmi\Rockwell Automation\Rockwell Automation USBCIP Driver Package\UsbCipHelper\UsbCipHelper.exe (Rockwell Automation, Inc.)
O4 - HKLM..\Run: [WinCC flexible Smart Start] C:\Programmi\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe (SIEMENS AG)
O4 - HKLM..\Run: [YSearchProtection] C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programmi\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk = C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Invia a periferica &Bluetooth... - c:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programmi\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6EEFD7B1-B26C-440D-B55A-1EC677189F30} https://sslgw01.groupmt.com/NELX.cab (NELaunchCtrl Class)
O16 - DPF: {7E0FDFBB-87D4-43A1-9AD4-41F0EA8AFF7B} https://portal.aimt-.../net6helper.cab (Net6Launcher Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D092A87D-C688-4F8E-BAA6-48FEDA285A5E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBF1D805-FCE7-495C-A108-574AFB660285}: NameServer = 83.103.25.250,62.101.93.101
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programmi\SUPERAntiSpyware\SASWINLO.dll) - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Precaricatore Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon di cache delle categorie di componenti - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/05 13:51:12 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/26 11:56:38 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\amministratore\Desktop\OTL.exe
[2012/02/26 10:29:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/26 10:29:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/26 10:29:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/26 10:27:56 | 004,420,481 | R--- | C] (Swearware) -- C:\Documents and Settings\amministratore\Desktop\ComboFix.exe
[2012/02/26 10:11:46 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\amministratore\Desktop\spybotsd162.exe
[2012/02/26 09:06:14 | 000,000,000 | ---D | C] -- C:\FOUND.005
[2012/02/24 09:22:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3PUP_lcsQafmis
[2012/02/24 09:22:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\3PUP_lcsQafmis
[2012/02/17 16:01:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2PTPhcetWsfmis
[2012/02/17 16:01:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\2PTPhcetWsfmis
[2012/02/16 16:53:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/02/16 14:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\amministratore\Documenti\Nuova cartella
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/26 11:56:50 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\amministratore\Desktop\OTL.exe
[2012/02/26 11:33:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/26 11:33:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012/02/26 11:32:14 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2012/02/26 11:31:14 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/26 11:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/26 11:30:14 | 3219,107,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/26 11:27:02 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012/02/26 11:13:02 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/26 10:27:58 | 004,420,481 | R--- | M] (Swearware) -- C:\Documents and Settings\amministratore\Desktop\ComboFix.exe
[2012/02/26 10:11:48 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\amministratore\Desktop\spybotsd162.exe
[2012/02/26 04:56:38 | 000,001,458 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012/02/17 08:42:50 | 000,523,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/16 19:57:20 | 000,724,868 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/02/16 19:57:20 | 000,663,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/16 19:57:20 | 000,180,432 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2012/02/16 19:57:20 | 000,159,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/16 19:52:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/16 17:16:10 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\amministratore\Desktop\Collegamento a IDEAL_STD.exe.lnk
[2012/02/09 22:56:16 | 000,000,452 | RHS- | M] () -- C:\Documents and Settings\amministratore\ntuser.pol
[2012/02/09 22:23:24 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/08 17:10:16 | 000,090,163 | ---- | M] () -- C:\WINDOWS\citamis.str
[2012/02/08 16:38:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\u7wtrcax.INI
[2012/02/02 16:16:02 | 000,000,147 | ---- | M] () -- C:\WINDOWS\HmiSRT.ini
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/26 10:29:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/26 10:29:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/26 10:29:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/26 10:29:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/26 10:29:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/02/16 16:10:40 | 3219,107,840 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/15 09:05:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 09:05:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/09 22:23:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/08 16:37:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\u7wtrcax.INI
[2011/09/13 15:06:48 | 000,000,031 | ---- | C] () -- C:\WINDOWS\ResetW.INI
[2011/09/09 16:18:05 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/09/08 16:22:51 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011/09/07 16:56:17 | 000,000,561 | ---- | C] () -- C:\WINDOWS\winhlp32.ini
[2011/06/14 19:20:36 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\sn_regbase.dll
[2011/06/01 08:55:10 | 000,000,020 | ---- | C] () -- C:\WINDOWS\AlarmGen.INI
[2011/04/06 20:34:00 | 000,627,724 | ---- | C] () -- C:\WINDOWS\System32\drivers\fw_5711n.bin
[2011/02/28 17:12:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\spwls.exe
[2010/11/26 18:50:32 | 000,000,066 | ---- | C] () -- C:\WINDOWS\s7ntpgax.INI
[2010/10/13 15:32:34 | 000,000,345 | ---- | C] () -- C:\WINDOWS\EcadView.INI
[2010/10/13 15:26:26 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\ProHELP.dll
[2010/10/13 15:26:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\_isuser.dll
[2010/10/13 15:20:46 | 000,872,507 | ---- | C] () -- C:\WINDOWS\System32\mesa.dll
[2010/08/31 20:02:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/17 12:54:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/22 13:13:25 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\usbcnx2.dll
[2010/07/09 14:38:43 | 000,013,888 | ---- | C] () -- C:\WINDOWS\WDTGR.DLL
[2010/07/09 14:38:43 | 000,008,096 | ---- | C] () -- C:\WINDOWS\WCDTGR.DLL
[2010/07/09 14:38:43 | 000,006,656 | ---- | C] () -- C:\WINDOWS\WNETWAY.DLL
[2010/07/09 14:38:43 | 000,004,064 | ---- | C] () -- C:\WINDOWS\WNETWT16.DLL
[2010/07/01 09:12:42 | 001,613,955 | ---- | C] () -- C:\WINDOWS\System32\CXSDI_CIPConfigPages.dll
[2010/06/16 22:47:34 | 000,015,670 | ---- | C] () -- C:\Programmi\24.04.2009 163426.BAK
[2010/04/21 13:45:36 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\S5AS511.SYS
[2010/04/08 11:21:00 | 000,036,688 | ---- | C] () -- C:\WINDOWS\System32\s7200L2.dll

========== LOP Check ==========

[2007/07/11 23:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Infineon
[2007/08/01 14:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Maxtor
[2007/08/03 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Wonderware
[2007/08/03 11:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ArchestrA
[2007/09/06 14:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Siemens AG
[2007/09/11 23:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Downloaded Installations
[2007/09/11 23:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2007/10/02 15:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Grisoft
[2007/12/21 18:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2008/01/31 15:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Endress+Hauser
[2008/07/07 11:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Progea
[2008/09/03 19:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
[2008/11/11 11:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Siemens
[2008/11/11 14:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SpeedBit
[2008/12/09 11:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Winferno
[2009/06/15 14:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SEW
[2009/11/25 18:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PKWARE
[2010/07/09 14:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Schneider Electric
[2011/09/02 10:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/09/08 16:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Rockwell
[2011/09/26 14:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pro-face
[2011/10/01 12:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WFCU
[2011/10/10 15:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DAEMON Tools Lite
[2007/07/11 23:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Infineon
[2007/08/02 16:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Maxtor Quick Start
[2007/09/06 15:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\SIEMENS AG
[2007/09/11 23:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\PC Suite
[2007/09/11 23:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Nokia
[2007/09/11 23:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Datalayer
[2007/11/08 16:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\IsolatedStorage
[2008/05/18 16:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\DICOMedReview
[2008/06/04 15:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\CyberInstaller Studio 2008
[2008/07/07 11:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Progea
[2008/09/03 19:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Autodesk
[2009/01/30 08:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\ArchestrA
[2009/02/12 08:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Cimaware
[2009/02/25 17:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\ACTL
[2009/11/25 18:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\PKWARE
[2010/04/06 18:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\picajet.com
[2010/07/09 15:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Schneider Electric
[2010/10/10 00:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Leadertech
[2011/07/18 11:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Zoner
[2011/07/21 16:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\TeamViewer
[2011/09/07 17:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\CDS
[2011/09/10 05:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\pdfforge
[2011/10/10 15:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\DAEMON Tools Lite
[2011/10/10 15:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\OMRON
[2011/12/22 08:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\amministratore\Dati applicazioni\Search Settings
[2012/02/26 11:33:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP