no access to IE options


Recommended Posts

Dear Sirs,

I was advised to do the following but still cannot open IE options.

" How To Post An Otl Log, Easy to Follow Guide

Create a new thread and post the required logs in the following section of the forums.

Malware Removal

Please wait patiently for the experts to read your logs and guide you on removing your malware. "

Here is the the Malwarebytes' log

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4572

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

26/09/2010 13:00:56

mbam-log-2010-09-26 (13-00-56).txt

Scan type: Quick scan

Objects scanned: 142433

Time elapsed: 13 minute(s), 43 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Thanks a lot for your kind support

frn

Link to post
Share on other sites

Please read these directions and post all of the required logs.

How To Post An Otl Log, Easy to Follow Guide

Hello and sorry for bothering you again

I'm not sure about what I should do next. I followed the instructions up to the MBAM scan ( I posted it as you said) which didn't show any infection but I still cannot access IE options. I'm a bit confused now... What should I do ? Move to step 2 even if there was no infection?

Thanks in advance for your kind support

frn

Link to post
Share on other sites

You need to follow the directions in the link I provided. It shows step by step what programs to download, install and run. Once all of them have been completed you need to post all of the log files generated.

Hello,

I have done the 1st part of the scan again and will carry on with the following steps and post them here

Thank you very much for your kind support

Regards

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4572

Windows 5.1.2600 Service Pack 2

Internet Explorer 8.0.6001.18702

08/09/2010 19:19:09

mbam-log-2010-09-08 (19-19-09).txt

Scan type: Quick scan

Objects scanned: 141888

Time elapsed: 16 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e2ee5c44-c66d-499d-beae-a2a79189a63a} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Dear Sirs,

I'd be really grateful if you could check my logs.

I was infected with spywares/malwares before but I'm still having some problems ( pc slow, problems downloading updates, no access to IE options both from the browser and the Control Panel).

I'd like to thank you in advance for your kind help

Best Regards

frn

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4742

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

07/10/2010 23:22:18

mbam-log-2010-10-07 (23-22-18).txt

Scan type: Quick scan

Objects scanned: 144669

Time elapsed: 18 minute(s), 43 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Rooter.exe (v1.0.2) by Eric_71

.

SeDebugPrivilege granted successfully ...

.

Windows XP Home Edition (5.1.2600) Service Pack 3

[32_bits] - x86 Family 15 Model 2 Stepping 7, GenuineIntel

.

[wscsvc] (Security Center) RUNNING (state:4)

[sharedAccess] RUNNING (state:4)

Windows Firewall -> Enabled

.

Internet Explorer 8.0.6001.18702

.

C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:17 Go )

D:\ [CD_Rom]

.

Scan : 11:30.27

Path : C:\Documents and Settings\Fran\Desktop\Rooter.exe

User : Fran ( Administrator -> YES )

.

----------------------\\ Processes

.

Locked [system Process] (0)

______ System (4)

______ \SystemRoot\System32\smss.exe (480)

______ \??\C:\WINDOWS\system32\csrss.exe (536)

______ \??\C:\WINDOWS\system32\winlogon.exe (560)

______ C:\WINDOWS\system32\services.exe (604)

______ C:\WINDOWS\system32\lsass.exe (616)

______ C:\WINDOWS\system32\svchost.exe (772)

______ C:\WINDOWS\system32\svchost.exe (832)

______ c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (900)

______ C:\WINDOWS\System32\svchost.exe (940)

______ C:\WINDOWS\System32\svchost.exe (1016)

______ C:\WINDOWS\system32\svchost.exe (1120)

______ C:\WINDOWS\Explorer.EXE (1300)

______ C:\WINDOWS\system32\spoolsv.exe (1332)

______ C:\Programmi\Microsoft Security Essentials\msseces.exe (1568)

______ C:\WINDOWS\System32\svchost.exe (1708)

______ C:\WINDOWS\system32\svchost.exe (1832)

______ C:\Programmi\Java\jre6\bin\jqs.exe (1852)

______ C:\WINDOWS\System32\svchost.exe (1900)

______ C:\WINDOWS\System32\svchost.exe (192)

______ C:\WINDOWS\system32\slserv.exe (240)

______ C:\WINDOWS\System32\svchost.exe (400)

______ C:\WINDOWS\system32\wuauclt.exe (520)

______ C:\WINDOWS\System32\wbem\wmiapsrv.exe (2512)

______ C:\WINDOWS\System32\alg.exe (2604)

______ C:\Programmi\internet explorer\iexplore.exe (3176)

______ C:\Programmi\internet explorer\iexplore.exe (3360)

______ C:\Programmi\Hide My IP\HideMyIpSrv.exe (3556)

______ C:\Documents and Settings\Fran\Desktop\Rooter.exe (1060)

.

----------------------\\ Device\Harddisk0\

.

\Device\Harddisk0 [sectors : 63 x 512 Bytes]

.

\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:39999504384)

.

----------------------\\ Scheduled Tasks

.

C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

C:\WINDOWS\Tasks\desktop.ini

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.job

C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.job

C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.job

C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1450960922-839522115-1004.job

C:\WINDOWS\Tasks\SA.DAT

C:\WINDOWS\Tasks\WebReg HP Photosmart C4400 series.job

.

----------------------\\ Registry

.

.

----------------------\\ Files & Folders

.

----------------------\\ Scan completed at 11:31.21

.

C:\Rooter$\Rooter_1.txt - (08/10/2010 | 11:31.21)

Log created at 11:55 on 08/10/2010 (Fran)

Scanning C:\

C:\pagefile.sys

-------------------------

-=E.O.F=-

_____________________________________________________________________________________________________

CKScanner - Additional Security Risks - These are not necessarily bad

scanner sequence 3.RP.11

----- EOF -----

_____________________________________________________________________________________________________

OTL logfile created on: 08/10/2010 13:42:08 - Run 1

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Fran\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 215.00 Mb Available Physical Memory | 42.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi

Drive C: | 37.25 Gb Total Space | 17.45 Gb Free Space | 46.84% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: USER-BZPR251MPO

Current User Name: Fran

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Fran\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programmi\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

PRC - C:\Programmi\Hide My IP\HideMyIpSrv.exe ()

PRC - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\slserv.exe ( )

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Fran\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found

SRV - (HideMyIpSRV) -- C:\Programmi\Hide My IP\HideMyIpSrv.exe ()

SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)

SRV - (CCALib8) -- C:\Programmi\Canon\CAL\CALMAIN.exe (Canon Inc.)

SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )

========== Driver Services (SafeList) ==========

DRV - (ZDPSp50) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys File not found

DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found

DRV - (Lavasoft Kernexplorer) -- C:\Programmi\Lavasoft\Ad-Aware\KernExplorer.sys File not found

DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)

DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project)

DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (ultra) -- C:\WINDOWS\System32\Ultra.dll ()

DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)

DRV - (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) -- C:\WINDOWS\system32\drivers\BLKWGU.sys (Belkin Corporation)

DRV - (W8335XP) -- C:\WINDOWS\system32\drivers\MRV8335XP.sys (Marvell Semiconductor, Inc)

DRV - (odysseyIM4) -- C:\WINDOWS\system32\drivers\odysseyIM4.sys (Funk Software, Inc.)

DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link)

DRV - (CBTNDIS5) -- C:\WINDOWS\system32\CBTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )

DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )

DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )

DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )

DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )

DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software)

DRV - (VIAudio) VIA AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\viaudios.sys (VIA Technologies, Inc.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)

DRV - (FA312) -- C:\WINDOWS\system32\drivers\FA312nd5.sys (NETGEAR Corp.)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/23 21:02:40 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/09/08 22:26:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.

O4 - HKLM..\Run: [MSSE] c:\Programmi\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)

O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)

O15 - HKCU\..Trusted Domains: ([]msn in My Computer)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181300875687 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181300844156 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5014/mcfscan.cab (McFreeScan Class)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007/03/19 22:08:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found

NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

MsConfig - Services: "Ati HotKey Poller"

MsConfig - Services: "ose"

MsConfig - Services: "NICSer_WPC54G"

MsConfig - Services: "aspnet_state"

MsConfig - Services: "CCALib8"

MsConfig - Services: "BthServ"

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma Loader.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Speed Launch.lnk - Reg Error: Value error. - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Belkin Wireless Networking Utility.lnk - C:\Programmi\Belkin\F6D4050\v1\Belkinwcui.exe - (Belkin International, Inc.)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^WinZip Quick Pick.lnk - Reg Error: Value error. - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Wireless-G Notebook Adapter.lnk - Reg Error: Value error. - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^Fran^Menu Avvio^Programmi^Esecuzione automatica^ERUNT AutoBackup.lnk - C:\Programmi\ERUNT\AUTOBACK.EXE - ()

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: ATIModeChange - hkey= - key= - File not found

MsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= - File not found

MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found

MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - C:\Programmi\eMule\emule.exe (http://www.emule-project.net)

MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programmi\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

MsConfig - StartUpReg: hpqSRMon - hkey= - key= - C:\Programmi\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)

MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found

MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found

MsConfig - StartUpReg: RegDoctor - hkey= - key= - C:\Programmi\RegDoctor\RegDoctor.exe (RegDoctor)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 2

MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: MsMpSvc - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: MsMpSvc - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering grafica vettoriale (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Binding dati Dynamic HTML per Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Creazione avanzata

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classi Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Aggiornamento della protezione per Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Utilità di pianificazione

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/08 13:29:04 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe

[2010/10/08 11:31:21 | 000,000,000 | ---D | C] -- C:\Rooter$

[2010/10/08 11:24:39 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe

[2010/10/07 22:44:52 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe

[2010/10/07 22:32:45 | 000,000,000 | ---D | C] -- C:\Programmi\ERUNT

[2010/10/05 23:30:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF

[2010/10/03 16:25:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fran\Recent

[2010/09/22 14:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Mozilla

[2010/09/17 16:30:26 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2010/09/17 16:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Sunbelt Software

[2010/09/15 18:38:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010/09/15 17:41:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it

[2010/09/10 15:09:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it

[2010/09/10 15:09:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2010/09/09 22:56:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/09/08 22:20:24 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/09/08 22:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/09/08 19:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Dati applicazioni\Malwarebytes

[2010/09/08 19:01:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/09/08 19:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes

[2010/09/08 19:01:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/09/08 19:01:14 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware

[2010/09/03 19:13:07 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro

[2010/08/28 18:56:21 | 000,000,000 | ---D | C] -- C:\Programmi\Microsoft Security Essentials

[2010/08/26 19:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Documenti\Downloads

[2010/08/26 18:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy

[2010/08/18 12:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\CA

[2010/08/16 13:09:14 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2010/08/13 12:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software

[2010/08/11 22:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9

[2010/08/04 15:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Sun

[2010/08/04 14:45:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\IECompatCache

[2010/08/04 14:29:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\PrivacIE

[2010/08/04 14:22:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\IETldCache

[2010/08/04 14:19:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates

[2010/08/04 14:15:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2010/08/04 14:13:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010/07/21 18:17:17 | 000,000,000 | ---D | C] -- C:\Programmi\Windows Live Safety Center

[2007/03/19 23:12:09 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys

[2003/04/24 19:20:00 | 000,521,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys

[2003/04/24 19:20:00 | 000,085,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys

[2003/04/24 19:19:00 | 001,295,336 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys

[2003/04/24 19:19:00 | 000,210,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys

[2003/04/24 19:19:00 | 000,162,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys

========== Files - Modified Within 90 Days ==========

[2010/10/08 13:34:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\WebReg HP Photosmart C4400 series.job

[2010/10/08 13:31:35 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.job

[2010/10/08 13:31:34 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1450960922-839522115-1004.job

[2010/10/08 13:29:43 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe

[2010/10/08 13:16:00 | 000,001,236 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.job

[2010/10/08 12:45:01 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/10/08 12:38:33 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\gmer.zip

[2010/10/08 12:36:49 | 003,514,115 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe

[2010/10/08 12:29:22 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe

[2010/10/08 11:54:58 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe

[2010/10/08 11:25:06 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe

[2010/10/08 11:10:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/10/08 11:10:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/10/07 23:34:28 | 000,000,306 | -HS- | M] () -- C:\Documents and Settings\Fran\ntuser.ini

[2010/10/07 23:34:27 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.dat

[2010/10/07 22:45:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe

[2010/10/07 22:33:04 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\NTREGOPT.lnk

[2010/10/07 22:33:04 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ERUNT.lnk

[2010/10/07 22:25:18 | 000,567,670 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat

[2010/10/07 22:25:18 | 000,512,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/10/07 22:25:18 | 000,099,318 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat

[2010/10/07 22:25:17 | 001,235,246 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/10/07 22:25:17 | 000,085,146 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/10/06 22:59:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/10/01 19:26:20 | 000,002,505 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office Outlook 2003.lnk

[2010/10/01 19:16:00 | 000,001,184 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.job

[2010/10/01 17:10:03 | 000,002,467 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office PowerPoint 2003.lnk

[2010/10/01 16:30:01 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2010/09/29 17:45:31 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/09/29 13:16:29 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\html.doc

[2010/09/28 16:21:23 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\HKEY_CURRENT_USER.reg

[2010/09/27 18:51:04 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Nuovo Microsoft Word Document.doc

[2010/09/27 18:23:59 | 000,000,978 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/09/27 18:23:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2010/09/27 18:23:59 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/09/27 14:01:12 | 006,418,432 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.bak

[2010/09/24 23:03:29 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\HiJackThis.lnk

[2010/09/22 14:19:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2010/09/19 16:34:27 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ben abroad.doc

[2010/09/17 16:30:25 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2010/09/16 16:34:55 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/09/13 23:05:16 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/09/13 22:06:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/13 22:06:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/11 13:54:17 | 000,046,392 | ---- | M] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT

[2010/09/10 20:19:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Ÿ9Ÿ9

[2010/09/10 14:54:43 | 000,251,600 | RHS- | M] () -- C:\ntldr

[2010/09/10 13:52:25 | 000,552,345 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ProtectYourComputer.pdf

[2010/09/08 22:26:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/09/08 19:01:27 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/09/07 19:35:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/08/28 18:56:24 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk

[2010/08/28 18:37:47 | 000,002,885 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/08/25 18:07:37 | 006,951,964 | -H-- | M] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\IconCache.db

[2010/08/04 13:55:43 | 000,089,805 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\bookmarks.htm

[2010/08/04 13:49:27 | 000,090,471 | ---- | M] () -- C:\Documents and Settings\Fran\Documenti\bookmark.htm

[2010/07/15 11:57:49 | 000,002,537 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office Access 2003.lnk

========== Files Created - No Company Name ==========

[2010/10/08 12:38:30 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\gmer.zip

[2010/10/08 12:36:31 | 003,514,115 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe

[2010/10/08 12:29:19 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe

[2010/10/08 11:53:34 | 000,032,653 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe

[2010/10/07 22:33:04 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\NTREGOPT.lnk

[2010/10/07 22:33:04 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ERUNT.lnk

[2010/09/29 13:15:59 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\html.doc

[2010/09/28 16:21:22 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\HKEY_CURRENT_USER.reg

[2010/09/27 13:36:51 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Fran\ntuser.tmp.LOG

[2010/09/25 10:49:43 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\Nuovo Microsoft Word Document.doc

[2010/09/22 14:19:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/09/19 16:33:34 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ben abroad.doc

[2010/09/17 16:32:48 | 000,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2010/09/13 23:05:16 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/09/10 20:19:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ÿ9Ÿ9

[2010/09/10 13:52:25 | 000,552,345 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ProtectYourComputer.pdf

[2010/09/09 14:06:41 | 006,418,432 | ---- | C] () -- C:\Documents and Settings\Fran\ntuser.bak

[2010/09/09 14:06:41 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\Fran\ntuser.dat

[2010/09/08 22:20:33 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/09/08 22:20:29 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2010/09/08 19:01:27 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/09/03 19:13:12 | 000,002,423 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\HiJackThis.lnk

[2010/08/28 18:56:24 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk

[2010/08/26 19:11:55 | 000,001,236 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.job

[2010/08/26 19:11:54 | 000,001,184 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.job

[2010/08/12 22:52:53 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.job

[2010/08/04 13:55:42 | 000,089,805 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\bookmarks.htm

[2010/08/04 13:49:17 | 000,090,471 | ---- | C] () -- C:\Documents and Settings\Fran\Documenti\bookmark.htm

[2010/01/12 17:59:23 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv

[2010/01/12 17:59:21 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll

[2009/09/11 12:57:51 | 000,000,126 | ---- | C] () -- C:\WINDOWS\PRLTP_USBdrv.ini

[2009/03/12 20:29:10 | 005,645,312 | ---- | C] () -- C:\Programmi\USB PC Cam Plus.msi

[2009/03/12 20:29:10 | 000,031,744 | ---- | C] () -- C:\Programmi\1040.MST

[2009/03/12 20:29:10 | 000,005,186 | ---- | C] () -- C:\Programmi\0x0410.ini

[2009/02/14 15:23:10 | 000,000,022 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2008/12/21 19:10:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini

[2008/12/21 19:10:36 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini

[2008/12/12 22:40:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll

[2008/05/23 00:22:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008/05/23 00:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008/05/23 00:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2007/11/09 22:44:55 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI

[2007/06/02 14:40:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\init.ini

[2007/05/05 13:05:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI

[2007/03/27 23:04:57 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2007/03/23 19:11:53 | 000,004,654 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2007/03/21 22:39:47 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007/03/21 22:33:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2007/03/19 23:32:40 | 000,000,772 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2007/03/19 23:12:09 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll

[2007/03/19 23:12:09 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll

[2007/03/19 23:05:35 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll

[2005/07/11 23:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL

[2005/03/01 16:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2005/01/25 16:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL

[2004/03/23 01:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll

[2003/04/24 19:20:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll

[2003/04/24 19:20:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll

[2003/04/24 19:19:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/08/13 12:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software

[2007/05/19 00:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg7

[2010/08/13 10:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9

[2010/08/18 12:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CA

[2010/01/12 18:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\pdf995

[2008/06/11 23:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ulead Systems

[2007/05/18 09:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\AVG7

[2008/12/10 22:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/04/11 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\Hide IP NG

[2007/03/20 00:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\LimeWire

[2007/04/05 14:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\Ulead Systems

[2010/10/01 16:30:01 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2007/03/19 22:08:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2010/09/07 19:35:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/09/27 18:23:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2002/09/10 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr

[2007/03/19 22:08:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2007/03/19 22:08:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2007/03/19 22:08:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2007/03/23 20:08:29 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2010/09/10 14:54:43 | 000,251,600 | RHS- | M] () -- C:\ntldr

[2010/10/08 11:10:08 | 804,298,752 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >

[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont

[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont

[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont

[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2010/09/13 22:06:17 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2008/07/06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2007/12/17 19:05:32 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll

[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

[2008/07/06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2009/03/12 20:34:26 | 000,005,186 | ---- | M] () -- C:\Programmi\0x0410.ini

[2009/03/12 20:34:32 | 000,031,744 | ---- | M] () -- C:\Programmi\1040.MST

[2009/03/12 20:34:36 | 005,645,312 | ---- | M] () -- C:\Programmi\USB PC Cam Plus.msi

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

[2007/03/19 21:52:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2007/03/19 21:52:12 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2007/03/19 21:52:12 | 000,401,408 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2010/09/13 22:09:11 | 000,000,181 | -HS- | M] () -- C:\Documents and Settings\Fran\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\desktop.ini

[2007/03/19 22:48:57 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Fran\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Mostra Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

[2010/10/08 12:29:22 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe

[2010/10/08 11:54:58 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe

[2010/10/08 13:29:43 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe

[2010/10/08 11:25:06 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe

[2010/10/07 22:45:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe

[2010/10/08 12:36:49 | 003,514,115 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

[2010/10/08 13:31:33 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Fran\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

[2007/06/27 17:48:40 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.exe >

[2008/04/13 19:14:14 | 001,695,232 | -HS- | M] (Microsoft Corporation) -- C:\Programmi\Messenger\msmsgs.exe

[2002/08/20 17:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Messenger\msmsgsin.exe

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< %USERPROFILE%\Templates\*.tmp >

< %SYSTEMDRIVE%\explorexxx.exe\*.* >

< %Windir%\Installer\*.tmp >

[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\System32\*.xco >

< %ProgramFiles%\system32\*.* >

< %systemroot%\System32\windos\*.* >

< %SystemRoot%\system32\sandbox\*.* >

< %SystemRoot%\system32\*.amo >

< %SystemRoot%\system32\Windows Live\*.* >

< %ProgramFiles%\logs\*.* >

< %ProgramFiles%\Bifrost\*.* >

< %SystemRoot%\system32\*.goo >

< %systemroot%\system32\IME\*.* >

< %systemroot%\BackUp\*.* >

< %systemroot%\system32\*.ico >

[2007/05/18 20:09:16 | 000,001,406 | ---- | M] () -- C:\WINDOWS\system32\Help.ico

[2007/05/18 20:09:16 | 000,002,550 | ---- | M] () -- C:\WINDOWS\system32\Uninstall.ico

< %systemroot%\system\*.dat >

< %systemroot%\system\*.exe >

< %AppData%\Macromedia\Common\*.* >

< %SYSTEMDRIVE%\dir\*.* /s >

< %systemroot%\system32\ras\*.exe >

< %SYSTEMDRIVE%\MFILES\*.* >

< %SYSTEMDRIVE%\mDNSRespon.exe\*.* >

< %systemroot%\system32\services\*.* >

< %systemroot%\Spooler\*.* >

< %ProgramFiles%\system32\*.* >

< %systemroot%\system32\Setup\*.dll /x >

< %systemroot%\system32\*.mine >

< %SYSTEMDRIVE%\cleansweep.exe\*.* >

< %systemroot%\system32\ras\*.dll >

< %systemroot%\system32\ras\*.drv >

< %systemroot%\*.iq >

< %systemroot%\system32\XP\*.* >

< %SYSTEMDRIVE%\Extracted\*.* >

< %systemroot%\system32\windows\*.* >

< %systemroot%\logs\*.* >

< %SYSTEMDRIVE%\Win.Msi\*.* >

< %systemroot%\regedit\*.* >

< %systemroot%\system32\skype\*.* >

< %AppData%\Adobe\dlluplwin25\*.* >

< %UserProfile%\*.dat >

[2010/10/07 23:34:27 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.dat

< %UserProfile%\*.dll >

< %systemroot%\system32\*.sxo >

< %SYSTEMDRIVE%\Gazma\*.* /s >

< %systemroot%\system32\spynet\*.* >

< %systemroot%\system32\System\*.* >

< %appdata%\Microsoft\Windows\*.* >

< %systemroot%\system32\WinDir\*.* >

< %systemroot%\_\*.* >

< %systemroot%\system32\windows32\*.* >

< %ProgramFiles%\win\*.* >

< %AppData%\Microsoft\CD Burning\*.* >

< %systemroot%\*.cab >

< %systemroot%\K.Backup\*.* >

< %ProgramFiles%\Massenger\*.* >

< %systemroot%\System32\*.doc >

< %systemroot%\Office12\*.* >

< %systemroot%\System32\Rundl32.exe\*.* >

< %ProgramFiles%\yahoo.net\*.* >

< %systemroot%\system32\*.igo >

< %systemroot%\*.rew >

< %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe >

< %USERPROFILE%\.COMMgr\*.* >

< %USERPROFILE%\Desktop\*.bat >

< %PROGRAMFILES%\Common Files\Real\visualizations\*.* >

< %PROGRAMFILES%\Internet Explorer\*.Jmp >

< %PROGRAMFILES%\Windows NT\system\*.dll >

< %systemroot%\system32\*.ext >

< %systemroot%\system32\Com\*.cfg >

< %systemroot%\system32\btz\*.* >

< %systemroot%\system32\EMP\*.* >

< %systemroot%\system32\expo\*.* >

< %systemroot%\system32\inet2\*.* >

< %systemroot%\system32\xrem\*.* >

< %ProgramFiles%\Microsoft\*.* >

< %systemroot%\usgwmt\*.* >

< %ProgramFiles%\B\*.* >

< %SYSTEMDRIVE%\lspp\*.* >

< %systemroot%\Kral\*.* >

< %SYSTEMDRIVE%\windowsdvd.exe\*.* >

< %systemroot%\system32\*.ipo >

< %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* >

< %systemroot%\system32\*.mof >

< %systemroot%\*.atm >

< %systemroot%\system32\svhost\*.* >

< %ProgramFiles%\system32\*.* >

< %ProgramFiles%\Docmentt\*.* >

< %systemroot%\Help\*.vbs >

< %ProgramFiles%\Windows WinSxs\*.* /s >

< %ProgramFiles%\Outlook Express\IDT\*.* /s >

< %ProgramFiles%\Microsoft Office\365\*.* /s >

< %ProgramFiles%\Windows Live\*.* >

< %systemroot%\system32\win32\*.* >

< %SYSTEMDRIVE%\RECYCLER\*.* >

< %systemroot%\Fresh1\*.* >

< %ProgramFiles%\Kekj\*.* /s >

< %systemroot%\GDU\*.* >

< %systemroot%\KA\*.* >

< %systemroot%\R\*.* >

< %systemroot%\system32\*.fyo >

< %USERPROFILE%\System\*.* >

< %systemroot%\Source\*.* >

< %systemroot%\system32\ac\*.* >

< %ProgramFiles%\MSDN\*.* >

< %AppData%\AdobeUM\winvcldll54\*.* /s >

< %ProgramFiles%\Internet Explorer\*.ico >

< %systemroot%\system32\*.ojo >

< %systemroot%\system32\d323s\*.* >

< %systemroot%\system32\re\*.* >

< %UserProfile%\Microsoft\*.dll >

< %UserProfile%\Microsoft\*.log >

< %systemroot%\Bios\*.* >

< %ProgramFiles%\Spool\*.* >

< %ProgramFiles%\promp3\*.* >

< %SYSTEMDRIVE%\Driver\*.* /s >

< %SYSTEMDRIVE%\inetserver.exe\*.* >

< %systemroot%\java\trustlib\*.* >

< %ProgramFiles%\Common Files\designer\*.exe >

< %ProgramFiles%\*. >

[2008/07/04 21:53:33 | 000,000,000 | ---D | M] -- C:\Programmi\AC3File

[2008/07/04 21:57:51 | 000,000,000 | ---D | M] -- C:\Programmi\AC3Filter

[2010/09/13 23:02:39 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe

[2008/12/12 14:55:27 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe(2)

[2008/12/12 14:46:58 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe(3)

[2007/03/29 13:18:51 | 000,000,000 | ---D | M] -- C:\Programmi\Ahead

[2008/12/12 14:58:06 | 000,000,000 | ---D | M] -- C:\Programmi\Apple Software Update

[2007/03/23 17:21:06 | 000,000,000 | ---D | M] -- C:\Programmi\ArtisanDVDPlayer

[2009/09/14 18:37:18 | 000,000,000 | ---D | M] -- C:\Programmi\Belkin

[2007/05/11 14:37:45 | 000,000,000 | ---D | M] -- C:\Programmi\BHODemon 2

[2007/08/19 21:11:15 | 000,000,000 | ---D | M] -- C:\Programmi\Canon

[2009/10/17 11:52:09 | 000,000,000 | ---D | M] -- C:\Programmi\CCleaner

[2007/03/19 22:03:26 | 000,000,000 | ---D | M] -- C:\Programmi\ComPlus Applications

[2009/02/26 00:33:43 | 000,000,000 | ---D | M] -- C:\Programmi\CramMaster

[2008/06/08 19:53:05 | 000,000,000 | ---D | M] -- C:\Programmi\DivX

[2009/09/30 14:40:56 | 000,000,000 | ---D | M] -- C:\Programmi\eMule

[2010/10/07 22:33:19 | 000,000,000 | ---D | M] -- C:\Programmi\ERUNT

[2010/09/08 22:24:19 | 000,000,000 | ---D | M] -- C:\Programmi\File comuni

[2009/02/01 12:49:10 | 000,000,000 | ---D | M] -- C:\Programmi\Freeware PDF Unlocker

[2009/11/14 22:51:34 | 000,000,000 | ---D | M] -- C:\Programmi\Google

[2007/03/20 23:42:49 | 000,000,000 | ---D | M] -- C:\Programmi\Hewlett-Packard

[2010/04/12 14:03:56 | 000,000,000 | ---D | M] -- C:\Programmi\Hide My IP

[2009/09/15 19:44:34 | 000,000,000 | ---D | M] -- C:\Programmi\HP

[2009/09/14 18:37:14 | 000,000,000 | -H-D | M] -- C:\Programmi\InstallShield Installation Information

[2007/03/19 23:09:45 | 000,000,000 | ---D | M] -- C:\Programmi\Intel

[2010/09/16 12:04:34 | 000,000,000 | ---D | M] -- C:\Programmi\Internet Explorer

[2010/09/13 21:38:33 | 000,000,000 | ---D | M] -- C:\Programmi\Java

[2008/12/13 21:49:03 | 000,000,000 | ---D | M] -- C:\Programmi\Lead Pursuit

[2010/09/08 19:01:30 | 000,000,000 | ---D | M] -- C:\Programmi\Malwarebytes' Anti-Malware

[2010/09/15 23:36:40 | 000,000,000 | ---D | M] -- C:\Programmi\Messenger

[2007/10/12 19:09:21 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft ActiveSync

[2007/03/19 22:08:11 | 000,000,000 | ---D | M] -- C:\Programmi\microsoft frontpage

[2008/11/04 13:28:30 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Office

[2010/08/28 18:57:15 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Security Essentials

[2007/04/27 20:52:10 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Works

[2007/04/25 22:25:53 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Works Suite 2003

[2007/10/12 19:09:32 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft.NET

[2010/09/16 11:59:33 | 000,000,000 | ---D | M] -- C:\Programmi\Movie Maker

[2010/04/09 16:47:45 | 000,000,000 | ---D | M] -- C:\Programmi\MSBuild

[2008/11/04 13:28:06 | 000,000,000 | ---D | M] -- C:\Programmi\MSECache

[2007/03/19 22:02:43 | 000,000,000 | ---D | M] -- C:\Programmi\MSN

[2007/03/19 22:02:27 | 000,000,000 | ---D | M] -- C:\Programmi\MSN Gaming Zone

[2009/09/16 17:04:54 | 000,000,000 | ---D | M] -- C:\Programmi\MSXML 4.0

[2010/04/09 16:41:11 | 000,000,000 | ---D | M] -- C:\Programmi\MSXML 6.0

[2010/09/15 17:33:52 | 000,000,000 | ---D | M] -- C:\Programmi\NetMeeting

[2010/04/11 18:51:18 | 000,000,000 | ---D | M] -- C:\Programmi\OpenVPN

[2010/09/15 23:31:12 | 000,000,000 | ---D | M] -- C:\Programmi\Outlook Express

[2007/05/27 00:28:34 | 000,000,000 | ---D | M] -- C:\Programmi\Panicware

[2008/12/01 01:01:46 | 000,000,000 | ---D | M] -- C:\Programmi\Pass4Side

[2009/02/08 00:29:00 | 000,000,000 | ---D | M] -- C:\Programmi\Pass4sure

[2010/09/22 14:56:35 | 000,000,000 | ---D | M] -- C:\Programmi\PcBugDoctor

[2009/09/11 12:58:00 | 000,000,000 | ---D | M] -- C:\Programmi\Pirelli

[2007/05/27 00:28:33 | 000,000,000 | ---D | M] -- C:\Programmi\PopupPopper

[2008/12/12 14:58:04 | 000,000,000 | ---D | M] -- C:\Programmi\QuickTime

[2010/05/23 21:01:58 | 000,000,000 | ---D | M] -- C:\Programmi\Real

[2007/03/22 23:09:52 | 000,000,000 | ---D | M] -- C:\Programmi\RealVNC

[2010/04/09 16:47:27 | 000,000,000 | ---D | M] -- C:\Programmi\Reference Assemblies

[2008/12/12 22:33:00 | 000,000,000 | ---D | M] -- C:\Programmi\RegDoctor

[2007/03/19 22:06:28 | 000,000,000 | ---D | M] -- C:\Programmi\Servizi in linea

[2007/05/07 14:10:37 | 000,000,000 | ---D | M] -- C:\Programmi\Skype

[2010/07/06 19:17:06 | 000,000,000 | ---D | M] -- C:\Programmi\SpeedFan

[2010/09/03 19:13:07 | 000,000,000 | ---D | M] -- C:\Programmi\Trend Micro

[2010/04/08 11:47:32 | 000,000,000 | ---D | M] -- C:\Programmi\UltraVPN

[2007/03/19 22:48:42 | 000,000,000 | -H-D | M] -- C:\Programmi\Uninstall Information

[2007/03/19 23:05:34 | 000,000,000 | ---D | M] -- C:\Programmi\VIA Technologies, Inc

[2010/08/18 13:18:22 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Live Safety Center

[2007/04/05 14:41:26 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Components

[2007/12/08 21:26:32 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Connect 2

[2010/09/15 17:33:44 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Player

[2010/09/15 17:33:42 | 000,000,000 | ---D | M] -- C:\Programmi\Windows NT

[2007/03/20 23:34:39 | 000,000,000 | -H-D | M] -- C:\Programmi\WindowsUpdate

[2008/12/12 20:51:10 | 000,000,000 | ---D | M] -- C:\Programmi\WinRAR

[2007/03/19 22:08:11 | 000,000,000 | ---D | M] -- C:\Programmi\xerox

[2009/10/13 13:35:07 | 000,000,000 | ---D | M] -- C:\Programmi\Yahoo!

< %systemroot%\system32\*.tso >

< %ALLUSERSPROFILE%\Documents\Server\*.* >

< %systemroot%\*.pif >

[2002/09/10 14:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif

< %systemroot%\system32\n7533\*.* >

< %systemroot%\Us18336\*.* >

< %systemroot%\system32\*.zip >

< %systemroot%\system32\*.wgo >

< %ProgramFiles%\Microsoft Office\OFFICE11\*.* >

[2002/11/29 19:03:34 | 000,001,652 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACCESS.PIP

[2010/05/21 09:51:38 | 000,165,712 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ACCWIZ.DLL

[2003/07/12 15:07:42 | 006,438,912 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZDAT.MDT

[2007/03/21 00:06:08 | 001,728,512 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZLIB.MDE

[2007/03/21 00:06:10 | 005,533,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZMAIN.MDE

[2003/07/12 15:07:44 | 002,359,296 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZUSR.MDT

[2007/03/22 19:07:56 | 000,091,488 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ADDRPARS.DLL

[2007/04/19 15:10:18 | 000,045,920 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\AUTHZAX.DLL

[2007/03/22 20:29:56 | 000,099,160 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\AW.DLL

[2002/07/29 16:32:10 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\BIDI32.DLL

[2007/04/19 15:07:38 | 000,066,400 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\BLNMGR.DLL

[2007/04/19 15:07:34 | 000,052,064 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\BLNMGRPS.DLL

[2007/03/22 20:06:08 | 000,355,168 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\CDLMSO.DLL

[1999/01/15 15:20:40 | 000,112,351 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\CLIPPIT.ACG

[1999/01/15 15:20:42 | 002,904,417 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\CLIPPIT.ACS

[2008/08/11 12:52:46 | 000,080,392 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DLGSETP.DLL

[1999/01/15 15:20:14 | 000,032,191 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\DOT.ACG

[2007/03/22 20:23:32 | 000,019,800 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DSITF.DLL

[2007/05/10 14:44:02 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DSSM.EXE

[2008/01/14 21:51:06 | 000,137,736 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ENVELOPE.DLL

[2010/06/23 17:14:32 | 010,354,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE

[2003/03/20 00:23:56 | 000,001,652 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\EXCEL.PIP

[2005/03/01 15:27:48 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXCHCSP.DLL

[2009/12/11 13:50:58 | 000,079,660 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\EXLPRTID.XML

[2009/06/15 16:43:00 | 000,350,024 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXSEC32.DLL

[1999/01/15 15:20:42 | 000,162,709 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\F1.ACG

[2007/03/22 20:06:34 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FINDER.EXE

[2007/06/06 13:46:12 | 001,961,312 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FPCUTL.DLL

[2007/04/19 15:15:26 | 000,192,344 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FPDTC.DLL

[2009/06/22 21:14:58 | 001,700,168 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\GDIPLUS.DLL

[2007/04/19 14:57:32 | 002,152,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\GRAPH.EXE

[1998/12/08 20:53:54 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\HLP95EN.DLL

[2007/04/19 15:10:30 | 000,116,576 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\IEAWSDC.DLL

[2008/02/06 22:33:38 | 000,127,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\IMPMAIL.DLL

[2007/03/20 19:35:08 | 000,000,619 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\INTLBAND.HTM

[2007/03/22 20:25:44 | 000,067,424 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\INTLDATE.DLL

[1999/01/15 15:20:46 | 000,127,537 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\LOGO.ACG

[2007/04/19 15:00:16 | 000,103,256 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MCPS.DLL

[2007/12/14 19:46:54 | 000,182,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MIMEDIR.DLL

[2007/03/22 19:06:46 | 000,033,120 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MLSHEXT.DLL

[1999/01/15 15:20:46 | 000,104,616 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MNATURE.ACG

[2003/07/30 13:35:36 | 000,422,456 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSACC.OLB

[2010/01/14 17:53:24 | 006,700,888 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSACCESS.EXE

[2007/01/16 21:32:54 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSAEXP30.DLL

[1997/07/11 01:00:00 | 000,003,819 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.CNT

[2002/09/17 07:47:36 | 000,000,335 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.DEP

[1997/07/11 16:37:00 | 000,068,359 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.HLP

[2007/03/22 20:15:56 | 000,120,152 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.OCX

[2007/03/22 20:16:44 | 000,134,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSJSPP40.DLL

[2000/04/03 14:13:40 | 000,003,638 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSN.ICO

[2007/04/19 15:10:34 | 000,127,840 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOAUTH.DLL

[2007/03/22 20:04:52 | 000,109,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOCF.DLL

[2007/03/22 20:04:52 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOCFU.DLL

[2007/03/22 20:29:22 | 000,031,072 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSODCW.DLL

[2003/07/14 23:52:58 | 000,067,128 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOHEV.DLL

[2007/04/19 15:07:38 | 000,061,280 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOHTMED.EXE

[2007/04/19 15:07:24 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOSTYLE.DLL

[2007/04/19 15:07:32 | 000,045,408 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOSVFBR.DLL

[2007/03/22 20:08:34 | 000,203,104 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOUTL.OLB

[2003/04/09 17:20:56 | 000,001,900 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSOUTLO.PIP

[2000/11/09 11:49:16 | 001,200,177 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOWCW.DLL

[2007/03/22 20:05:32 | 000,251,224 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSPPT.OLB

[2007/03/22 20:15:52 | 000,076,128 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSRTEDIT.DLL

[2007/04/19 15:00:30 | 000,637,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORDB.EXE

[2007/04/19 15:00:22 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORE.EXE

[2007/04/19 15:00:30 | 000,489,824 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORES.DLL

[2001/01/23 13:41:10 | 000,831,562 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSUSP.DLL

[2007/04/19 15:09:02 | 000,157,024 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSWEBCAP.DLL

[2007/03/22 20:05:50 | 000,668,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSWORD.OLB

[2003/03/04 17:57:20 | 000,141,952 | ---- | M] (Microsoft) -- C:\Programmi\Microsoft Office\OFFICE11\MULTIMGR.DLL

[2001/01/29 21:03:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MULTIQ.DLL

[2007/04/19 15:10:26 | 000,080,216 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\NAME.DLL

[2001/01/23 12:15:48 | 000,001,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISECHS.TXT

[2001/01/23 12:15:48 | 000,001,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISECHT.TXT

[2001/01/23 12:15:50 | 000,149,848 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEDEU.TXT

[2001/01/23 12:15:50 | 000,000,755 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEENG.TXT

[2001/01/23 12:15:50 | 000,000,755 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEENU.TXT

[2001/01/23 12:15:50 | 000,019,684 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEESN.TXT

[2001/01/23 12:15:50 | 000,049,196 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEFRA.TXT

[2001/01/23 12:15:50 | 000,019,618 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEITA.TXT

[2001/01/23 12:15:50 | 000,002,060 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEJPN.TXT

[2001/01/23 12:15:50 | 000,001,486 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEKOR.TXT

[2001/01/23 12:15:50 | 000,000,745 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISENEU.TXT

[2001/01/23 12:15:50 | 000,013,256 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISENLD.TXT

[2001/01/23 12:15:50 | 000,013,730 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISESVE.TXT

[2001/01/23 12:15:50 | 000,000,697 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISETHA.TXT

[2007/03/22 20:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\NPOFFICE.DLL

[1999/01/15 15:20:46 | 000,136,869 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OFFCAT.ACG

[2007/03/22 20:06:22 | 000,287,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OIS.EXE

[2003/04/25 18:27:54 | 000,000,420 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OIS.PIP

[2007/04/19 14:50:52 | 000,837,472 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OISAPP.DLL

[2007/03/22 20:06:08 | 000,046,432 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\oisctrl.dll

[2007/03/22 20:06:22 | 000,245,600 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OISGRAPH.DLL

[2007/11/19 20:38:52 | 000,236,040 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OLKFSTUB.DLL

[2009/12/11 13:50:58 | 000,079,692 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OLKPRTID.XML

[2007/04/19 15:09:46 | 001,061,720 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OMFC.DLL

[2003/07/12 04:59:46 | 000,016,504 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OPW11USR.INI

[2007/04/19 14:52:16 | 000,030,560 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLACCT.DLL

[2009/08/05 10:45:04 | 000,106,312 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OUTLCTL.DLL

[2010/07/29 12:29:38 | 003,609,408 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLFLTR.DAT

[2005/11/04 14:36:46 | 000,307,440 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLFLTR.DLL

[2010/05/20 15:19:18 | 007,627,608 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLLIB.DLL

[2009/04/10 16:47:34 | 000,102,744 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLMIME.DLL

[2010/05/20 15:19:06 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLOOK.EXE

[2007/11/19 20:38:32 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLPH.DLL

[2009/02/09 21:28:22 | 000,066,904 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLRPC.DLL

[2007/04/19 13:52:54 | 000,050,016 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLVBS.DLL

[2007/03/22 20:07:28 | 000,052,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLWAB.DLL

[2007/04/19 15:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OWSCLT.DLL

[2007/04/19 15:10:18 | 000,099,680 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OWSSUPP.DLL

[2010/04/17 00:14:14 | 006,418,776 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\POWERPNT.EXE

[2003/03/20 00:23:38 | 000,001,532 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\POWERPOI.PIP

[2009/12/11 13:50:58 | 000,079,716 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\PPTPRTID.XML

[2010/01/14 17:48:00 | 001,790,808 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\PPTVIEW.EXE

[2007/03/22 20:18:32 | 000,116,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\PROFLWIZ.EXE

[2007/03/22 19:07:10 | 000,041,824 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\RECALL.DLL

[2003/03/25 12:45:28 | 000,005,974 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REFBAR.ICO

[2003/03/25 12:45:28 | 000,005,974 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REFBARH.ICO

[2007/06/06 13:07:40 | 000,100,192 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\REFEDIT.DLL

[2007/04/19 15:10:18 | 000,063,840 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL

[2003/02/19 14:05:30 | 000,108,800 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REMINDER.WAV

[2002/12/14 00:30:44 | 000,002,664 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\RESETO11.OPS

[1999/01/15 15:20:14 | 000,123,149 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ROCKY.ACG

[2007/03/22 20:09:02 | 000,394,080 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\RTFHTML.DLL

[2007/03/22 20:25:58 | 000,218,456 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SAEXT.DLL

[2007/03/22 20:07:40 | 000,069,984 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SENDTO.DLL

[2007/04/19 15:10:20 | 000,065,888 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SEQCHK10.DLL

[2007/04/19 15:04:10 | 000,390,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SETLANG.EXE

[2003/06/02 13:58:08 | 000,262,216 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\SMSW.CHM

[2007/05/10 14:42:52 | 000,450,392 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SOA.DLL

[2007/05/10 14:42:52 | 002,839,904 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\STSLIST.DLL

[2007/04/19 15:10:28 | 000,185,696 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\STSUPLD.DLL

[2007/03/22 20:25:44 | 000,079,200 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\UCSCRIBE.DLL

[2002/10/30 13:21:18 | 000,246,424 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\UNICOWS.DLL

[2001/01/23 12:46:56 | 000,013,576 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPDAT10.XML

[2001/01/23 12:46:58 | 000,113,911 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPMAP.XML

[2001/01/23 12:46:56 | 000,167,035 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPTYPES.XML

[2008/04/15 21:13:57 | 000,479,232 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\UTILITY.MDA

[2003/04/02 12:21:12 | 000,111,632 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WAVTOASF.EXE

[2003/01/13 16:04:18 | 000,092,752 | ---- | M] (Indicus Pvt. Ltd for Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WDBIMP.DLL

[2010/06/23 17:07:02 | 012,315,992 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE

[2003/06/06 12:25:46 | 000,001,764 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WORD.PIP

[2002/12/02 16:54:08 | 000,001,532 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WORDMAIL.PIP

[2009/12/11 13:51:00 | 000,079,676 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WRDPRTID.XML

[2000/09/27 12:27:48 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WWPAB.CNV

[2000/03/07 23:45:34 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\XL5EN32.OLB

[1999/12/09 22:21:30 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\XLCALL32.DLL

[2003/05/29 13:22:08 | 000,010,217 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\XML2WORD.XSL

< %systemroot%\system32\dllcache\*.com >

< %systemroot%\system32\dllchache\*.* >

< %systemroot%\system32\038840\*.* >

< %systemroot%\system32\13E92A\*.* >

< %systemroot%\system32\1CB5AD\*.* >

< %systemroot%\system32\52682A\*.* >

< %USERPROFILE%\My Documents\*.htm >

< %SYSTEMDRIVE%\Mr_CF\*.* >

< %USERPROFILE%\My Documents\*.dll >

< %USERPROFILE%\My Documents\*.ccc >

< %systemroot%\system32\Sis\*.* >

< %systemroot%\Microsft\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-07 21:37:20

< End of report >

_____________________________________________________________________________________________________

Windows Validation Check

Version: 1.8.8.3

Log Created On: 1237_08-10-2010

-----------------------

Windows Information

-----------------------

Windows Version: Windows XP Service Pack 3

Windows Mode: Normal

WVCheck's Auto Update Check

-----------------------

Auto-Update Option: Download updates and install them automatically.

-----------------------

Last Success Time for Update Detection: 2010-10-07 20:54:50

Last Success Time for Update Download: 2010-10-08 09:16:59

Last Success Time for Update Installation: 2010-10-07 21:37:20

WVCheck's Registry Check Check

-----------------------

Antiwpa: Not Found

-----------------------

Chew7Hale: Not Found

-----------------------

WVCheck's File Dump

-----------------------

WVCheck found no known bad files.

WVCheck's Dir Dump

-----------------------

WVCheck found no known bad files.

WVCheck's Missing File Check

-----------------------

WVCheck found no missing Windows files.

WVCheck's MBAM Quarantine Check

-----------------------

There were no bad files quarantined by MBAM.

WVCheck's HOSTS File Check

-----------------------

WVCheck found no bad lines in the hosts file.

WVCheck's MD5 Check

EXPERIMENTAL!!

-----------------------

user32.dll - fa94696c0727bd59e517c674cd6e7c72

-------- End of File, program close at 1237_08-10-2010 --------

______________________________________________________________________________________________________

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2010-10-08 13:20:46

Windows 5.1.2600 Service Pack 3

Running: gmer.exe; Driver: C:\DOCUME~1\Fran\IMPOST~1\Temp\agpiyaoc.sys

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00158307c65a (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307c65a

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...

Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158307c65a (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...

---- EOF - GMER 1.0.15 ----

______________________________________________________________________________________________________________________

Link to post
Share on other sites
Guest
This topic is now closed to further replies.