Salve a tutti! Stavo per un pò tranquillo senza virus fino qualche tempo fa fino a quando circa un mesetto fa facendo una scansione con Malwarebyte's antimalware è saltata fuori una voce di registro infeftta:
HKEY_CURRENT_USER\Software\MSSec
MBA me lo ha rimosso ma ogni tanto questa infezione si ripresenta, così ho dato una pulita con ccleaner ed ho eliminato tutti i punti di ripristino disattivando completamente il monitoraggio... adesso ho scaricato combofix ma va in conflitto con avast. Ho disabilitato la protezione in tempo reale di avast ed ho rilanciato combofix che però mi ha causato una schermata blu di errore... così invece di usare combofix ho usato OTL selezionando la voce "Scan All Users" e selezionando Extra Registry -> Use SafeList e poi ho selezionato Minimal output. Infine ho fatto Run Scan e questo ha aftto la scansione senza problemi e posto i due log che mi ha salvato. Ho fatto anche una scnsione con avira rescue system (iso) e con altri antivirus che partono da live cd e sembra che l'unica infezione sia questa che si ripresenta ogni tanto e non capisco perché... ho infine installato anche SuperAntiSpayware che non mi ha trovato nulla...
OTL logfile created on: 04/10/2011 10.55.39 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = H:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 75,44% Memory free
4,72 Gb Paging File | 3,85 Gb Available in Paging File | 81,67% Paging File free
Paging file location(s): c:\pagefile.sys 1920 3840 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 232,88 Gb Total Space | 171,51 Gb Free Space | 73,64% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 170,81 Gb Free Space | 57,30% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 239,27 Gb Free Space | 25,69% Space Free | Partition Type: NTFS
Computer Name: ALECOS | User Name: Ak71 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - H:\Download\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programmi\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Programmi\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
PRC - C:\Programmi\USB Safely Remove\USBSRService.exe ()
PRC - C:\Programmi\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programmi\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\File comuni\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe ()
PRC - C:\Programmi\File comuni\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
PRC - C:\Programmi\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programmi\COMODO\Firewall\cfp.exe (COMODO)
PRC - C:\Programmi\COMODO\Firewall\cmdagent.exe (COMODO)
PRC - C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programmi\MemInfo\meminfo.exe (Carthago Software)
PRC - C:\Programmi\Winamp\winampa.exe ()
PRC - C:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Vista Drive Icon\DrvIcon.exe (artArmin)
PRC - C:\Programmi\Screensaver Control\ScreensaverControl.exe (Neuhaus13 Software)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)
PRC - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programmi\No-IP\DUC20.exe (Vitalwerks LLC)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programmi\DesktopCalendar\DesktopCalendar.exe ()
PRC - C:\Lamp\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
PRC - C:\Lamp\Apache2\bin\Apache.exe (Apache Software Foundation)
PRC - C:\Lamp\MySQL\bin\mysqld-nt.exe ()
PRC - C:\Programmi\TClockLight\tclock.exe (Kazubon)
PRC - C:\Programmi\Digisoft AntiDialer\AntiDialer.exe (Digisoft)
PRC - C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
PRC - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Programmi\Alwil Software\Avast5\defs\11100301\algo.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programmi\Alwil Software\Avast5\defs\11100301\aswRep.dll ()
MOD - C:\Lamp\Php\libmcrypt.dll ()
MOD - C:\Programmi\Mozilla Firefox\js3250.dll ()
MOD - C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Programmi\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Programmi\USB Safely Remove\USBSRService.exe ()
MOD - C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Programmi\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll ()
MOD - C:\Programmi\Orbitdownloader\wtlctrl.dll ()
MOD - C:\Programmi\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabKernel.dll ()
MOD - C:\Programmi\Acronis\TrueImageHome\tishell.dll ()
MOD - C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe ()
MOD - C:\Programmi\Acronis\TrueImageHome\Common\resource.dll ()
MOD - C:\Programmi\Acronis\TrueImageHome\Common\rpc_client.dll ()
MOD - C:\Programmi\Acronis\TrueImageHome\Common\thread_pool.dll ()
MOD - C:\Programmi\File comuni\LightScribe\QtGui4.dll ()
MOD - C:\Programmi\File comuni\LightScribe\QtCore4.dll ()
MOD - C:\Programmi\File comuni\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programmi\Unlocker\UnlockerCOM.dll ()
MOD - C:\Programmi\Unlocker\UnlockerHook.dll ()
MOD - C:\Programmi\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()
MOD - C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Programmi\COMODO\Firewall\scanners\mach32.dll ()
MOD - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\pdfshell.ITA ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Programmi\COMODO\Firewall\scanners\script.cav ()
MOD - c:\Lamp\Php\extensions\php_mbstring.dll ()
MOD - c:\Lamp\Php\extensions\php_gd2.dll ()
MOD - c:\Lamp\Php\extensions\php_w32api.dll ()
MOD - c:\Lamp\Php\extensions\php_bz2.dll ()
MOD - c:\Lamp\Php\extensions\php_exif.dll ()
MOD - c:\Lamp\Php\extensions\php_zip.dll ()
MOD - c:\Lamp\Php\extensions\php_mcrypt.dll ()
MOD - c:\Lamp\Php\extensions\php_yaz.dll ()
MOD - C:\Lamp\Php\php4apache2.dll ()
MOD - c:\Lamp\Php\extensions\php_mhash.dll ()
MOD - c:\Lamp\Php\extensions\php_iconv.dll ()
MOD - C:\Lamp\Php\libmhash.dll ()
MOD - C:\Programmi\Winamp\winampa.exe ()
MOD - C:\Programmi\TUGZip\Plugins\TzArchive10.tgp ()
MOD - C:\Programmi\Raxco\PerfectDisk\sqlite3.dll ()
MOD - C:\Programmi\Raxco\PerfectDisk\PDDb.dll ()
MOD - C:\WINDOWS\system32\ztvunrar36.dll ()
MOD - C:\WINDOWS\system32\LXF3PMRC.DLL ()
MOD - C:\WINDOWS\system32\LXF3PMON.DLL ()
MOD - C:\Programmi\Lexmark Fax Solutions\ipcmt.dll ()
MOD - C:\Programmi\DesktopCalendar\DesktopCalendar.exe ()
MOD - C:\Programmi\IZArc\IZArcCM.dll ()
MOD - C:\WINDOWS\system32\lxf3oem.dll ()
MOD - C:\Programmi\TUGZip\TzShell.dll ()
MOD - C:\Lamp\MySQL\bin\mysqld-nt.exe ()
MOD - C:\Programmi\TUGZip\Plugins\TzImage10.tgp ()
MOD - C:\WINDOWS\system32\unrar3.dll ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (DynDNS_Updater_Service) -- File not found
SRV - (ATI Smart) -- File not found
SRV - (aawservice) -- File not found
SRV - (avast! Antivirus) -- C:\Programmi\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (!SASCORE) -- C:\Programmi\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (USBSafelyRemoveService) -- C:\Programmi\USB Safely Remove\USBSRService.exe ()
SRV - (afcdpsrv) -- C:\Programmi\File comuni\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (LightScribeService) -- C:\Programmi\File comuni\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NMSAccess) -- C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
SRV - (cmdAgent) -- C:\Programmi\COMODO\Firewall\cmdagent.exe (COMODO)
SRV - (sp_rssrv) -- C:\Programmi\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (FLEXnet Licensing Service) -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Autodesk Licensing Service) -- C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Documents and Settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (PDEngine) -- C:\Programmi\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDAgent) -- C:\Programmi\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
SRV - (NMIndexingService) -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (PSI_SVC_2) -- C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (IviRegMgr) -- C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (Apache2) -- C:\Lamp\Apache2\bin\Apache.exe (Apache Software Foundation)
SRV - (MySQL) -- C:\Lamp\MySQL\bin\mysqld-nt.exe ()
SRV - (IDriverT) -- C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (SoundMAX Agent Service (default)) -- C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
========== Driver Services (SafeList) ==========
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (SASDIFSV) -- C:\Programmi\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (SASKUTIL) -- C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SmartDefragDriver) -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys ()
DRV - (afcdp) -- C:\WINDOWS\system32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\WINDOWS\system32\DRIVERS\tdrpm273.sys (Acronis)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdguard.sys (COMODO)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (vncmirror) -- C:\WINDOWS\system32\drivers\vncmirror.sys (RealVNC Ltd.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (DefragFS) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (hidgame) -- C:\WINDOWS\system32\drivers\hidgame.sys (Microsoft Corporation)
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (USTOR) -- C:\WINDOWS\system32\drivers\UStork.sys (USB Mass Storage.)
DRV - (HSFHWCD2) -- C:\WINDOWS\system32\drivers\HSFHWCD2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (CDRPDACC) Quinnware CDDA Driver (by InfinaDyne) -- C:\Programmi\Quintessential Player\cdrpdacc.sys (Arrowkey)
DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (MidiSyn) -- C:\WINDOWS\system32\drivers\MidiSyn.sys (Analog Devices Inc)
DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\Aspi32.sys (Adaptec)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (aslm75) -- C:\WINDOWS\system32\drivers\ASLM75.SYS ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.libero.it
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://arianna.libero.it
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Programmi\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@sun.com/npsopluginmi;version=1.0: C:\Programmi\OpenOffice.org 3\program [2011/08/10 12.32.53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2011/09/28 14.34.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2011/09/28 14.34.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Components: C:\Programmi\Mozilla Thunderbird\components [2011/09/28 14.36.27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Plugins: C:\Programmi\Mozilla Thunderbird\plugins [2011/08/07 12.07.19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Ak71\Dati applicazioni\IDM\idmmzcc3
[2011/01/27 15.44.16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Extensions
[2011/01/27 15.44.16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/10/03 15.33.15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions
[2011/01/27 15.44.07 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/01/27 15.43.54 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2011/08/15 10.34.45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/27 15.43.54 | 000,000,000 | ---D | M] (Html Validator) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011/05/15 17.00.44 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/01/27 15.43.38 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2011/01/27 15.43.38 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2011/01/27 15.43.38 | 000,000,000 | ---D | M] (Date Picker/Calendar) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{A6A0B3F6-6D2D-4c55-96C1-7481BEA2EBF8}
[2011/01/27 15.43.38 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/06/16 11.51.45 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/05/18 12.20.59 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2011/01/27 15.43.36 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2011/01/27 15.44.15 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\en-GB@dictionaries.addons.mozilla.org
[2011/01/27 15.44.15 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\en-US@dictionaries.addons.mozilla.org
[2011/03/25 13.28.06 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\ietab@ip.cn
[2011/04/29 16.59.13 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\it-IT@dictionaries.addons.mozilla.org
[2011/01/27 15.44.07 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\noia2_option@kk.noia
[2011/03/19 16.57.41 | 000,000,000 | ---D | M] (Screen Capture Elite) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\screencaptureelite@plugin
[2011/01/27 15.43.56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ak71\Dati applicazioni\Mozilla\Firefox\Profiles\806wvpp4.Alessandro\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2011/10/03 15.33.15 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2010/04/19 11.12.33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/04 18.47.09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/08 17.52.35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/27 15.28.30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/07 18.04.35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/22 10.05.22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/05/04 04.52.23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2009/10/16 20.33.06 | 000,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2010/01/29 20.08.52 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2010/01/29 20.08.52 | 000,000,825 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2010/01/29 20.08.52 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/01/29 20.08.52 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: ([2009/10/30 17.45.20 | 000,297,398 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.2 www.alecos-server.net
O1 - Hosts: 63.245.209.91 addons.mozilla.org
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 10271 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\Toolbar\WebBrowser: (no name) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Programmi\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Programmi\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programmi\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [DrvIcon] C:\Programmi\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Enterra Icon Keeper] C:\Programmi\Enterra\Icon Keeper\IcnKeepr.exe (Enterra, Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Programmi\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [servizio Acronis Scheduler2] C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [soundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [startCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKLM..\Run: [unlockerAssistant] C:\Programmi\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [uSB Safely Remove] C:\Programmi\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
O4 - HKLM..\Run: [uStorag] c:\programmi\u-storage\ustorage.exe sys_auto_run C:\Programmi\U-Storage File not found
O4 - HKLM..\Run: [WallisDeskTopCal] C:\Programmi\DesktopCalendar\DesktopCalendar.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [\\PC-ALIDA\EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [Automatico EPSON Stylus SX200 Series su PC-ALIDA] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [Automatico EPSON SX110 Series su PC-ALIDA] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [DAEMON Tools Lite] C:\Programmi\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [LightScribe Control Panel] C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [screenSaverControl] C:\Programmi\Screensaver Control\ScreensaverControl.exe (Neuhaus13 Software)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [sUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ak71\Menu Avvio\Programmi\Esecuzione automatica\MemInfo.lnk = C:\Programmi\MemInfo\meminfo.exe (Carthago Software)
O4 - Startup: C:\Documents and Settings\Ak71\Menu Avvio\Programmi\Esecuzione automatica\No-IP DUC.lnk = C:\Programmi\No-IP\DUC20.exe (Vitalwerks LLC)
O4 - Startup: C:\Documents and Settings\Ak71\Menu Avvio\Programmi\Esecuzione automatica\tclock.lnk = C:\Programmi\TClockLight\tclock.exe (Kazubon)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe (Digisoft)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Monitor Apache Servers.lnk = C:\Lamp\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Orbit.lnk = C:\Programmi\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytoosl = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: &Download by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - C:\Programmi\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Anteprima Easy-WebPrint - C:\Programmi\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Programmi\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - C:\Programmi\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Stampa Easy-WebPrint - C:\Programmi\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: adobe.com ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: csm.it ([]https in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: kaspersky.com ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: macromedia.com ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: microsoft.com ([update] http in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: microsoft.com ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..Trusted Domains: nanoscan.com ([www] http in Siti attendibili)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1179668500343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553780000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1745805-030D-4D0E-93AA-A9B7F578F6A5}: NameServer = 193.70.152.15,193.70.152.25
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/22 11.15.44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 23.42.20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e702166b-db35-11dd-afff-000ea6937a27}\Shell - "" = AutoRun
O33 - MountPoints2\{e702166b-db35-11dd-afff-000ea6937a27}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
O33 - MountPoints2\{f5a1d552-ad78-11dd-af71-4d6564696130}\Shell - "" = AutoRun
O33 - MountPoints2\{f5a1d552-ad78-11dd-af71-4d6564696130}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/04 10.18.22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ak71\Recent
[2011/10/04 10.00.47 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/10/04 09.48.32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/01 10.42.32 | 000,323,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaaut.dll
[2011/09/26 20.20.47 | 000,117,248 | ---- | C] (Bome Software) -- C:\WINDOWS\System32\RestoratorContextMenu.dll
[2011/09/20 22.41.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ak71\Dati applicazioni\Burraconline
[2011/09/05 20.37.02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ak71\Dati applicazioni\Wise Registry Cleaner
[2011/09/05 20.36.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Wise Registry Cleaner
[2011/09/05 20.36.36 | 000,000,000 | ---D | C] -- C:\Programmi\Wise Registry Cleaner
[2011/09/04 20.28.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
[2011/09/04 17.34.12 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme-bak.dll
[2011/09/04 17.25.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ak71\Dati applicazioni\SUPERAntiSpyware.com
[2011/09/04 17.24.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\SUPERAntiSpyware
[2011/09/04 17.24.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
[2011/09/04 17.24.45 | 000,000,000 | ---D | C] -- C:\Programmi\SUPERAntiSpyware
[2008/11/04 16.09.55 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ak71\Dati applicazioni\pcouffin.sys
[2008/02/19 10.59.39 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008/02/19 10.59.39 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/10/04 10.54.28 | 000,025,140 | ---- | M] () -- C:\WINDOWS\Notepad2.ini
[2011/10/04 10.12.51 | 000,000,468 | ---- | M] () -- C:\WINDOWS\tasks\Automatic System Restore Point.job
[2011/10/04 10.12.40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/04 10.11.48 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Orbit.lnk
[2011/10/04 10.10.09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/04 10.10.01 | 3220,492,288 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/03 22.53.03 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/03 16.19.13 | 002,390,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/03 15.08.36 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2011/10/02 12.08.12 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/10/02 12.06.48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/10/01 10.42.32 | 000,323,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaaut.dll
[2011/09/26 11.25.18 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Ak71\Desktop\KMPlayer.lnk
[2011/09/18 11.34.23 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/18 11.20.58 | 000,000,213 | -HS- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\.zreglib
[2011/09/12 21.03.29 | 000,002,934 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/10 11.30.45 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/09/09 11.12.01 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/09 10.51.30 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/09/06 22.45.29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/06 22.45.29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/06 22.38.05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/06 22.37.53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/06 22.36.38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/06 22.36.36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/06 22.36.23 | 000,110,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/06 22.36.20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/06 22.36.12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/06 22.33.11 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/04 17.24.53 | 000,001,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/10 11.30.45 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2011/09/04 17.33.16 | 000,714,752 | ---- | C] () -- C:\WINDOWS\notepad.exe
[2011/09/04 17.24.53 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/02 18.38.37 | 000,000,413 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/08/10 12.06.05 | 002,469,248 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011/08/10 12.06.05 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011/08/10 12.06.05 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011/08/10 12.06.05 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011/08/10 12.06.05 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011/07/28 17.49.12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/06/24 10.23.07 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/06/24 10.23.06 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/17 18.24.02 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/09/17 13.45.17 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/09/17 13.45.17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010/09/17 13.45.16 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010/09/17 13.45.16 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/09/17 13.24.44 | 000,219,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/05/12 15.45.23 | 000,714,752 | ---- | C] () -- C:\WINDOWS\System32\notepad.exe
[2010/01/09 19.03.09 | 000,000,352 | ---- | C] () -- C:\WINDOWS\System32\Top10.ini
[2009/10/11 15.29.53 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Eic.ini
[2009/10/07 10.02.02 | 000,003,481 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/09/16 09.38.52 | 000,000,064 | ---- | C] () -- C:\WINDOWS\MyProg.ini
[2009/08/06 13.47.40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\playwav.exe
[2009/06/21 11.20.23 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/06/21 11.20.23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/04/26 15.47.26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/03/21 16.12.06 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/01/25 23.10.48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/09 01.01.22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/28 12.23.20 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2008/12/27 20.29.44 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/12/27 20.29.44 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/12/27 20.29.44 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/12/27 20.29.44 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2008/12/27 20.29.44 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/12/27 20.29.44 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/12/27 20.29.44 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/12/27 20.29.44 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/12/27 20.29.44 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/12/27 20.29.44 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2008/12/27 20.29.44 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2008/12/27 20.29.44 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/12/27 20.29.44 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/12/27 20.29.43 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/12/27 20.29.43 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/12/27 20.29.43 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/12/27 20.29.43 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/12/27 20.29.43 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/12/27 20.29.43 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/12/27 19.57.23 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE SX200DEFGIPS.ini
[2008/12/15 14.49.17 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2008/11/19 18.43.56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\pbMv.INI
[2008/11/19 16.52.11 | 000,002,932 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\KGyGaAvL.sys
[2008/11/19 16.52.11 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\5BD424129D.sys
[2008/11/04 16.11.16 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\vso_ts_preview.xml
[2008/11/04 16.10.00 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\inst.exe
[2008/11/04 16.09.55 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\pcouffin.cat
[2008/11/04 16.09.55 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\pcouffin.inf
[2008/11/02 15.40.51 | 000,025,140 | ---- | C] () -- C:\WINDOWS\Notepad2.ini
[2008/09/23 11.59.13 | 000,000,213 | -HS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\.zreglib
[2008/06/28 12.26.58 | 003,215,392 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/06/07 12.03.41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/05/25 14.09.09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2008/05/25 14.09.07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2008/05/25 14.08.44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2008/05/25 14.08.42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2008/05/12 15.18.23 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2008/05/11 11.33.13 | 000,060,724 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/05/06 11.10.51 | 000,000,112 | ---- | C] () -- C:\WINDOWS\AoADVDRipper.INI
[2008/04/19 18.26.04 | 000,001,752 | ---- | C] () -- C:\WINDOWS\DesktopOK.ini
[2008/04/13 21.13.50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/04/13 19.27.18 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/11 16.45.59 | 000,000,077 | ---- | C] () -- C:\WINDOWS\LG_Musiclibrary.ini
[2008/04/11 16.27.19 | 000,065,024 | ---- | C] () -- C:\WINDOWS\IFinst26.exe
[2008/03/27 16.46.07 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins001.exe
[2008/03/27 16.46.07 | 000,004,634 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2008/01/19 13.58.51 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008/01/05 13.48.16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/03 17.38.30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2007/12/30 16.52.02 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_processtamer_InstallInfo.dat
[2007/12/30 16.52.02 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\DonationCoder_processtamer_InstallInfo.dat
[2007/12/17 16.04.29 | 000,000,575 | ---- | C] () -- C:\WINDOWS\pkplugin.ini
[2007/12/17 15.42.09 | 000,000,374 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007/12/17 15.37.06 | 000,003,497 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007/12/16 20.13.19 | 000,084,522 | ---- | C] () -- C:\WINDOWS\System32\unlzx.exe
[2007/11/20 16.01.32 | 000,000,216 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2007/10/28 14.38.18 | 000,000,168 | ---- | C] () -- C:\WINDOWS\sclock.ini
[2007/09/29 10.54.43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dsltest.INI
[2007/09/28 17.55.16 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007/08/28 15.35.28 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\addr_file.html
[2007/08/06 13.29.40 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\401342df.dat
[2007/08/06 08.57.03 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007/08/06 08.57.03 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/08/04 14.31.09 | 000,000,185 | ---- | C] () -- C:\WINDOWS\System32\DynuBas.INI
[2007/08/02 13.15.21 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dwin1326.dat
[2007/07/26 15.44.06 | 000,000,171 | ---- | C] () -- C:\WINDOWS\icecast2.ini
[2007/07/21 15.45.42 | 000,000,109 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2007/07/21 14.17.29 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\AutoGK.ini
[2007/05/17 16.55.56 | 000,002,377 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/05/17 10.37.02 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\Workflows
[2007/05/17 10.37.02 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\Widgets
[2007/05/17 10.37.02 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\PKP_DLds.DAT
[2007/05/09 14.51.43 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2007/04/09 17.09.03 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\memorybar.exe
[2007/04/06 18.33.23 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\PKP_DLec.DAT
[2007/04/05 17.46.10 | 000,002,650 | ---- | C] () -- C:\Documents and Settings\Ak71\Dati applicazioni\QuickZip45.ini
[2007/04/05 16.52.49 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/03/31 10.10.59 | 000,448,752 | ---- | C] () -- C:\WINDOWS\System32\prfh0410.dat
[2007/03/31 10.10.58 | 000,074,926 | ---- | C] () -- C:\WINDOWS\System32\prfc0410.dat
[2007/03/29 16.47.04 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2007/03/24 14.35.31 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2007/03/24 13.22.59 | 000,000,323 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2007/03/24 11.47.16 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/03/24 11.47.16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/03/24 11.47.16 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/03/24 11.47.16 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/03/24 11.47.16 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/03/24 11.47.16 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/03/24 11.45.46 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2007/03/24 11.45.46 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2007/03/24 10.57.35 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\winsusrm.dll
[2007/03/23 13.34.12 | 000,004,547 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\QTSBandwidthCache
[2007/03/23 13.03.29 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2007/03/23 13.03.29 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2007/03/23 11.40.55 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\srecorder.dll
[2007/03/22 18.20.45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/03/22 18.18.40 | 000,216,064 | ---- | C] () -- C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/22 14.54.42 | 000,000,342 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/03/22 14.22.57 | 000,004,076 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/03/22 12.10.47 | 000,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/03/22 12.05.58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/03/22 12.04.44 | 002,390,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/03/22 11.47.30 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2007/03/22 11.35.12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/03/22 11.33.52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2007/03/22 11.30.27 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2007/03/22 11.22.38 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/03/22 11.18.09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/03/22 11.12.38 | 000,023,604 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/12/30 19.27.08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/07/14 23.15.10 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\systilde32.dll
[2004/08/30 22.00.00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/30 22.00.00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/30 22.00.00 | 000,558,572 | ---- | C] () -- C:\WINDOWS\System32\perfh010.dat
[2004/08/30 22.00.00 | 000,505,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/30 22.00.00 | 000,300,212 | ---- | C] () -- C:\WINDOWS\System32\perfi010.dat
[2004/08/30 22.00.00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/30 22.00.00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/30 22.00.00 | 000,106,690 | ---- | C] () -- C:\WINDOWS\System32\perfc010.dat
[2004/08/30 22.00.00 | 000,090,458 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/30 22.00.00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/30 22.00.00 | 000,034,004 | ---- | C] () -- C:\WINDOWS\System32\perfd010.dat
[2004/08/30 22.00.00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/30 22.00.00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/30 22.00.00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/22 18.04.56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/04/25 13.21.13 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\0ca8a1ec.dat
[2004/03/24 12.04.24 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\8d3a90ef.dat
[2003/04/08 19.51.50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\trayocx.dll
[2002/10/16 00.54.04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/09/18 00.45.00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[1998/07/29 14.49.34 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
========== LOP Check ==========
[2009/05/17 16.50.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Acronis
[2010/04/15 17.49.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\AnvSoft
[2011/02/07 12.19.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Astroburn Lite
[2008/01/02 12.54.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Auslogics
[2008/04/26 18.57.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Autodesk
[2009/03/18 16.09.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\avidemux
[2011/09/20 22.41.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Burraconline
[2009/09/29 20.12.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\BwgSoftware
[2011/03/17 18.24.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Canneverbe Limited
[2009/08/08 15.25.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Carthago
[2008/11/13 14.54.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\CyberInstaller Studio 2008
[2010/10/21 16.18.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\DAEMON Tools
[2011/10/02 12.08.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\DAEMON Tools Lite
[2008/09/30 09.41.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Desktop Calendar
[2010/10/06 11.44.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Dev-Cpp
[2010/10/03 16.57.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\DMCache
[2010/09/14 16.40.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\DVDFab
[2009/01/04 12.14.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\EPSON
[2009/04/13 13.37.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\FDRLab
[2011/09/09 10.53.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\FileZilla
[2009/03/26 19.18.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\FMZilla
[2007/07/21 17.12.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\FreeCommander
[2008/03/04 12.40.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\GetRightToGo
[2009/07/23 16.46.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\gnupg
[2008/06/11 18.52.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\GrabPro
[2007/05/26 18.46.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\gtopala
[2010/11/01 14.46.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\IcoFX
[2007/11/20 16.02.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Icon Remover
[2009/08/01 12.43.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\ImgBurn
[2010/11/01 14.49.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\InnoIDE
[2007/03/24 11.50.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\InterVideo
[2011/03/27 16.03.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\IObit
[2007/03/23 15.02.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\ISTool
[2007/08/03 17.36.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Kana Solution
[2009/02/25 17.35.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\KeePass
[2007/11/23 16.30.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\KompoZer
[2009/09/13 16.57.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Leadertech
[2008/07/06 17.16.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Lexmark Imaging Studio
[2008/12/15 11.11.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Megaupload
[2008/01/27 13.48.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Mit_Atmel
[2011/06/24 10.27.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Mp3tag
[2007/04/06 18.34.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Nikon
[2008/12/08 17.42.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\OpenOffice.org
[2007/04/22 13.38.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Opera
[2011/10/04 10.18.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Orbit
[2010/06/20 12.54.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\PeaZip
[2010/08/02 15.15.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\ProgSense
[2007/03/24 10.40.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Quintessential Player
[2009/02/06 19.16.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\SLAutoSave
[2007/09/25 13.28.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\SlySoft
[2008/04/05 11.14.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Sony Setup
[2011/07/14 11.38.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Spyware Terminator
[2011/03/09 10.20.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\stickies
[2009/01/29 15.26.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\streamripper
[2009/05/23 19.09.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Styler
[2010/12/06 18.24.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\TeamViewer
[2009/11/24 16.11.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\TeraCopy
[2011/01/27 15.45.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Thunderbird
[2010/02/28 12.37.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Uniblue
[2008/05/30 18.00.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\USBSafelyRemove
[2008/11/17 13.11.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\usr
[2011/04/16 12.34.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\uTorrent
[2010/10/21 17.29.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\ViStart
[2011/05/02 09.50.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\VSO
[2010/08/26 13.57.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Windows Search
[2011/09/06 10.04.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ak71\Dati applicazioni\Wise Registry Cleaner
[2011/02/12 17.11.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Acronis
[2010/05/15 13.21.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2011/02/07 12.19.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Astroburn Lite
[2008/04/26 18.57.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
[2011/03/17 18.24.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2008/01/02 20.05.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ConeXware
[2010/10/21 16.31.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DAEMON Tools Lite
[2009/02/22 18.20.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\db net solutions
[2009/01/06 19.28.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DynDNS
[2007/05/17 10.37.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Echo
[2007/03/27 12.52.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Elaborate Bytes
[2007/05/17 10.37.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\EnterNHelp
[2010/07/20 11.33.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\EPSON
[2010/09/18 14.18.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\InnoIDE
[2009/09/30 16.38.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\LightScribe
[2009/02/24 11.38.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NCH Swift Sound
[2007/04/30 17.21.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nikon
[2009/03/01 16.32.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ParetoLogic Anti-Spyware
[2009/03/14 16.33.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SlySoft
[2011/07/14 11.39.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator
[2010/09/25 17.09.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SWiSHMax2WorkFolder
[2010/04/15 17.59.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2008/12/27 20.43.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\UDL
[2007/05/17 10.37.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ultima_T15
[2007/12/09 17.54.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Uniblue
[2008/12/16 16.10.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\USBSRService
[2008/11/05 18.52.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\vsosdk
[2008/06/12 13.16.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\Acronis
[2008/07/06 17.12.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\Thunderbird
[2010/07/03 10.18.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\Acronis
[2011/10/04 10.12.51 | 000,000,468 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic System Restore Point.job
[2004/08/30 22.00.00 | 000,000,004 | -HS- | M] () -- C:\WINDOWS\Tasks\FOLDER.TSX
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 72 bytes -> C:\WINDOWS:75C4A7B5570C1B3A
@Alternate Data Stream - 604 bytes -> C:\Documents and Settings\Ak71\Documenti\Sorgenti:_UAEFSDB.___
@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\Ak71\Impostazioni locali\Dati applicazioni\desktop.ini:722b2b1c349a06abf0e866180e5a7e63
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:FB1B13D8
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:CB0AACC9
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:4BF2F6B5
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:D1B5B4F1
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:30FD0CBD
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 04/10/2011 10.55.40 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = H:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 75,44% Memory free
4,72 Gb Paging File | 3,85 Gb Available in Paging File | 81,67% Paging File free
Paging file location(s): c:\pagefile.sys 1920 3840 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 232,88 Gb Total Space | 171,51 Gb Free Space | 73,64% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 170,81 Gb Free Space | 57,30% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 239,27 Gb Free Space | 25,69% Space Free | Partition Type: NTFS
Computer Name: ALECOS | User Name: Ak71 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
[HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = jsfile] -- Reg Error: Key error. File not found
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
http [open] -- "C:\Programmi\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programmi\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to .7Z] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multi7z" "%1" (Giorgio Tani)
Directory [Add to .7Z, fastest] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multi7zfastest" "%1" (Giorgio Tani)
Directory [Add to .7Z, normal] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multi7znormal" "%1" (Giorgio Tani)
Directory [Add to .7Z, ultra] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multi7zultra" "%1" (Giorgio Tani)
Directory [Add to .ZIP] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multizip" "%1" (Giorgio Tani)
Directory [Add to .ZIP, fastest] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multizipfastest" "%1" (Giorgio Tani)
Directory [Add to .ZIP, normal] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multizipnormal" "%1" (Giorgio Tani)
Directory [Add to .ZIP, ultra] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multizipultra" "%1" (Giorgio Tani)
Directory [Add to archive] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multi" "%1" (Giorgio Tani)
Directory [Add to self-extracting archive] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-add2multisfx" "%1" (Giorgio Tani)
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [browse path with PeaZip] -- "C:\Programmi\PeaZip\PEAZIP.EXE" "-ext2browsepath" "%1" (Giorgio Tani)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [QCD.add] -- "c:\programmi\quintessential player\qcdplayer.exe" /ddeexec (Quinnware)
Directory [QCD.load] -- "c:\programmi\quintessential player\qcdplayer.exe" /ddeexec (Quinnware)
Directory [QCD.play] -- "c:\programmi\quintessential player\qcdplayer.exe" /ddeexec (Quinnware)
Directory [Winamp.Bookmark] -- "C:\Programmi\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programmi\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programmi\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Gestione remota Windows
"80:TCP" = 80:TCP:*:Disabled:Gestione remota Windows - Modalità compatibilità (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programmi\uTorrent\uTorrent.exe" = C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programmi\Orbitdownloader\orbitdm.exe" = C:\Programmi\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Programmi\Orbitdownloader\orbitnet.exe" = C:\Programmi\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Programmi\Cerberus\Cerberus.exe" = C:\Programmi\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server -- (Cerberus, LLC)
"C:\Programmi\Opera\opera.exe" = C:\Programmi\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programmi\TeamViewer\Version5\TeamViewer.exe" = C:\Programmi\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programmi\TeamViewer\Version6\TeamViewer.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
"{072D23BC-32E0-4F51-9646-08C816B02FD4}" = Adobe Setup
"{082EA2B7-C14C-4D48-8527-EF8375E99EBE}" = Burraconline CLIENT
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4™
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1B399A41-C1D0-40A2-9E4F-095868EFAF01}" = InterVideo WinDVD 5
"{1E8BAA74-62A9-421D-A61F-164C7C3943E9}_is1" = InnoIDE 1.0.0.70
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 26
"{26C8D43F-611F-FBAB-C5A5-C93AC2CC1554}" = CCC Help English
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A845A64-3F80-41D7-9F33-6146E56997E6}" = OpenOffice.org 3.3
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2D25AB60-3E2C-4c89-A0FC-E2D86A145766}" = Windows 7 Upgrade Advisor
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{335E4114-5484-B874-7C70-EFEA550FD3B7}" = ccc-utility
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A862C7D-0504-48BC-AEF8-7F7479C7C158}" = Apache HTTP Server 2.0.59
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{4344E211-F621-3870-9A08-2F56C71BA0A7}" = Microsoft .NET Framework 4 Extended ITA Language Pack
"{43523FEF-9D8E-4572-BB11-0E914D366E0A}" = LightScribe Template Labeler
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}" = Windows Live Call
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = StarModem ADSL USB MODEM
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-5001-0410-0002-0060B0CE6BBA}" = AutoCAD 2007 - Italiano
"{58618A13-293A-5E2E-3299-EE3AFB7A7AF5}" = Catalyst Control Center Localization All
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.2
"{5AE2BE5E-930A-481C-817E-C373E8910C8A}" = Windows Live Messenger
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5BC9EFC2-8B19-4CFC-B5E0-750804179FFD}" = Oracle VM VirtualBox 4.0.12
"{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1" = Quicksys RegDefrag 2.9
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6D5146A4-E7D9-0911-B7CD-E98DE9D30DCD}" = Catalyst Control Center
"{6F2954FB-3F0F-B384-3E6F-5D0CAAF80A77}" = ATI AVIVO Codecs
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{6FCC4F8C-F20D-423B-BF7C-D86036FCFAFE}" = MySQL Server 4.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A61142C-CA19-4F3C-BA66-FF8F131501F9}" = Paint.NET v3.5.9
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{80F497C5-1F7C-4C30-87DE-7D84F33968C9}_is1" = SplitFile
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842F9881-E181-30B3-A152-008D61433274}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
"{86BA3130-5938-3192-BBCF-6B0A2D86FA58}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.7
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{993A94A9-DCE3-4774-B35D-D8C74FC1E0BE}" = Royale Remixed Theme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9EDBB857-8028-49CD-B9C9-0B4D10CD1040}" = Nero 8
"{9F7EAFAA-3A4F-C12D-BAF1-B6D696AFA985}" = Catalyst Control Center InstallProxy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9E12684-DD23-4D11-ACAF-6041954BCA00}_is1" = ISTool 5.3.0.1
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.05.26
"{AB8F4ADD-7D7D-BBB8-C2AD-70DA30BAE14E}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1040-7B44-A94000000001}" = Adobe Reader 9.4.6 - Italiano
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF61282C-B451-4225-99D8-618B377BC0C8}" = Adobe Photoshop CS3
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B3C66087-864D-469F-B4E4-36BCA7260083}" = Burraconline Loader V1.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6BCCDD8-E8CC-4AED-B032-0859BA6084B4}" = PowerArchiver 2007 Italian
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BE0CBDD5-7506-476E-983E-388ADAAA6006}" = G-Mapper
"{BE7E6C3D-A42B-4BA3-9767-124EB8ED27E3}" = LightScribe System Software
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C452A3BA-700F-4A25-A70A-8946646755E2}" = Cerberus FTP Server
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{CFC0C11B-CC6C-0761-1263-D539BA3E1E74}" = AMD Catalyst Install Manager
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{E171E280-0BAE-4460-9F47-CA96D17828B6}" = Windows Live Essentials
"{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}" = The Matrix - Path of Neo
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E981DF7F-38B6-4EBD-8A04-60FB4DE93141}" = LG Media Center
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD025150-EEA0-4CAC-BED1-B9837783FCC8}" = ActivePerl 5.10.0 Build 1005
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"AC3Filter" = AC3Filter (remove only)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_081686a30873d046090c3ba1d992198" = Adobe Photoshop CS3
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AmiDevCpp" = CrossCompiler AmiDevCpp
"AMIP_QCD" = AMIP for QCD 4 (remove only)
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.5
"AnyDVD" = AnyDVD
"AoA DVD Ripper_is1" = AoA DVD Ripper
"Astroburn Lite" = Astroburn Lite
"ASUS Probe V2.22.00" = ASUS Probe V2.22.00
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AutoGK" = Auto Gordian Knot 2.55
"Autoplay Repair" = Autoplay Repair 2.2.2
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Beneton Movie GIF_is1" = Beneton Movie GIF 1.1.2
"Boilsoft Video Joiner_is1" = Boilsoft Video Joiner 5.01
"camcodec" = CamStudio Lossless Codec
"CANONBJ_Deinstall_CNMCP5y.DLL" = Canon PIXMA iP1500
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"CNXT_MODEM_USB_VID_145F&PID_0106" = Trust 56K V92 USB Modem
"COMODO Firewall Pro" = COMODO Firewall Pro
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DAEMON Tools Lite" = DAEMON Tools Lite
"Debut" = Debut Video Capture Software
"Defraggler" = Defraggler
"Digisoft AntiDialer_is1" = Digisoft AntiDialer 1.0.4
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Dream Aquarium_is1" = Dream Aquarium
"DVD Identifier_is1" = DVD Identifier
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.0.5 (25/08/2010)
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.0.0 Home Edition
"Easy Video Joiner_is1" = Easy Video Joiner 5.21
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"eMule" = eMule
"Enterra Icon Keeper Deluxe_is1" = Enterra Icon Keeper Deluxe 1.1.0.2
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"EPSON Stylus SX200_SX400_TX200_TX400 Guida utente" = EPSON Stylus SX200_SX400_TX200_TX400 Manuale
"EPSON SX110 Series" = Disinstalla EPSON SX110 Series Printer
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"FileZilla Client" = FileZilla Client 3.5.1
"FLV Player" = FLV Player 2.0 (build 25)
"Fraps" = Fraps (remove only)
"Free Registry Defrag_is1" = Free Registry Defrag
"FreeCommander_is1" = FreeCommander 2009.02b
"GnuPG" = GNU Privacy Guard
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.8.18-rc1
"HijackThis" = HijackThis 2.0.2
"Hurrican ITA_is1" = Hurrican 1.4 ITA
"Hurrican_is1" = Hurrican 1.0.0.4
"Icecast2 Win32_is1" = Icecast v2.3.1
"IcoFX_is1" = IcoFX 1.6.4
"IconPackager" = IconPackager
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"Inno Setup 5_is1" = Inno Setup QuickStart Pack version 5.4.2
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4™
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"ItalCity 3.0_is1" = ItalCity 4.2.0
"Jahshaka" = Jahshaka
"KeePass Password Safe_is1" = KeePass Password Safe 1.15
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LameACM" = Lame ACM MP3 Codec
"Lexmark Fax Solutions" = Soluzioni per l'invio di fax Lexmark
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware versione 1.51.2.1300
"MemInfo" = MemInfo (remove only)
"MetFileRegenerator" = MetFileRegenerator v3.0.16
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ITA Language Pack" = Microsoft .NET Framework 4 Extended - Language Pack (ITA)
"mIRC" = mIRC
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"Mozilla Thunderbird (3.1.15)" = Mozilla Thunderbird (3.1.15)
"Mp3tag" = Mp3tag v2.49
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nik ColorEfexPro 2.0" = nik ColorEfexPro 2.0
"nLite_is1" = nLite 1.4.9.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"No-IP.com DUC" = No-IP.com DUC (remove only)
"Nuovita_is1" = Nuovita 3.6 Build 568
"OpenLibraries" = OpenLibraries
"Opera 11.51.1087" = Opera 11.51
"Orbit_is1" = Orbit Downloader
"PEARLHIT_is1" = Attack on Pearl Harbor
"PhotoFiltre" = PhotoFiltre
"Quick AVI Joiner v2.0_is1" = Quick AVI Joiner v2.0
"QuickSFV" = QuickSFV (Remove only)
"Quintessential Player" = Quintessential Player
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva
"ReplAll" = Replace in Files
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"SAM3" = SAM Broadcaster (remove only)
"SCDNAS" = SHOUTcast DNAS (remove only)
"Screensaver Control" = Screensaver Control
"Screenshot Pilot (full)_is1" = Screenshot Pilot version 1.46.01
"Scribus 1.3.3.14" = Scribus 1.3.3.14
"SereneScreen Aquarium_is1" = SereneScreen Aquarium
"SereneScreen Marine Aquarium 2.6_is1" = SereneScreen Marine Aquarium 2.6
"ShockwaveFlash" = Macromedia Flash Player 8
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Smart Defrag 2_is1" = Smart Defrag 2
"SMPlayer" = SMPlayer 0.6.9
"SMPlayer_is1" = SMPlayer 0.6.6
"Soldner X Himmelssturmer 1.00" = Soldner X Himmelssturmer 1.00
"Speccy" = Speccy
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Spyware Terminator_is1" = Spyware Terminator
"Streamripper" = Streamripper (Remove only)
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"SWiSH Max2" = SWiSH Max2
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TUGZip_is1" = TUGZip 3.5
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Tweak UI 2.10" = Tweak UI
"UltraISO_is1" = UltraISO Premium V9.12
"Universal Extractor_is1" = Universal Extractor 1.6.1
"Unlocker" = Unlocker 1.9.1
"USB Safely Remove_is1" = USB Safely Remove 4.7
"UTFCast" = UTFCast 1.0.5.21
"uTorrent" = µTorrent
"Vista Drive Icon" = Vista Drive Icon 1.4
"ViStart" = ViStart
"VLC media player" = VLC media player 1.1.11
"VobSub" = VobSub v2.23 (Remove Only)
"VSO Image Resizer_is1" = VSO Image Resizer 1.3.4
"VST Bridge_is1" = VST Bridge 1.1
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"WinUAE" = WinUAE 2.3.0
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 6.14
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07445EF7-281F-4E9B-8E7C-91250F18F856}" = Ludopoli 1.04.0003 [Ak71]
"{0A0CB93A-0F63-44EE-89C6-E3047B995C36}" = Ludopoli 1.04.0004 [Ak71]
"{0F56A476-91AD-4252-8FE2-17DFCA794AE6}" = Ludopoli 1.00.0001 [Ak71]
"{115B39D4-724A-4F6C-8222-7D59322B43A8}" = Ludopoli 1.01.0003 [Ak71]
"{1431972A-FC78-4ED7-8358-5207408D7825}" = Ludopoli 1.00.0004 [Ak71]
"{1F875D48-56F3-4B08-8E91-15B63C5EB6B2}" = Ludopoli 1.00.0003 [Ak71]
"{24296F6C-76FE-41CA-84CF-F141D0BEA651}" = Ludopoli 0.10.0010 [Ak71]
"{2EA7A9EA-8B7D-4B3E-B603-63305386E5B0}" = Ludopoli 0.10.0007 [Ak71]
"{42B039DD-2877-47C2-B4DC-29CEBE46FB55}" = Ludopoli 1.01 [Ak71]
"{5B3B4A15-CD85-44F0-9B65-58738A2A51DE}" = Ludopoli 1.01.0002 [Ak71]
"{699A3C95-8328-45CB-AF69-1AA9A723F34F}" = Ludopoli 0.10.0011 [Ak71]
"{6A323076-CCE6-4388-AFA0-E8AEC71A695C}" = Ludopoli 1.04.0001 [Ak71]
"{6DB55353-CAC5-4859-AEBD-F33388DDEC9C}" = Ludopoli 0.10.0008 [Ak71]
"{80D8C5AE-304F-4A97-9E74-E79744D0D86A}" = Ludopoli 1.00 [Ak71]
"{956189D1-EC25-4A36-841E-CD1A40010402}" = Ludopoli 1.04.0002 [Ak71]
"{C795400F-13C0-49A7-AB9F-C1D438692BFB}" = Ludopoli 1.00.0002 [Ak71]
"{CACBB038-6688-4AF2-87FD-91896742F4EB}" = Ludopoli 1.02 [Ak71]
"{DAD4920A-945C-435D-ABA0-8293B207A251}" = Ludopoli 0.10.0009 [Ak71]
"PhotoFiltre" = PhotoFiltre
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/07/2011 11.58.21 | Computer Name = ALECOS | Source = WmiAdapter | ID = 4099
Description = Impossibile aprire il servizio.
Error - 11/07/2011 12.19.17 | Computer Name = ALECOS | Source = WmiAdapter | ID = 4099
Description = Impossibile aprire il servizio.
Error - 11/07/2011 16.25.30 | Computer Name = ALECOS | Source = WmiAdapter | ID = 4099
Description = Impossibile aprire il servizio.
Error - 12/07/2011 2.18.25 | Computer Name = ALECOS | Source = WmiAdapter | ID = 4099
Description = Impossibile aprire il servizio.
Error - 13/07/2011 11.56.21 | Computer Name = ALECOS | Source = WmiAdapter | ID = 4099
Description = Impossibile aprire il servizio.
Error - 10/08/2011 8.59.48 | Computer Name = ALECOS | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 29/08/2011 7.14.50 | Computer Name = ALECOS | Source = crypt32 | ID = 131080
Description = Impossibile eseguire il recupero con aggiornamento automatico del
numero di sequenza dell'elenco principale di altri produttori da: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
a causa del seguente errore: Timeout. Operazione non riuscita.
Error - 29/08/2011 7.14.51 | Computer Name = ALECOS | Source = crypt32 | ID = 131080
Description = Impossibile eseguire il recupero con aggiornamento automatico del
numero di sequenza dell'elenco principale di altri produttori da: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
a causa del seguente errore: Il server specificato non può effettuare l'operazione
richiesta.
Error - 10/09/2011 5.31.28 | Computer Name = ALECOS | Source = crypt32 | ID = 131080
Description = Impossibile eseguire il recupero con aggiornamento automatico del
numero di sequenza dell'elenco principale di altri produttori da: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
a causa del seguente errore: Timeout. Operazione non riuscita.
Error - 10/09/2011 5.31.28 | Computer Name = ALECOS | Source = crypt32 | ID = 131080
Description = Impossibile eseguire il recupero con aggiornamento automatico del
numero di sequenza dell'elenco principale di altri produttori da: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
a causa del seguente errore: Il server specificato non può effettuare l'operazione
richiesta.
[ System Events ]
Error - 03/10/2011 16.52.27 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio adfs non è stato avviato per il seguente errore: %%2
Error - 03/10/2011 16.52.27 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio ATI Smart non è stato avviato per il seguente errore:
%%2
Error - 04/10/2011 3.30.20 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio General Purpose USB Driver (adildr.sys) non è stato avviato
per il seguente errore: %%2
Error - 04/10/2011 3.30.20 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio adfs non è stato avviato per il seguente errore: %%2
Error - 04/10/2011 3.30.20 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio ATI Smart non è stato avviato per il seguente errore:
%%2
Error - 04/10/2011 3.48.11 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio EPSON V3 Service4(01). Questo
evento si è già verificato 1 volta(e).
Error - 04/10/2011 3.48.11 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio EPSON V5 Service4(01). Questo
evento si è già verificato 1 volta(e).
Error - 04/10/2011 4.12.35 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio General Purpose USB Driver (adildr.sys) non è stato avviato
per il seguente errore: %%2
Error - 04/10/2011 4.12.35 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio adfs non è stato avviato per il seguente errore: %%2
Error - 04/10/2011 4.12.35 | Computer Name = ALECOS | Source = Service Control Manager | ID = 7000
Description = Il servizio ATI Smart non è stato avviato per il seguente errore:
%%2
< End of report >