OTL logfile created on: 16/04/2012 20.50.20 - Run 8
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Documents and Settings\UserXp\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
1015,23 Mb Total Physical Memory | 212,89 Mb Available Physical Memory | 20,97% Memory free
2,39 Gb Paging File | 1,80 Gb Available in Paging File | 75,32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 74,55 Gb Total Space | 0,44 Gb Free Space | 0,58% Space Free | Partition Type: NTFS
Drive E: | 698,63 Gb Total Space | 550,95 Gb Free Space | 78,86% Space Free | Partition Type: NTFS
 
Computer Name: B5DB2DEA9485475 | User Name: UserXp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/04/15 18.21.49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UserXp\Documenti\Download\OTL.exe
PRC - [2012/04/04 15.56.40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/09/04 15.22.58 | 000,680,960 | ---- | M] () -- C:\Programmi\UGS\UGSLicensing\ugslmd.exe
PRC - [2011/06/09 14.06.06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\File comuni\Java\Java Update\jusched.exe
PRC - [2010/12/17 19.12.56 | 000,332,288 | ---- | M] () -- C:\Programmi\File comuni\Common Desktop Agent\CDASrv.exe
PRC - [2010/05/07 19.47.32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19.43.52 | 000,651,096 | ---- | M] () -- C:\Programmi\File comuni\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 19.35.22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Programmi\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 19.34.58 | 000,168,792 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2009/10/29 18.56.29 | 001,245,064 | ---- | M] () -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2009/08/28 19.42.54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/07 07.16.28 | 001,510,152 | ---- | M] (Acresso Software Inc.) -- C:\Programmi\UGS\UGSLicensing\lmgrd.exe
PRC - [2009/04/30 17.00.56 | 000,122,880 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2008/10/17 16.52.10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Programmi\File comuni\Symantec Shared\CCSVCHST.EXE
PRC - [2008/09/05 12.52.32 | 003,220,856 | ---- | M] (Symantec Corporation) -- C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE
PRC - [2008/05/23 10.48.30 | 001,691,648 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Programmi\Power Translator 12\LogoMedia TranslateDotNet Server.exe
PRC - [2008/04/14 14.00.00 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/21 17.02.54 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/21 17.02.48 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Programmi\Symantec\LiveUpdate\LuCallbackProxy.exe
PRC - [2008/02/21 17.02.36 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Programmi\Symantec\LiveUpdate\AUPDATE.EXE
PRC - [2008/02/21 11.30.44 | 000,061,440 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
PRC - [2006/11/21 16.26.22 | 000,936,960 | ---- | M] (Motive Communications, Inc.) -- C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\McciTrayApp.exe
PRC - [2006/11/03 11.01.16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac7302\Monitor.exe
PRC - [2006/10/26 14.40.34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2006/09/13 12.12.52 | 000,139,264 | ---- | M] (Nero AG) -- C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/09/13 12.07.08 | 000,880,640 | ---- | M] (Nero AG) -- C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/08/25 11.06.26 | 000,566,800 | ---- | M] (Raxco Software, Inc.) -- C:\Programmi\RAXCO\PerfectDisk\PDEngine.exe
PRC - [2006/08/25 11.06.14 | 000,439,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programmi\RAXCO\PerfectDisk\PDAgent.exe
PRC - [2003/04/18 18.06.26 | 000,008,192 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/09/04 15.22.58 | 000,680,960 | ---- | M] () -- C:\Programmi\UGS\UGSLicensing\ugslmd.exe
MOD - [2011/04/11 07.26.33 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\spdpsl.dll
MOD - [2010/12/17 19.13.00 | 000,049,664 | ---- | M] () -- C:\Programmi\File comuni\Common Desktop Agent\CDASrvPS.dll
MOD - [2010/12/17 19.12.56 | 000,332,288 | ---- | M] () -- C:\Programmi\File comuni\Common Desktop Agent\CDASrv.exe
MOD - [2010/11/12 10.23.44 | 000,330,584 | ---- | M] () -- C:\Programmi\File comuni\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/05/07 19.43.52 | 000,651,096 | ---- | M] () -- C:\Programmi\File comuni\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 19.37.40 | 000,126,808 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 19.37.40 | 000,027,480 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 19.36.54 | 000,340,824 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 19.36.20 | 000,921,944 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 19.35.56 | 007,954,776 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 19.35.44 | 002,143,576 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 19.34.58 | 000,168,792 | ---- | M] () -- C:\Programmi\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/10/29 18.56.29 | 001,245,064 | ---- | M] () -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
MOD - [2009/10/29 18.56.29 | 000,357,768 | ---- | M] () -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcnet.dll
MOD - [2009/02/27 18.42.50 | 000,311,296 | ---- | M] () -- C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\pdfshell.ITA
MOD - [2008/04/14 14.00.00 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2008/04/14 14.00.00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/02/21 16.46.46 | 000,169,304 | ---- | M] () -- C:\Programmi\Symantec\LiveUpdate\UNRAR.DLL
MOD - [2008/02/21 11.30.44 | 000,061,440 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
MOD - [2006/08/25 11.06.48 | 000,366,096 | ---- | M] () -- C:\Programmi\RAXCO\PerfectDisk\sqlite3.dll
MOD - [2006/08/25 11.06.22 | 000,071,184 | ---- | M] () -- C:\Programmi\RAXCO\PerfectDisk\PDDb.dll
MOD - [2003/04/18 18.06.26 | 000,008,192 | ---- | M] () -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
MOD - [2001/10/28 18.42.30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\NetworkService\Dati applicazioni\vluxiatf.dll -- (xvnum)
SRV - File not found [Auto | Stopped] -- C:\Programmi\Movie Maker\vluxiatf.dll -- (xlbrd)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\vluxiatf.dll -- (wofkfam)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\vluxiatf.dll -- (gchqfzrho)
SRV - File not found [Auto | Stopped] -- C:\Programmi\Internet Explorer\vluxiatf.dll -- (czfqw)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\\vluxiatf.dll -- (cdmmsfmyl)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\vluxiatf.dll -- (acahn)
SRV - [2012/04/04 15.56.40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/02 05.11.59 | 000,136,784 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\WINDOWS\system32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2010/05/07 19.47.32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/10/29 18.56.29 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/08/28 19.42.54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/07 07.16.28 | 001,510,152 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Programmi\UGS\UGSLicensing\lmgrd.exe -- (UGS License Server (ugslmd)) UGS License Server (ugslmd)
SRV - [2009/04/30 17.00.56 | 000,122,880 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2008/11/11 10.38.06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/17 16.52.10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 16.52.10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 16.52.10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 16.52.10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 12.52.32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/05/23 10.48.30 | 001,691,648 | ---- | M] (Language Engineering Corporation, LLC) [Auto | Running] -- C:\Programmi\Power Translator 12\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server)
SRV - [2008/02/21 17.02.54 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/24 04.19.12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/08/22 03.21.30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/10/26 14.40.34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/26 14.03.08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/08/25 11.06.26 | 000,566,800 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Programmi\RAXCO\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2006/08/25 11.06.14 | 000,439,824 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programmi\RAXCO\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2005/11/14 02.06.04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\UserXp\IMPOST~1\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\UserXp\IMPOST~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (art4mxk5)
DRV - File not found [Kernel | Auto | Stopped] --  -- (adfs)
DRV - [2012/04/16 12.46.58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/04/04 15.56.40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/15 12.46.48 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programmi\File comuni\Symantec Shared\VirusDefs\20120415.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/03/15 12.46.48 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/03/15 12.46.48 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programmi\File comuni\Symantec Shared\VirusDefs\20120415.016\NAVENG.SYS -- (NAVENG)
DRV - [2012/02/03 11.00.00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programmi\File comuni\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/12 04.58.42 | 000,268,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programmi\File comuni\Symantec Shared\SymcData\ipsdefs\20120412.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2011/09/21 11.25.34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/03/14 08.36.08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2010/11/10 04.48.12 | 000,283,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 19.43.30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/11/08 00.49.16 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/03/17 13.56.58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 14.31.42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 14.31.42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 14.31.16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/02/19 14.31.16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symfw.sys -- (SYMFW)
DRV - [2009/02/19 14.31.16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symids.sys -- (SYMIDS)
DRV - [2009/02/19 14.31.16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symndis.sys -- (SYMNDIS)
DRV - [2009/02/19 14.31.16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/02/19 14.31.16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symdns.sys -- (SYMDNS)
DRV - [2009/01/06 10.51.02 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/09/15 08.56.34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/09/15 08.56.24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/09/15 08.56.24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/09/15 08.56.24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/07/30 18.42.12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/07/01 05.27.44 | 000,108,800 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/14 14.00.00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 14.00.00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008/04/14 14.00.00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008/02/01 04.51.16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/02/01 04.51.16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/02/01 04.51.16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/11/27 14.06.42 | 004,630,016 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/08 19.39.56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/06/14 15.29.08 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007/05/04 20.40.22 | 000,215,040 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2006/08/10 15.34.36 | 000,062,480 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2005/02/23 14.58.56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/05/17 15.04.16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2002/10/02 09.57.12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
DRV - [2001/06/22 06.39.02 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/it/index.php?rvs=hompag
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
 
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/it/
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-884357618-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic-Eng7 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Softonic-Eng7 Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2405280&SearchSource=13"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.6: C:\Programmi\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\UserXp\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\UserXp\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2012/04/12 00.55.00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/04/13 17.01.37 | 000,000,000 | ---D | M]
 
[2009/01/06 10.39.59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Extensions
[2012/04/15 21.59.55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions
[2010/01/29 22.52.39 | 000,000,000 | ---D | M] (PHPNukeIT Toolbar) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions\{2c965f3f-8efd-4bfc-a2c5-1672845fdbbf}
[2010/08/07 14.07.34 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010/03/16 22.15.52 | 000,000,000 | ---D | M] (Max IT Toolbar) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions\{609368c3-88c6-4b9d-9f8e-28e29bbb6131}
[2010/08/23 13.34.00 | 000,000,000 | ---D | M] (ooVoo Video Chat Toolbar) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}
[2010/08/07 14.08.30 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010/06/08 11.28.50 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\UserXp\Dati applicazioni\Mozilla\Firefox\Profiles\zgn1bjun.default\searchplugins\conduit.xml
[2012/04/15 17.42.46 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2009/03/10 16.12.31 | 000,000,000 | ---D | M] (PHPNukeIT Toolbar) -- C:\Programmi\Mozilla Firefox\extensions\{2c965f3f-8efd-4bfc-a2c5-1672845fdbbf}
[2012/01/15 20.23.24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2009/01/10 15.04.58 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Programmi\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
[2009/01/06 11.04.07 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/03/31 23.47.26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Programmi\mozilla firefox\components\coFFPlgn.dll
[2011/11/10 06.54.13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/03 16.35.11 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/02/03 16.35.11 | 000,000,825 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2012/02/03 16.35.11 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/02/03 16.35.11 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Bing ()
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=it-IT&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - Extension: AT_DolceGabbana = C:\Documents and Settings\UserXp\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2\
 
O1 HOSTS File: ([2012/04/14 15.59.34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (no name) - {609368c3-88c6-4b9d-9f8e-28e29bbb6131} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmi\File comuni\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programmi\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - No CLSID value found.
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programmi\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programmi\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceRE_McciTrayApp] C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Programmi\File comuni\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CDAServer] C:\Programmi\File comuni\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [Cool Memo First Boob] C:\Documents and Settings\All Users\Dati applicazioni\Bleh kind cool memo\Frag Size.exe (Pattern Makes)
O4 - HKLM..\Run: [LWS] C:\Programmi\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [osCheck] C:\Programmi\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-57989841-884357618-1606980848-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-57989841-884357618-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E763315F-38B3-4F95-9B5C-2AD00DC94D76}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/UserXp/IMPOST~1/Temp/msohtmlclip1/01/clip_image001.gif
O24 - Desktop Components:1 () - http://t1.gstatic.com/images?q=tbn:ANd9GcRiHehKDbFRMrJyAF2hVKpF3bQaCuqdKjZ1AphpY3gpcGLTWvA&t=1&usg=__7fIYG4zarA6u-uIeDEmlxcn59zg=
O24 - Desktop Components:2 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/06 06.19.55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/04/16 14.15.12 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/16 12.48.52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\UserXp\Recent
[2012/04/16 12.44.13 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/04/16 12.19.31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXp\Desktop\Copia di x skuuoolla
[2012/04/14 23.33.19 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/14 23.33.19 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2012/04/14 16.59.25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/04/14 16.02.48 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/03/24 22.09.53 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2012/03/24 22.09.53 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012/03/24 22.08.54 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012/03/24 22.08.08 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012/03/24 22.08.04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012/03/24 22.05.40 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012/03/24 22.04.34 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012/03/24 22.04.12 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/03/24 22.01.45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012/03/24 21.42.21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/03/24 13.13.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXp\Dati applicazioni\Malwarebytes
[2012/03/24 13.13.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2012/03/24 08.12.08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/03/23 22.07.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXp\Dati applicazioni\gizza
[2012/03/23 22.07.15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/04/16 21.00.08 | 000,000,266 | -H-- | M] () -- C:\WINDOWS\tasks\AE99BA3B918A2ABB.job
[2012/04/16 20.26.29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/16 20.24.08 | 000,001,246 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-884357618-1606980848-1003UA.job
[2012/04/16 20.23.08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/16 12.46.58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/04/16 12.19.56 | 000,002,241 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/04/15 22.24.14 | 000,001,194 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-884357618-1606980848-1003Core.job
[2012/04/15 21.32.21 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\UserXp\Desktop\Google Chrome.lnk
[2012/04/14 15.59.34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/04/14 10.36.41 | 000,005,536 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/13 17.01.38 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/13 16.46.21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/04/13 00.06.46 | 000,144,185 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Wtryskiwacz_orbital2.pdf
[2012/04/13 00.04.35 | 000,820,010 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Wtryskiwacz_orbital.pdf
[2012/04/11 18.27.11 | 000,000,625 | ---- | M] () -- C:\Documents and Settings\UserXp\Desktop\RegCleaner.lnk
[2012/04/11 11.29.32 | 000,546,158 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/04/11 11.29.32 | 000,496,854 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/11 11.29.32 | 000,100,682 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2012/04/11 11.29.32 | 000,085,338 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/11 11.17.06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/10 23.01.23 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Klucze do systemu.rtf
[2012/04/10 22.57.16 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\KOd do tego XP Professional.rtf
[2012/04/06 14.48.15 | 000,463,528 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\cc_20120406_144732.reg
[2012/04/05 01.46.36 | 000,564,929 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Rodzaje AKUMULATOROW LI ION.pdf
[2012/04/04 15.56.40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/04 12.55.42 | 000,571,557 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\akku_HILTI_en.pdf
[2012/04/02 03.21.39 | 001,305,164 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\metabo_riparazioni2009.pdf
[2012/04/01 20.55.03 | 004,223,926 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Wzmacnianie gruntu Soil Mixing.pdf
[2012/04/01 12.04.47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/01 12.04.40 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\UserXp\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/30 01.39.10 | 000,278,263 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\HILTI_TE10.pdf
[2012/03/29 23.36.07 | 000,144,983 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\MAKITA_HM0810.pdf
[2012/03/28 09.21.39 | 000,590,360 | ---- | M] () -- C:\Documents and Settings\UserXp\Documenti\Mechanizm otwierania drzwi wahadlowo.pdf
[2012/03/25 13.06.20 | 002,188,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/23 00.49.44 | 000,000,077 | ---- | M] () -- C:\Documents and Settings\UserXp\default.pls
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/04/13 16.53.53 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader 9.lnk
[2012/04/13 16.53.53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/13 00.06.46 | 000,144,185 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Wtryskiwacz_orbital2.pdf
[2012/04/13 00.04.35 | 000,820,010 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Wtryskiwacz_orbital.pdf
[2012/04/11 18.27.11 | 000,000,625 | ---- | C] () -- C:\Documents and Settings\UserXp\Desktop\RegCleaner.lnk
[2012/04/10 23.01.23 | 000,000,416 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Klucze do systemu.rtf
[2012/04/10 22.57.16 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\KOd do tego XP Professional.rtf
[2012/04/06 14.47.39 | 000,463,528 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\cc_20120406_144732.reg
[2012/04/05 01.46.36 | 000,564,929 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Rodzaje AKUMULATOROW LI ION.pdf
[2012/04/04 12.55.42 | 000,571,557 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\akku_HILTI_en.pdf
[2012/04/02 03.21.38 | 001,305,164 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\metabo_riparazioni2009.pdf
[2012/04/01 20.55.01 | 004,223,926 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Wzmacnianie gruntu Soil Mixing.pdf
[2012/03/30 01.39.10 | 000,278,263 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\HILTI_TE10.pdf
[2012/03/29 23.36.07 | 000,144,983 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\MAKITA_HM0810.pdf
[2012/03/28 09.21.39 | 000,590,360 | ---- | C] () -- C:\Documents and Settings\UserXp\Documenti\Mechanizm otwierania drzwi wahadlowo.pdf
[2012/03/24 22.04.04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/24 22.04.04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/03/07 01.09.24 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/01/29 14.50.51 | 000,207,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2012/01/25 14.05.34 | 000,349,264 | ---- | C] () -- C:\WINDOWS\System32\UPDIO2.dll
[2012/01/25 14.05.34 | 000,261,712 | ---- | C] () -- C:\WINDOWS\SUPDRun.exe
[2012/01/25 14.05.33 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\spdpsl.dll
[2012/01/25 14.05.32 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\spdpsci.exe
[2012/01/19 01.47.12 | 000,124,792 | ---- | C] () -- C:\WINDOWS\Wiainst.exe
[2011/02/18 14.36.32 | 000,494,592 | ---- | C] () -- C:\WINDOWS\System32\SNXPWIA.dll
[2011/02/18 14.36.24 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SNWIAUI.dll
[2011/02/18 14.36.24 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\SNXPEH.dll
[2010/12/17 19.11.48 | 000,064,000 | ---- | C] () -- C:\WINDOWS\System32\CDASpl.dll
[2010/11/10 04.45.32 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/11/10 04.45.30 | 010,871,128 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/11/10 04.45.20 | 000,316,248 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/11/10 04.31.42 | 000,026,286 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/09/28 11.46.33 | 000,000,586 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat.temp
[2010/09/28 10.14.38 | 000,172,884 | ---- | C] () -- C:\WINDOWS\hpoins44.dat
[2010/09/28 10.14.37 | 000,000,586 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat
[2010/07/22 16.04.39 | 000,005,172 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/05/07 19.46.36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 19.43.30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

< End of report >