Here there are the txt files
Here below i attach You the txt files You've asked.
1- log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dicati at 2009-03-26 02:28:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 76 GB (50%) free of 153 GB
Total RAM: 1471 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2.30.04, on 26/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Programmi\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\Programmi\richcomm\PowerManagerII\OpenHelp.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\Philips\SPC230NC\Monitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\D-Link\AirPlus G DWL-G510\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Microsoft Office\Office\1040\OLFSNT40.EXE
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\richcomm\PowerManagerII\PMService.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Windows Live\Mail\wlmail.exe
C:\Documents and Settings\Dicati\Desktop\RSIT.exe
C:\Programmi\Trend Micro\HijackThis\Dicati.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PowerManagerII] C:\Programmi\richcomm\PowerManagerII\\PowerManager.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmi\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PMServiceOpenHelp] C:\Programmi\richcomm\PowerManagerII\OpenHelp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UVS12 Preload] C:\Programmi\Corel\Corel VideoStudio 12\uvPL.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [D-Link AirPlus G DWL-G510] C:\Programmi\D-Link\AirPlus G DWL-G510\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Programmi\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QUAD Windows service] C:\Programmi\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h
O4 - HKCU\..\Run: [QUAD Scheduler] C:\Programmi\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10a.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Porta Symantec Fax Starter Edition.lnk = C:\Programmi\Microsoft Office\Office\1040\OLFSNT40.EXE
O4 - Global Startup: TrayMin230.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager...EGetPlugin.ocx
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1224333848000
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: emucsy.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: PMService - Unknown owner - C:\Programmi\richcomm\PowerManagerII\PMService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10829 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{03B57298-0D61-4EAB-9D12-33B1C9B7C18B}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Programmi\AVG\AVG8\avgssie.dll [2009-01-08 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programmi\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\Programmi\AVG\AVG8\avgtoolbar.dll [2009-01-08 1968920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programmi\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\Programmi\AVG\AVG8\avgtoolbar.dll [2009-01-08 1968920]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiS Tray"=C:\WINDOWS\System32\sistray.EXE [2002-05-09 323584]
"SiSUSBRG"=C:\WINDOWS\sisUSBrg.exe [2002-04-25 53248]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2002-02-05 64512]
"PowerManagerII"=C:\Programmi\richcomm\PowerManagerII\\PowerManager.exe [2007-10-15 421888]
"RemoteControl"=C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe [2007-02-12 86016]
"PCMService"=C:\Programmi\CyberLink\PowerCinema\PCMService.exe [2007-02-09 180224]
"NeroFilterCheck"=C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe [2006-01-12 176128]
"EPSON Stylus DX4800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE [2005-02-02 118784]
"DataLayer"=C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe [2005-06-07 837632]
"PMServiceOpenHelp"=C:\Programmi\richcomm\PowerManagerII\OpenHelp.exe [2007-08-15 40960]
"SunJavaUpdateSched"=C:\Programmi\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"SPC230NC_Monitor"=C:\WINDOWS\Philips\SPC230NC\Monitor.exe [2007-12-10 344064]
"SPC_Monitor"=C:\WINDOWS\Philips\SPC230NC\Monitor.exe [2007-12-10 344064]
"Adobe Reader Speed Launcher"=C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"UVS12 Preload"=C:\Programmi\Corel\Corel VideoStudio 12\uvPL.exe [2008-06-09 397456]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-08 1601304]
"ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 241664]
"ISUSScheduler"=C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe [2004-06-16 102400]
"D-Link AirPlus G DWL-G510"=C:\Programmi\D-Link\AirPlus G DWL-G510\AirGCFG.exe [2007-10-24 1572864]
"ANIWZCS2Service"=C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 69632]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Programmi\Skype\Phone\Skype.exe [2008-11-07 21633320]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe [2007-01-15 167936]
"Philips Intelligent Agent"=C:\Programmi\Philips\Intelligent Agent\Philips Intelligent Agent.exe [2008-02-21 613792]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 33280]
"QUAD Windows service"=C:\Programmi\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h []
"QUAD Scheduler"=C:\Programmi\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe []
"SpybotSD TeaTimer"=C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2278400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10a.exe [2008-10-05 235936]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office\OSA9.EXE
Porta Symantec Fax Starter Edition.lnk - C:\Programmi\Microsoft Office\Office\1040\OLFSNT40.EXE
TrayMin230.lnk - C:\Programmi\Philips\Philips SPC230NC Webcam\TrayMin230.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="emucsy.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-01-08 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\ddcYqOhh
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\CyberLink\PowerCinema\PowerCinema.exe"="C:\Programmi\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Programmi\CyberLink\PowerCinema\PCMService.exe"="C:\Programmi\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\eMule AdunanzA\eMule_AdnzA.exe"="D:\eMule AdunanzA\eMule_AdnzA.exe:*:Enabled:eMule"
"D:\BitTorrent\bittorrent.exe"="D:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"D:\Vuze\Azureus.exe"="D:\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Programmi\Philips\Intelligent Agent\Philips Intelligent Agent.exe"="C:\Programmi\Philips\Intelligent Agent\Philips Intelligent Agent.exe:*:Enabled:Philips Intelligent Agent"
"C:\Programmi\AVG\AVG8\avgam.exe"="C:\Programmi\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Programmi\AVG\AVG8\avgemc.exe"="C:\Programmi\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Programmi\AVG\AVG8\avgupd.exe"="C:\Programmi\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Programmi\AVG\AVG8\avgnsx.exe"="C:\Programmi\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Programmi\Infogrames\mc.exe"="C:\Programmi\Infogrames\mc.exe:*:Enabled:Monopoly Tycoon"
"C:\Programmi\Lphant\eLePhantClient.exe"="C:\Programmi\Lphant\eLePhantClient.exe:*:Enabled:Lphant"
"D:\RamaLopster\Lopster.exe"="D:\RamaLopster\Lopster.exe:*:Enabled:Lopster"
"D:\DC++\DCPlusPlus.exe"="D:\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"C:\Documents and Settings\Dicati\Desktop\zmDC++[Operating]-[zM4]-[691]\zmDC++.exe"="C:\Documents and Settings\Dicati\Desktop\zmDC++[Operating]-[zM4]-[691]\zmDC++.exe:*:Enabled:zmDC++[Opereting]"
"D:\zmDC++[Operating]-[zM4]-[691]\zmDC++.exe"="D:\zmDC++[Operating]-[zM4]-[691]\zmDC++.exe:*:Enabled:zmDC++[Opereting]"
"C:\Programmi\Skype\Phone\Skype.exe"="C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{970f4a86-a234-11dd-b794-001cf09115e0}]
shell\AutoRun\command - xih9.cmd
shell\explore\command - xih9.cmd
shell\open\command - xih9.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9196c42-a4f2-11dd-b796-001cf09115e0}]
shell\AutoRun\command - WDSetup.exe
======List of files/folders created in the last 1 months======
2009-03-26 02:28:58 ----D---- C:\rsit
2009-03-21 19:02:48 ----D---- C:\Programmi\xerox
2009-03-13 00:05:29 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-13 00:05:06 ----A---- C:\WINDOWS\system32\fxssend.exe
2009-03-13 00:05:06 ----A---- C:\WINDOWS\system32\fxsroute.dll
2009-03-13 00:05:06 ----A---- C:\WINDOWS\system32\fxsperf.ini
2009-03-13 00:05:05 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2009-03-13 00:03:15 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2009-03-11 19:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 19:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 19:00:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-10 00:44:05 ----D---- C:\Programmi\Free PDF to Word Doc Converter
2009-03-10 00:43:20 ----D---- C:\Programmi\MSECache
2009-03-02 13:59:38 ----D---- C:\Programmi\EPDCalc
2009-03-02 13:59:25 ----N---- C:\WINDOWS\Setup1.exe
2009-03-02 13:59:22 ----A---- C:\WINDOWS\ST6UNST.EXE
======List of files/folders modified in the last 1 months======
2009-03-26 02:28:39 ----D---- C:\WINDOWS\Prefetch
2009-03-26 02:28:30 ----D---- C:\WINDOWS\Temp
2009-03-26 02:24:33 ----D---- C:\Documents and Settings\Dicati\Dati applicazioni\Skype
2009-03-26 01:03:27 ----D---- C:\WINDOWS\system32
2009-03-26 00:36:54 ----SHD---- C:\WINDOWS\Installer
2009-03-25 11:40:35 ----D---- C:\WINDOWS\system32\drivers
2009-03-25 09:09:09 ----HD---- C:\$AVG8.VAULT$
2009-03-25 08:00:20 ----D---- C:\Documents and Settings\Dicati\Dati applicazioni\skypePM
2009-03-24 10:26:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-24 01:32:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-23 21:02:43 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-21 19:02:48 ----RD---- C:\Programmi
2009-03-21 13:53:25 ----D---- C:\WINDOWS
2009-03-21 05:44:25 ----D---- C:\Programmi\Spybot - Search & Destroy
2009-03-20 15:39:31 ----SD---- C:\WINDOWS\Tasks
2009-03-20 15:39:30 ----A---- C:\WINDOWS\wininit.ini
2009-03-20 09:40:25 ----D---- C:\Programmi\PDFCreator
2009-03-19 02:35:14 ----D---- C:\Documents and Settings\Dicati\Dati applicazioni\dvdcss
2009-03-18 09:20:20 ----D---- C:\Documents and Settings
2009-03-16 07:55:38 ----D---- C:\WINDOWS\security
2009-03-13 00:06:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-13 00:05:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-13 00:05:06 ----D---- C:\WINDOWS\addins
2009-03-11 19:01:06 ----HD---- C:\WINDOWS\inf
2009-03-11 19:01:06 ----A---- C:\WINDOWS\imsins.BAK
2009-03-11 19:00:41 ----D---- C:\WINDOWS\WinSxS
2009-03-11 09:24:21 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-10 21:12:10 ----SD---- C:\Documents and Settings\Dicati\Dati applicazioni\Microsoft
2009-03-10 10:00:06 ----D---- C:\WINDOWS\Help
2009-03-10 10:00:02 ----D---- C:\WINDOWS\Cursors
2009-03-10 09:59:58 ----D---- C:\Programmi\Windows NT
2009-03-10 00:44:24 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 01:10:04 ----D---- C:\WINDOWS\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-17 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-08 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-08 107272]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\drivers\srvkp.sys [2002-04-02 5760]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-25 2831232]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2002-02-04 278908]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-08 29208]
R3 ms_mpu401;Driver Microsoft MPU-401 MIDI UART; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 PAEAFLT.sys;USB Composite Device; C:\WINDOWS\system32\DRIVERS\PAEAFLT.sys [2007-09-26 8576]
R3 RT61;D-Link Wireless Driver; C:\WINDOWS\System32\DRIVERS\RT61.sys [2007-05-12 380928]
R3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2002-08-01 216448]
R3 SISNIC;Driver per scheda Fast Ethernet PCI SiS; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-04 32768]
R3 SPC230NC;Philips SPC230NC Webcam; C:\WINDOWS\system32\DRIVERS\SPC230NC.SYS [2007-12-31 461056]
R3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Driver miniport per controller open host USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 aoktcsuo;aoktcsuo; C:\WINDOWS\system32\drivers\aoktcsuo.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-08 29208]
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-05-27 7288]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-05-27 11001]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-05-27 128295]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Driver scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Serial emulation modem driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-08 903960]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-08 298264]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-01-17 1339600]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2007-02-09 278608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programmi\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 PMService;PMService; C:\Programmi\richcomm\PowerManagerII\PMService.exe [2007-10-15 167936]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programmi\CyberLink\Shared files\RichVideo.exe [2007-02-09 262247]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe [2008-06-09 53392]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 56832]
R3 NMIndexingService;NMIndexingService; C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe [2007-01-15 286720]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 69632]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2007-02-09 110677]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 286208]
S2 StarWindService;StarWind iSCSI Service; C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 235520]
S3 aspnet_state;Servizio stato di ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 794624]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 284160]
-----------------EOF-----------------
2- info.txt:
info.txt logfile of random's system information tool 1.06 2009-03-26 02:30:13
======Uninstall list======
-->"C:\Programmi\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\Programmi\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A90000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AdunanzA-->"D:\eMule AdunanzA\Disinstallazione eMule AdunanzA.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aggiornamento della protezione per Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
AirPlus G DWL-G510-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{8B128562-681D-4FFA-BEBF-A825985B2CB9}\setup.exe" -l0x10 -removeonly
Alive MP3 WAV Converter 3.8.0.9-->C:\Programmi\AliveMedia\MP3 WAV Converter\uninst.exe
Alive Video Converter (version 3.1.2.8)-->"C:\Programmi\AliveMedia\Video Converter\unins000.exe"
ANIO Service-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
ASUS MyCinema Series-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{D70666B2-7E6B-46F0-85E2-06C30C1269C0}\setup.exe" -l0x9
ASUS TSSI-->MsiExec.exe /I{76A2DC7C-D385-498E-9C6B-CF9626F8BE1E}
Avance AC'97 Audio-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
AVG 8.0-->C:\Programmi\AVG\AVG8\setup.exe /UNINSTALL
Chi Vuol Essere Milionario Seconda Edizione-->MsiExec.exe /I{28E68FAA-FA6B-44C4-8707-0B4E6C8BD611}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0410-0000-0000000FF1CE}
Corel VideoStudio 12-->C:\Programmi\InstallShield Installation Information\{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}\setup.exe -runfromtemp -l0x0409
DC++ 0.7091-->"D:\DC++\uninstall.exe"
DivX Web Player-->C:\Programmi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EPSON Attach To Email-->C:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x10 -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x10 UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x10 UNINST
EPSON Image Clip Palette-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x10 -u
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x10 -u
EPSON Scan-->C:\Programmi\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x10 -anything
ESDX4800_4200 Guida utente-->C:\Programmi\EPSON\TPMANUAL\ESDX4800_4200\USE_G\DOCUNINS.EXE
EuroMonopolio Deluxe-->C:\PROGRAMMI\EuroMonopolio Deluxe\Uninstal.exe
Free PDF to Word Doc Converter v1.1-->"C:\Programmi\Free PDF to Word Doc Converter\unins000.exe"
Garmin City Navigator Europe NT 2009 Update-->MsiExec.exe /X{1240A058-8BCE-4A3B-BF82-6E5B801D71BA}
Garmin Communicator Plugin-->MsiExec.exe /X{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}
Garmin POI Loader-->MsiExec.exe /X{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}
HijackThis 2.0.2-->"C:\Programmi\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Indeo® XP Software-->C:\WINDOWS\IsUninst.exe -fC:\Programmi\Ligos\Indeo\UninstXP.isu
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Malwarebytes' Anti-Malware-->"C:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Italian Language Pack-->MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA-->MsiExec.exe /I{71CB2612-627C-3D58-8D82-B77444B27B6A}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000410-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Monopoly Tycoon v1.4 Patch-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{B975F4A1-63B6-11D4-BFEC-005004AF2D32}\Setup.exe" -l0x9
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Ultra Edition-->MsiExec.exe /I{C0794D51-7A5E-4186-8416-AD8D61F01040}
Nero Reloaded PlugIn Pack 2.0.4 by GEAR-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}\setup.exe" -l0x9 -removeonly
Nokia Connectivity Cable Driver-->C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3D249F10-79EC-48D4-93E5-C470ABE523FA} /l1040
Nokia PC Suite-->C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{617095DB-B523-4D11-BBFD-2D74C2AD98B8} /l1040
PDFCreator 0.8.0-->C:\Programmi\PDFCreator\unins000.exe
Philips Intelligent Agent-->"C:\Programmi\Philips\Intelligent Agent\Uninst\unins000.exe"
Philips SPC230NC Webcam-->C:\Programmi\InstallShield Installation Information\{05F350C6-FA6A-40D0-A130-FB941B39152C}\Setup.exe -runfromtemp -l0x0010 -removeonly
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x10 anything
PowerCinema MakeDisc Module-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
PowerCinema-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
PowerManagerII-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{6BF64324-3562-46E5-9022-B2840D486E62}\Setup.exe"
Projection Distance Calculator-->C:\WINDOWS\st6unst.exe -n "C:\Programmi\EPDCalc\ST6UNST.LOG"
RunAlyzer-->"C:\Programmi\Safer Networking\RunAlyzer\unins000.exe"
SiS 650_651_M650_740-->RUNDLL32 setuplib.dll,UnInstall ,315&ISUNINST -f"C:\PROGRA~1\SISCOM~1.09B\DeIsL1.isu"&P.U 4 sisgr.inf&-1
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Software per stampante EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Programmi\Spybot - Search & Destroy\unins000.exe"
TVUPlayer 2.3.3.2-->C:\Programmi\TVUPlayer\uninst.exe
Utilità di backup di Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoLAN VLC media player 0.8.6a-->C:\Programmi\VideoLAN\VLC\uninstall.exe
Webcam Video Viewer-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{CECB7782-F35F-45CE-97C0-74BBBDC51C22}\Setup.exe" -l0x10
Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{CD199CDB-00AE-42BB-B6E9-64C69D8730EF}
Windows Live Mail-->MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Media Format Runtime-->"C:\Programmi\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Programmi\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Internet Security Network Edition
FW: AVG Firewall
======System event log======
Computer Name: DICATI-HOME
Event Code: 7035
Message: Invio di un controllo avvio da parte del servizio Servizio COM di masterizzazione CD IMAPI riuscito.
Record Number: 28719
Source Name: Service Control Manager
Time Written: 20090128115152.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM
Computer Name: DICATI-HOME
Event Code: 7036
Message: Il servizio Servizio COM di masterizzazione CD IMAPI è ora in modalità esecuzione.
Record Number: 28718
Source Name: Service Control Manager
Time Written: 20090128115152.000000+060
Event Type: Informazione
User:
Computer Name: DICATI-HOME
Event Code: 9
Message: La periferica \Device\Ide\IdePort1 non ha risposto entro il tempo di attesa.
Record Number: 28717
Source Name: atapi
Time Written: 20090128114852.000000+060
Event Type: Errore
User:
Computer Name: DICATI-HOME
Event Code: 9
Message: La periferica \Device\Ide\IdePort1 non ha risposto entro il tempo di attesa.
Record Number: 28716
Source Name: atapi
Time Written: 20090128114817.000000+060
Event Type: Errore
User:
Computer Name: DICATI-HOME
Event Code: 12
Message: Superata la capacità del buffer circolare che memorizza i dati provenienti dal mouse (la dimensione del buffer è configurabile dalle proprietà mouse PS/2 in Gestione periferiche).
Record Number: 28715
Source Name: i8042prt
Time Written: 20090128114412.000000+060
Event Type: Informazione
User:
=====Application event log=====
Computer Name: DICATI-HOME
Event Code: 1517
Message: È stato salvato il registro dell'utente DICATI-HOME\Dicati mentre un'applicazione o servizio lo stava ancora utilizzando durante la disconnessione. La memoria utilizzata del registro dell'utente non è stata liberata. Il registro sarà scaricato non sarà più utilizzato.
L'errore è spesso causato da servizi eseguiti come un account utente. Provare a configurare l'esecuzione dei servizi come account LocalService o NetworkService.
Record Number: 1685
Source Name: Userenv
Time Written: 20081222234812.000000+060
Event Type: Attenzione
User: NT AUTHORITY\SYSTEM
Computer Name: DICATI-HOME
Event Code: 101
Message: wlmail (1132) Motore del database interrotto.
Record Number: 1684
Source Name: ESENT
Time Written: 20081222145101.000000+060
Event Type: Informazione
User:
Computer Name: DICATI-HOME
Event Code: 103
Message: wlmail (1132) WindowsLiveMail0: Il motore del database ha interrotto un'istanza (0).
Record Number: 1683
Source Name: ESENT
Time Written: 20081222145101.000000+060
Event Type: Informazione
User:
Computer Name: DICATI-HOME
Event Code: 213
Message: wlmail (1132) WindowsLiveMail0: Procedura di backup completata.
Record Number: 1682
Source Name: ESENT
Time Written: 20081222081748.000000+060
Event Type: Informazione
User:
Computer Name: DICATI-HOME
Event Code: 224
Message: wlmail (1132) WindowsLiveMail0: Eliminazione dei file di registro C:\Documents and Settings\Dicati\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\edb0003B.log per C:\Documents and Settings\Dicati\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\edb0003B.log in corso...
Record Number: 1681
Source Name: ESENT
Time Written: 20081222081748.000000+060
Event Type: Informazione
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\File comuni\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0103
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Looking forward to Your reply. Thanks for all Your help!
errata corrige for last things...
:bigthumb: You are doing a good job helping other people, :) THANKS... i think that without your help i would have lost everything, but when You said to me that maybe the virus was terrible, i have immediatly copy/paste every important doc on an external hard drive...
Bye Bye!