Forum Clubic

Rapport malwarebytes- hijackthis

S’lut à tous,
à cause d’un virus mon pc a èté infectè ,j’ai telecharger avast qui a pu eliminer certain virus mais pas tous. Sur ce forum j’a lu k il fallait aussi telecharger le logiciel malwarebyte et hijackthis pour eliminer les virus restants , les rapports finals sont les suivants , j’aurais besoin ke kelkun me les analyse svp:

Malwarebytes’ Anti-Malware 1.44
Version de la base de données: 3572
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

16/01/2010 0.59.48
mbam-log-2010-01-16 (00-59-48).txt

Type de recherche: Examen complet (C:|D:|E:|)
Eléments examinés: 179304
Temps écoulé: 1 hour(s), 14 minute(s), 19 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 31
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 11
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 68

Processus mémoire infecté(s):
C:\WINDOWS\system32\smss32.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Programmi\rkfree\rkfree.exe (Keylogger.Logixoft) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\helper32.dll (Trojan.BHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5f02d04b-50b3-4a07-ba6e-dab1562ce975} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqppmml (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{5f02d04b-50b3-4a07-ba6e-dab1562ce975} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{b37ac692-c4b7-462f-8a5f-0de78bcb62e0} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{b37ac692-c4b7-462f-8a5f-0de78bcb62e0} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{db893839-10f0-4af9-92fa-b23528f530af} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_USERS.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IS2010 (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wgpfp (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rkfree (Keylogger.Logixoft) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet security 2010 (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\winlogon32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: system32\winlogon32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\winlogon32.exe) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\ssqppmml.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\helper32.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Programmi\rkfree\rkfree.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\IS15.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogon32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp~TME.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp~TM1F.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OTQZ49MV\SetupIS2010[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OXUBKPAB\dfghfghgfj[1].dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Helene\Documenti\PcSetup\rkfree_setup.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\Helene\Dati applicazioni\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP142\A0056998.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP142\A0056999.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP142\A0057003.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP142\A0057004.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058093.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058094.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058554.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058555.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058556.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058557.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058560.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058561.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP143\A0058562.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073498.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073511.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073512.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073538.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073547.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073559.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073570.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{3E507D8D-7122-4242-94EB-326CB4914499}\RP175\A0073574.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Recycled\Dc170.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\Recycled\Dc171.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\Recycled\Dc172.exe (Keylogger.Logixoft) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(4)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(7)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(15)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(6)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(10)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(2)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(18)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(17)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(12)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(11)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(16)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(9)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(8)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(14)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(5)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(13)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user(3)(3).ds (Stolen.data) -> Quarantined and deleted successfully.
C:\Documents and Settings\Helene\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Helene\Menu Avvio\Internet Security 2010.lnk (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmgcd32.dl_ (Virus.Sality) -> Quarantined and deleted successfully.
C:\WINDOWS\BM313e2b3d.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM313e2b3d.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\41.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Helene\Dati applicazioni\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\warning.html (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

pour sa lenteur j’ai telecharger le logiciel hijackthis qui m’a donnè le rapport suivant :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.11.17, on 16/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ms\comsrv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Search Settings\SearchSettings.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\sistray.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = fr.rd.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = fr.rd.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = fr.rd.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programmi\iMesh Applications\iMesh\iMeshIEHelper.dll
O2 - BHO: Guida per l’accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O4 - HKLM…\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM…\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM…\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM…\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM…\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM…\Run: [LaunchApp] Alaunch
O4 - HKLM…\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Programmi\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Programmi\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [SearchSettings] C:\Programmi\Search Settings\SearchSettings.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [MsnMsgr] “C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [MSMSGS] “C:\Programmi\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU…\Run: [VoipStunt] “C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe” -nosplash -minimized
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [Skype] “C:\Programmi\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO LOCALE’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO DI RETE’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: PalTalk.lnk = C:\Programmi\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Save YouTube Video - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: bw+0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programmi\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: COMService - Unknown owner - C:\WINDOWS\system32\ms\comsrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe


End of file - 25657 bytes

svp aidez moi je ne sais koi eliminer

Salut

Lis bien et poste les rapports

1)en premier lances Malwarebytes ,cliques sur ==> Quarantaine et tu supprimes tout

2)Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

ensuite

  1. Désactive ton Antivirus

Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau.

==> Toolbar-S&D

==>Double clique l’icône ToolBar S&D sur le bureau
==>Sous Vista, faire un clic droit et “Exécuter en tant qu’administrateur” (Elévation des privilèges), puis -> Continuer.
==>Choisi F pour français et valide
==>Au menu principal de ToolBar S&D choisi ==> l’option 2 (Suppression)
==>Le menu Démarrer et les icônes vont disparaîtrent, c’est normal
==>La recherche s’effectue, cela peut prendre plusieurs minutes, ne touche à rien.
==>Une fois l’analyse terminée, le rapport de recherche s’ouvre dans le Bloc-Note. (Dans le cas où le rapport ne s’ouvre pas, ce dernier se trouve sur C:\TB.txt)

Copier/coller le rapport

Réactive ton Antivirus

aprés

  1. Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

==> AD-Remover

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur AD-Remover pour le lancer : au menu principal,

Puis choisis ==> L (lancer le nettoyage

le programme va travailler.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report.log)

Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet “Fichier”, “Nouvelle tâche”, tape explorer.exe et valide)

Bonjour

Eh bien, il était pas trop entretenu cet ordi et mal protégé !!!
C’est une vraie infection de cochonneries, c’est pire que le SIDA des ordi son truc, jamais vu ça …

Un petit peu de prudence quand même pour l’avenir

A+

Bonjour

Voilà le travaille d’Avast, combien de personne qui ont Avast qui viennent sur se forum car il ont des virus?

Un conseille vire Avast, et prend Avira Antivir Personal ses gratuit, ou pour quelque € Avira Antivir Premium.

Bon week-end :hello:

Slut à tous, merçi et encore merci pour ton aide cricri58

j’ai fait ce ke tu m’as demandè de faire le rapport:

Rapport toolbar:

-----------\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel® Celeron® M processor 1.50GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.0
USER : Helene ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100117-0] 4.8.1368 (Not Activated)
C:\ (Local Disk) - FAT32 - Total:25 Go (Free:4 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:18 Go)
E:\ (CD or DVD)

“C:\ToolBar SD” ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 17/01/2010|15.52 )
C:\WINDOWS\Fonts\acrsec.fon
C:\DOCUME~1\Helene\IMPOST~1\Temp\nssD2.tmp

-----------\ SUPPRESSION

Supprime! - C:\DOCUME~1\Helene\Cookies\helene@www.jobcrawler[2].txt
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Dealio\temp
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Dealio\res
Supprime! - C:\Programmi\Mozilla Firefox\extensions\dealio@mybrowserbar.com
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-19328834.pf
Supprime! - C:\Programmi\Mozilla Firefox\extensions\searchsettings@spigot.com
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Search Settings\KB128
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Search Settings\kb130
Supprime! - C:\Programmi\Search Settings\FF
Supprime! - C:\Programmi\Search Settings\res
Supprime! - C:\Programmi\Search Settings\temp
Supprime! - C:\Programmi\Search Settings\SearchSettings.dll
Supprime! - C:\Programmi\Search Settings\SearchSettings.exe
Supprime! - C:\Programmi\Search Settings\SearchSettingsRes409.dll
Supprime! - C:\WINDOWS\Fonts\acrsec.fon
Supprime! - C:\DOCUME~1\Helene\IMPOST~1\Temp\nssD2.tmp
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Dealio
Supprime! - C:\DOCUME~1\HELENE\DATIAP~1\Search Settings
Supprime! - C:\Programmi\Search Settings

-----------\ Recherche de Fichiers / Dossiers …

-----------\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(Helene) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Helene) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Helene) - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} => phpnukeit

-----------\ […\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.yahoo.fr/
“Search Page”=“http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
“Search Bar”=“http://www.google.com/ie
“SearchMigratedDefaultURL”=“http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
“Url”=“http://go.microsoft.com/fwlink/?LinkId=75721

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Default_Page_URL”=“http://fr.yahoo.com
“Default_Search_URL”=“http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
“Search Page”=“http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
“Start Page”=“http://www.msn.com/

--------------------\ Recherche d’autres infections

C:\Programmi\Live-Player
C:\Programmi\Live-Player\uninst.exe
C:\Programmi\Live-Player\SkinCrafterDll.dll
C:\Programmi\Live-Player\sqlite3.dll
C:\Programmi\Live-Player\live-player.exe
C:\Programmi\Live-Player\skins
C:\Programmi\Live-Player\data
C:\DOCUME~1\Helene\IMPOST~1\DATIAP~1\live-player
C:\DOCUME~1\ALLUSE~1\MENUAV~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUAV~1\PROGRA~1\Live-Player\D?sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUAV~1\PROGRA~1\Live-Player\Live-Player.lnk

C:\DOCUME~1\Helene\IMPOST~1\DATIAP~1\hqjtdcog.exe
C:\DOCUME~1\Helene\IMPOST~1\DATIAP~1\hqjtdcog.dat
C:\DOCUME~1\Helene\IMPOST~1\DATIAP~1\hqjtdcog_nav.dat
C:\DOCUME~1\Helene\IMPOST~1\DATIAP~1\hqjtdcog_navps.dat
==> EGDACCESS <==

C:\WINDOWS\system32\vxyyxyay.ini
C:\WINDOWS\system32\vxyyxyay.ini2
==> VUNDO <==

1 - “C:\ToolBar SD\TB_1.txt” - 17/01/2010|15.55 - Option : [2]

-----------\ Fin du rapport a 15.55.25,07

Rapport AD REMOVER:

.
======= LOGFILE OF AD-REMOVER 1.1.4.6_H | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 16.01.2010 at 22:13
Contact: AdRemover.contact@gmail.com
Website: pagesperso-orange.fr…
.
Launch at: 16:03:28, 17/01/2010 | Normal Boot | Option: CLEAN
Executed from: C:\Ad-Remover
Operating system: Microsoft® Windows XP™ Service Pack 2 Versione 5.1.2600
Computer Name: ACER-7FA50A97F2 | Current user: Helene
.
============== NEUTRALIZED ELEMENT(S) ==============
.

C:\DOCUME~1\Helene\DATIAP~1\Mozilla\FireFox\Profiles\5gkijdc4.default\extensions\toolbar@ask.com
C:\DOCUME~1\Helene\DATIAP~1\Mozilla\FireFox\Profiles\5gkijdc4.default\searchplugins\ask.xml
C:\DOCUME~1\Helene\DATIAP~1\Mozilla\FireFox\Profiles\5gkijdc4.default\searchplugins\askcom.xml
C:\DOCUME~1\Helene\DATIAP~1\Mozilla\FireFox\Profiles\5gkijdc4.default\searchplugins\iMeshWebSearch.xml
C:\WINDOWS\Installer{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\DOCUME~1\Helene\DOCUME~1\Musica\Imesh
C:\DOCUME~1\Helene\DOCUME~1\Imesh
C:\Programmi\Mozilla FireFox\Components\AskSearch.js
C:\Programmi\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
C:\DOCUME~1\Helene\IMPOST~1\Temp\AskSearch
C:\DOCUME~1\Helene\IMPOST~1\Temp\iMesh user license agreement.txt
C:\DOCUME~1\Helene\IMPOST~1\Temp\iMeshInstaller
C:\DOCUME~1\ALLUSE~1\MENUAV~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUAV~1\PROGRA~1\iMesh
C:\Programmi\Ask.com
C:\Programmi\Live-Player
C:\Programmi\Dealio Toolbar
C:\Programmi\iMesh Applications
C:\Programmi\iMeshMediabarTb
C:\DOCUME~1\Helene\DATIAP~1\Desktopicon
C:\DOCUME~1\Helene\DATIAP~1\EoRezo
C:\DOCUME~1\Helene\DATIAP~1\iMeshMediabarTb
C:\DOCUME~1\Helene\DATIAP~1\Microsoft\Internet Explorer\Quick Launch\Ebay.lnk
C:\DOCUME~1\Helene\MENUAV~1\Ebay.lnk
C:\DOCUME~1\Helene\Desktop\Ebay.lnk
C:\Windows\Installer\253cf3c.msi
C:\Windows\Installer\253cf2b.msi
C:\DOCUME~1\Helene\IMPOST~1\Temp\is-5P6GI.tmp\EoRezo
C:\DOCUME~1\Helene\IMPOST~1\Temp\toolbar.xml
C:\DOCUME~1\ALLUSE~1\Desktop\Live-Player.lnk

(!) – Temp files deleted.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKCU\software\appdatalow\software\Dealio
HKCU\software\Ask.com
HKCU\software\AskToolbar
HKCU\software\iMesh
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\BHO iMesh
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\Software\Classes\Applications\iMesh.exe
HKLM\Software\Classes\CLSID{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
HKLM\Software\Classes\CLSID{03F14321-8FED-4CBC-B01A-4B57FC199062}
HKLM\Software\Classes\CLSID{148132E6-626D-4A5E-8063-A761EB29A50B}
HKLM\Software\Classes\CLSID{23BDC78C-B7BB-42E5-B970-54B292592D72}
HKLM\Software\Classes\CLSID{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
HKLM\Software\Classes\CLSID{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
HKLM\Software\Classes\CLSID{3BF72F68-72D8-461D-A884-329D936C5581}
HKLM\Software\Classes\CLSID{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
HKLM\Software\Classes\CLSID{4EE0B011-604C-47F3-8F2B-39F79640B85E}
HKLM\Software\Classes\CLSID{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
HKLM\Software\Classes\CLSID{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
HKLM\Software\Classes\CLSID{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
HKLM\Software\Classes\CLSID{69D3F709-9DE2-479F-980F-532D46895703}
HKLM\Software\Classes\CLSID{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
HKLM\Software\Classes\CLSID{78E9D883-93CD-4072-BEF3-38EE581E2839}
HKLM\Software\Classes\CLSID{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
HKLM\Software\Classes\CLSID{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
HKLM\Software\Classes\CLSID{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
HKLM\Software\Classes\CLSID{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
HKLM\Software\Classes\CLSID{B0639356-335C-4E47-B63C-12531A7A5206}
HKLM\Software\Classes\CLSID{B162A975-6C7C-4202-9167-306028913A3D}
HKLM\Software\Classes\CLSID{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
HKLM\Software\Classes\CLSID{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
HKLM\Software\Classes\CLSID{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
HKLM\Software\Classes\CLSID{D8BFC514-1135-4393-B09A-193D2AAC5037}
HKLM\Software\Classes\CLSID{DEF4ED0D-E666-4631-A35A-A634332F0550}
HKLM\Software\Classes\CLSID{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
HKLM\Software\Classes\CLSID{F8AB43ED-EC88-4de7-B213-F89157D29C62}
HKLM\software\classes\DiscoveryHelper.iMesh6Discovery
HKLM\software\classes\DiscoveryHelper.iMesh6Discovery.1
HKLM\software\classes\GenericAskToolbar.ToolbarWnd
HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
HKLM\software\classes\iMesh.AudioCD
HKLM\software\classes\iMesh.Device
HKLM\software\classes\iMesh.file
HKLM\software\classes\iMeshIEHelper.UrlHelper
HKLM\software\classes\iMeshIEHelper.UrlHelper.1
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\Interface{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKLM\Software\Classes\Interface{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
HKLM\Software\Classes\Interface{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
HKLM\software\classes\SearchSettings.BHO
HKLM\software\classes\SearchSettings.BHO.1
HKLM\Software\Classes\TypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Classes\TypeLib{2D77AC8A-0A4C-40D0-9557-51907A575E45}
HKLM\Software\Classes\TypeLib{403A885F-CB00-40C1-BDC1-EB09053194F7}
HKLM\Software\Classes\TypeLib{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
HKLM\Software\Classes\TypeLib{55C1727F-5535-4C2A-9601-8C2458608B48}
HKLM\Software\Classes\TypeLib{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
HKLM\Software\Classes\TypeLib{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
HKLM\Software\Classes\TypeLib{84B9B044-17C0-48FB-A300-C9747D5DF29C}
HKLM\Software\Classes\TypeLib{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
HKLM\Software\Classes\TypeLib{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
HKLM\Software\Classes\TypeLib{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
HKLM\Software\Classes\TypeLib{ADEA3C4E-2184-40A2-9556-488456427E80}
HKLM\Software\Classes\TypeLib{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
HKLM\Software\Classes\TypeLib{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKLM\Software\Classes\TypeLib{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
HKLM\Software\Classes\TypeLib{F07FBD3E-2048-44A4-9065-71BF551E2672}
HKLM\software\iMesh
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\23A03A6765D10864EB278629A2DF32C3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\323D2420527EA994FB326F15D333660E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\3A4FCCE032CA50340A6975C92410AE30
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\47C0E5F51006CED41ACE3F495B01FE81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\588DFA161592E9747948BFFE475476F4
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6E00D9B24354FBA44AE2CA0FA86EF2E2
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7C13F41728A69EF41AA1A3372FB86FA6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B072F84D5AF1BB34C980E01F5689D864
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B92A2929968AED344BD6B34AD60E6604
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BB1E992117B1B0B42BD2CDAEB8E749C4
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DA6F069968D91A540A1363E997581959
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DBC7F2B5594E08A4C87EF4C22971C615
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\microsoft\windows\currentversion\uninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\software\microsoft\windows\currentversion\uninstall\iMesh
HKLM\software\microsoft\windows\currentversion\uninstall\imeshmediabartb
HKLM\software\microsoft\windows\currentversion\uninstall\wgpfp
.
============== Added scan ==============
.
.

  • Mozilla FireFox Version 2.0.0.20 [en-US] *
    .
    ProfilePath: 5gkijdc4.default (Helene)
    .
    (Helene, prefs.js) Browser.search.defaultenginename, Yahoo
    (Helene, prefs.js) Browser.search.defaulturl, www.google.com…
    (Helene, prefs.js) Browser.search.selectedEngine, Yahoo
    (Helene, prefs.js) Keyword.URL, it.search.yahoo.com…
    .
    .
    .
  • Internet Explorer Version 7.0.5730.11 *
    .
    [HKEY_CURRENT_USER…\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\WINDOWS\system32\blank.htm
    Show_ToolBar: yes
    Start Page: fr.msn.com…
    Use Custom Search URL: 1 (0x1)
    Use Search Asst: no
    Search Bar: go.microsoft.com…
    Enable Browser Extensions: yes
    Default_search_url: www.microsoft.com…
    Default_page_url: www.microsoft.com…
    .
    [HKEY_LOCAL_MACHINE…\Internet Explorer\Main]
    .
    Default_Page_URL: www.microsoft.com…
    Default_Search_URL: www.microsoft.com…
    Search Page: www.microsoft.com…
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Start Page: fr.msn.com…
    Search bar: search.msn.com…
    .
    [HKEY_LOCAL_MACHINE…\Internet Explorer\ABOUTURLS]
    .
    Tabs: ieframe.dll…
    .
    ===================================
    .
    13393 Byte(s) - C:\Ad-Report-CLEAN[1].log
    .
    435 File(s) - C:\DOCUME~1\Helene\IMPOST~1\Temp
    551 File(s) - C:\WINDOWS\Temp
    9 File(s) - C:\WINDOWS\Prefetch
    .
    18 File(s) - C:\Ad-Remover\BACKUP
    580 File(s) - C:\Ad-Remover\QUARANTINE
    .
    End at: 16:12:55 | 17/01/2010 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    Je dois vraiment changer l’antivirus Avast ? n’est-il pas efficace?

Merçi à tous

Salut

ToolbarS&D et AD-Remover ont fait leur Job

fais ceci

  1. télécharge GenProc

GenProc

double clic sur GenProc.exe et poste le contenu du rapport qui s’ouvre .

réponds " oui" à la fenêtre qui apparait

http://i34.tinypic.com/262sh7b.png

poste le contenu du rapport qui s’ouvre

ensuite

  1. Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

http://i46.tinypic.com/i5q0c7.png

==>RSIT

==> Double-clique sur RSIT.exe afin de lancer RSIT.

==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

slut,
voici les rapports:

GENPROC:
Rapport GenProc 2.660 [1] - 17/01/2010 à 19.34.59
@ Windows XP Service Pack 2 - Mode normal
@ Mozilla Firefox 2.0.0.20 (en-US) [Navigateur par défaut]

Etape 1/ Télécharge :

  • CCleaner www.ccleaner.com… (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur “Options”, “Avancé” et décoche la case “Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”. Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.

  • Navilog1 pagesperso-orange.fr… (IL-MAFIOSO) sur ton Bureau.

  • ComboFix download.bleepingcomputer.com… (sUBs) sur ton Bureau.
    Désactive ton antivirus, ton pare-feu et ferme tes programmes en cours. Lance combofix.exe et accepte les termes en cliquant sur OUI. Patiente. Au message “ComboFix a détecté que la ‘console de récupération Windows’ n’existe pas sur ce PC”, clique sur oui puis sur OK, puis patiente. Valide le CLUF Microsoft. Au message “La console de récupération a été installée avec succès”, clique impérativement sur NON pour quitter le programme (ferme également le rapport CF-RC.txt qui s’est ouvert)

Redémarre en mode sans échec comme indiqué ici www.pcloisirs.eu… ; Choisis ta session courante *** Helene *** (pour retrouver le rapport, clique sur le raccourci “Rapport GenProc[1]” sur ton bureau).

Etape 2/

Double clique sur le raccourci Navilog1 sur le Bureau, et choisis l’option 1 ; valide et patiente jusqu’au message “Scan terminé le…”.

Etape 3/

Double clique sur combofix.exe et suis les instructions. Attention de ne pas utiliser ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne au risque de figer l’ordinateur.

Etape 4/

Lance CCleaner : “Nettoyeur”/“lancer le nettoyage” et c’est tout.

Etape 5/

Redémarre normalement et poste, dans la même réponse :

  • Le contenu du rapport Combofix.txt situé dans C:\ ;
  • Le contenu du rapport cleannavi.txt situé dans C:\ ;
  • Un nouveau rapport GenProc ;

Précise les difficultés que tu as eu (ce que tu n’as pas pu faire…) ainsi que l’évolution de la situation.

~~ Arguments de la procédure ~~

Détections [1] GenProc 2.660 17/01/2010 à 19.35.48

Navipromo:le 17/01/2010 à 19.36.24 “C:\Documents and Settings\Helene\Impostazioni locali\Dati applicazioni*_nav??.dat”
Vundo:le 17/01/2010 à 19.36.27 “C:\WINDOWS\system32*.ini2”


Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

~~ Fin à 19.36.58 ~~

RSIT:

INFO :
info.txt logfile of random’s system information tool 1.06 2010-01-17 19:38:58

======Uninstall list======

–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
–>C:\Programmi\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
–>C:\Programmi\Weflirt/uninstall.exe
–>C:\WINDOWS\IsUninst.exe -f"C:\Programmi\Acer Inc.\Acer Italian Guide Link\Uninst.isu"
–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe” -l0x10 -uninst
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook–>C:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer GridVista–>C:\WINDOWS\UnInst32.exe GridV.UNI
Actual Spy 3.0–>“C:\Programmi\ACSPMonitor\unins000.exe”
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Ad-Remover By C_XX–>“C:\Ad-Remover\Un-ADR.exe”
Aggiornamento critico per Windows Media Player 11 (KB959772)–>“C:\WINDOWS$NtUninstallKB959772_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090)–>“C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768)–>“C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566)–>“C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB937143)–>“C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653)–>“C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)–>“C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)–>“C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)–>“C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)–>“C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)–>“C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)–>“C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)–>“C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)–>“C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)–>“C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 10 (KB917734)–>“C:\WINDOWS$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB936782)–>“C:\WINDOWS$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)–>“C:\WINDOWS$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 9 (KB911565)–>“C:\WINDOWS$NtUninstallKB911565$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB890046)–>“C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB893756)–>“C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896358)–>“C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896422)–>“C:\WINDOWS$NtUninstallKB896422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896423)–>“C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896424)–>“C:\WINDOWS$NtUninstallKB896424$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896428)–>“C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899587)–>“C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899591)–>“C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB900725)–>“C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901017)–>“C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901190)–>“C:\WINDOWS$NtUninstallKB901190$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901214)–>“C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB902400)–>“C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB904706)–>“C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905414)–>“C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905749)–>“C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB908519)–>“C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911562)–>“C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911567)–>“C:\WINDOWS$NtUninstallKB911567$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911927)–>“C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912812)–>“C:\WINDOWS$NtUninstallKB912812$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912919)–>“C:\WINDOWS$NtUninstallKB912919$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913446)–>“C:\WINDOWS$NtUninstallKB913446$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913580)–>“C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914388)–>“C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914389)–>“C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917159)–>“C:\WINDOWS$NtUninstallKB917159$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917344)–>“C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917422)–>“C:\WINDOWS$NtUninstallKB917422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917953)–>“C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918118)–>“C:\WINDOWS$NtUninstallKB918118$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918439)–>“C:\WINDOWS$NtUninstallKB918439$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918899)–>“C:\WINDOWS$NtUninstallKB918899$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB919007)–>“C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920213)–>“C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920214)–>“C:\WINDOWS$NtUninstallKB920214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920670)–>“C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920683)–>“C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920685)–>“C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921398)–>“C:\WINDOWS$NtUninstallKB921398$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921503)–>“C:\WINDOWS$NtUninstallKB921503$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921883)–>“C:\WINDOWS$NtUninstallKB921883$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922616)–>“C:\WINDOWS$NtUninstallKB922616$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922760)–>“C:\WINDOWS$NtUninstallKB922760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922819)–>“C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923191)–>“C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923414)–>“C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923689)–>“C:\WINDOWS$NtUninstallKB923689$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923694)–>“C:\WINDOWS$NtUninstallKB923694$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923980)–>“C:\WINDOWS$NtUninstallKB923980$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924191)–>“C:\WINDOWS$NtUninstallKB924191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924270)–>“C:\WINDOWS$NtUninstallKB924270$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924496)–>“C:\WINDOWS$NtUninstallKB924496$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924667)–>“C:\WINDOWS$NtUninstallKB924667$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925454)–>“C:\WINDOWS$NtUninstallKB925454$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925486)–>“C:\WINDOWS$NtUninstallKB925486$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925902)–>“C:\WINDOWS$NtUninstallKB925902$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926255)–>“C:\WINDOWS$NtUninstallKB926255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926436)–>“C:\WINDOWS$NtUninstallKB926436$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927779)–>“C:\WINDOWS$NtUninstallKB927779$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927802)–>“C:\WINDOWS$NtUninstallKB927802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928255)–>“C:\WINDOWS$NtUninstallKB928255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928843)–>“C:\WINDOWS$NtUninstallKB928843$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB929123)–>“C:\WINDOWS$NtUninstallKB929123$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB930178)–>“C:\WINDOWS$NtUninstallKB930178$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931261)–>“C:\WINDOWS$NtUninstallKB931261$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931784)–>“C:\WINDOWS$NtUninstallKB931784$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB932168)–>“C:\WINDOWS$NtUninstallKB932168$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB933729)–>“C:\WINDOWS$NtUninstallKB933729$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935839)–>“C:\WINDOWS$NtUninstallKB935839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935840)–>“C:\WINDOWS$NtUninstallKB935840$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB936021)–>“C:\WINDOWS$NtUninstallKB936021$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938829)–>“C:\WINDOWS$NtUninstallKB938829$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941202)–>“C:\WINDOWS$NtUninstallKB941202$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941568)–>“C:\WINDOWS$NtUninstallKB941568$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941644)–>“C:\WINDOWS$NtUninstallKB941644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941693)–>“C:\WINDOWS$NtUninstallKB941693$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943055)–>“C:\WINDOWS$NtUninstallKB943055$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943460)–>“C:\WINDOWS$NtUninstallKB943460$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943485)–>“C:\WINDOWS$NtUninstallKB943485$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB944653)–>“C:\WINDOWS$NtUninstallKB944653$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB945553)–>“C:\WINDOWS$NtUninstallKB945553$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946026)–>“C:\WINDOWS$NtUninstallKB946026$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948590)–>“C:\WINDOWS$NtUninstallKB948590$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948881)–>“C:\WINDOWS$NtUninstallKB948881$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950749)–>“C:\WINDOWS$NtUninstallKB950749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950760)–>“C:\WINDOWS$NtUninstallKB950760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376)–>“C:\WINDOWS$NtUninstallKB951376$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB953839)–>“C:\WINDOWS$NtUninstallKB953839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958690)–>“C:\WINDOWS$NtUninstallKB958690$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960715)–>“C:\WINDOWS$NtUninstallKB960715$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB961373)–>“C:\WINDOWS$NtUninstallKB961373$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB894391)–>“C:\WINDOWS$NtUninstallKB894391$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB898461)–>“C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB900485)–>“C:\WINDOWS$NtUninstallKB900485$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB908531)–>“C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB910437)–>“C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB911280)–>“C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB914882)–>“C:\WINDOWS$NtUninstallKB914882$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB916595)–>“C:\WINDOWS$NtUninstallKB916595$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB920872)–>“C:\WINDOWS$NtUninstallKB920872$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB922582)–>“C:\WINDOWS$NtUninstallKB922582$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB923845)–>“C:\WINDOWS$NtUninstallKB923845$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB927891)–>“C:\WINDOWS$NtUninstallKB927891$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB930916)–>“C:\WINDOWS$NtUninstallKB930916$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB931836)–>“C:\WINDOWS$NtUninstallKB931836$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB932823-v3)–>“C:\WINDOWS$NtUninstallKB932823-v3$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB933360)–>“C:\WINDOWS$NtUninstallKB933360$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB936357)–>“C:\WINDOWS$NtUninstallKB936357$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB938828)–>“C:\WINDOWS$NtUninstallKB938828$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB942763)–>“C:\WINDOWS$NtUninstallKB942763$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)–>“C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Media Player 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB873339–>C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885250–>C:\WINDOWS$NtUninstallKB885250$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885835–>C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885836–>C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB886185–>C:\WINDOWS$NtUninstallKB886185$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887472–>C:\WINDOWS$NtUninstallKB887472$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887742–>C:\WINDOWS$NtUninstallKB887742$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888113–>C:\WINDOWS$NtUninstallKB888113$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888302–>C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB890859–>“C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB891781–>C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
aMSN 0.97.2–>C:\Programmi\aMSN\uninstall.exe
Anteprima (Windows Live Toolbar)–>MsiExec.exe /X{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}
Apple Mobile Device Support–>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE” -uninstall
Assistente per l’accesso a Windows Live–>MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
avast! Antivirus–>C:\Programmi\Alwil Software\Avast4\aswRunDll.exe “C:\Programmi\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Business Disc Italia–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{56D833FD-1A45-486F-9CC0-AE0A0529D085}\setup.exe” -l0x10 -uninst
CCScore–>MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Centra Client–>C:\PROGRA~2\Centra\Client\bin\updater.exe -uninstall
Dealio Toolbar v4.0.2–>MsiExec.exe /X{C878CD69-85DB-426B-81A3-E71175AAEB91}
DivX Content Uploader–>C:\Programmi\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player–>C:\Programmi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver di Logitech® Camera–>“C:\Programmi\File comuni\Logitech\QCDRV\BIN\SETUP.EXE” UNINSTALL REMOVEPROMPT
DVDFab Gold 2.68–>“C:\Programmi\DVDFab Gold\unins000.exe”
DVDFab Platinum 2.70–>“C:\Programmi\DVDFab Platinum\unins000.exe”
ESSBrwr–>MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK–>MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore–>MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui–>MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp–>MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini–>MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD–>MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock–>MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC–>MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS–>MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt–>MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt–>MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
Free Video to iPhone Converter version 2.2–>“C:\Programmi\DVDVideoSoft\Free Video to iPhone Converter\unins000.exe”
Free Video to MP3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free Video to MP3 Converter\unins001.exe”
Free YouTube Download 2.3–>“C:\Programmi\DVDVideoSoft\Free YouTube Download\unins000.exe”
Free YouTube to iPod Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe”
Free YouTube to Mp3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe”
Google Chrome–>“C:\Programmi\Google\Chrome\Application\3.0.195.38\Installer\setup.exe” --uninstall --system-level
Google Earth–>MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Toolbar for Internet Explorer–>“C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe” /uninstall
Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater–>“C:\Programmi\Google\Google Updater\GoogleUpdater.exe” -uninstall
HijackThis 2.0.2–>“C:\Programmi\Trend Micro\HijackThis\HijackThis.exe” /uninstall
HLPPDOCK–>MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB915865)–>“C:\WINDOWS$NtUninstallKB915865$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB926239)–>“C:\WINDOWS$NtUninstallKB926239$\spuninst\spuninst.exe”
HP Image Zone Express–>MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
iTunes–>MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
kgcbaby–>MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase–>MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday–>MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn–>MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt–>MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids–>MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove–>MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday–>MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
KSU–>MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LA PATENTE EUROPEA DEL COMPUTER 2–>“C:\Programmi\ECDL2\UNWISE.EXE” “C:\Programmi\ECDL2\INSTALL.LOG”
Launch Manager–>C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
LiveUpdate 3.0 (Symantec Corporation)–>“C:\Programmi\Symantec\LiveUpdate\LSETUP.EXE” /U
Logiciel Kodak EasyShare–>C:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup$SETUP_140010_584337\Setup.exe /APR-REMOVE
Logitech Desktop Messenger–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe” -l0x10 UNINSTALL
Malwarebytes’ Anti-Malware–>“C:\Programmi\Malwarebytes’ Anti-Malware\unins000.exe”
Menu intelligenti (Windows Live Toolbar)–>MsiExec.exe /X{B3EABECF-D820-4246-94B8-0CF300CA505A}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1 Italian Language Pack–>MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft AutoRoute 2006–>MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWdf01005$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWudf01005$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (2.0.0.20)–>C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar–>C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\mtbs.exe c
MSVC80_x86–>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)–>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Suite–>C:\Programmi\File comuni\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver–>MsiExec.exe /X{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}
Notifier–>MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI–>MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP–>MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK–>MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Pacchetto driver Windows - Atheros (ZD1211BU(Atheros)) Net (03/26/2008 1.7.3.16)–>C:\PROGRA~1\DIFX\270581355A767BF1\DPInstX86.exe /u C:\WINDOWS\system32\DRVSTORE\zd1211bu_9BC2C02A155825DC10E391E82B7C23FC67830FF8\zd1211bu.inf
Pacchetto driver Windows - Nokia Modem (05/22/2008 3.8)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution–>MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
Pdf995–>C:\Programmi\pdf995\setup.exe uninstall
PHPNukeIT Toolbar–>C:\PROGRA~1\PHPNUK~1\UNWISE.EXE /U C:\PROGRA~1\PHPNUK~1\INSTALL.LOG
PowerProducer–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE” -uninstall
QuickTime–>MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Raccolta foto di Windows Live–>MsiExec.exe /X{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}
Realtek AC’97 Audio–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe” -l0x10 -removeonly
Search Settings v1.2.3–>MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
SFR–>MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA–>MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SiS 900 PCI Fast Ethernet Adapter Driver–>C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities–>Rundll32 SiSInst.dll,Uninstall VGA,R,oem3.inf
SiSAGP driver–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe” -l0x10
SKIN0001–>MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK–>MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype™ 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoftV90 Data Fax Modem with SmartCP–>C:\Programmi\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_00821025\HXFSETUP.EXE -U -IAcrSisK.inf
Software Logitech QuickCam–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe” -l0x10
Sportello Unico Immigrazione 1.08–>“C:\Documents and Settings\Helene\Desktop\Sportello Unico Immigrazione\uninstall.exe”
staticcr–>MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Synaptics Pointing Device Driver–>rundll32.exe “C:\Programmi\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
TVAnts 1.0–>C:\PROGRA~1\TVANTS\UNWISE.EXE C:\PROGRA~1\TVANTS\INSTALL.LOG
Uninstall 1.0.0.1–>“C:\Programmi\File comuni\DVDVideoSoft\unins000.exe”
Universal Document Converter (Demo)–>“C:\Programmi\Universal Document Converter\unins000.exe”
VideoLAN VLC media player 0.8.4–>C:\Programmi\VideoLAN\VLC\uninstall.exe
VoipStunt–>“C:\Programmi\VoipStunt.com\VoipStunt\unins000.exe”
VPRINTOL–>MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Installer 3.1 (KB893803)–>“C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
Windows Internet Explorer 7–>“C:\WINDOWS\ie7\spuninst\spuninst.exe”
Windows Live Favorites per Windows Live Toolbar–>MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer–>MsiExec.exe /X{CD199CDB-00AE-42BB-B6E9-64C69D8730EF}
Windows Live Mail–>MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Live Toolbar Extension (Windows Live Toolbar)–>MsiExec.exe /X{3F35D1A3-92AD-401B-ABE2-FA27682F4112}
Windows Live Writer–>MsiExec.exe /X{BA0DE1F0-BC4C-4F90-A114-15BE51AFB4BB}
Windows Media Format 11 runtime–>“C:\Programmi\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\Programmi\Windows Media Player\Setup_wm.exe” /Uninstall
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
WIRELESS–>MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordBiz version 1.8–>“C:\Programmi\WordBiz\unins000.exe”
Yahoo! Internet Mail–>C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\YAHOO!\COMMON\YMMAPI~1.DLL
Yahoo! Messenger–>C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update–>C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

=====HijackThis Backups=====

R3 - URLSearchHook: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll [2010-01-17]
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2010-01-17]
O2 - BHO: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programmi\iMesh Applications\iMesh\iMeshIEHelper.dll [2010-01-17]
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll [2010-01-17]
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll [2010-01-17]
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll [2010-01-17]
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll [2010-01-17]
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll [2010-01-17]
O3 - Toolbar: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll [2010-01-17]
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2010-01-17]
O4 - HKLM…\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [2010-01-17]
O4 - HKLM…\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [2010-01-17]
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2010-01-17]
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [2010-01-17]
O4 - HKLM…\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” -atboottime [2010-01-17]
O4 - HKLM…\Run: [iTunesHelper] “C:\Programmi\iTunes\iTunesHelper.exe” [2010-01-17]
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [2010-01-17]
O4 - HKLM…\Run: [SearchSettings] C:\Programmi\Search Settings\SearchSettings.exe [2010-01-17]
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2010-01-17]
O4 - HKCU…\Run: [MsnMsgr] “C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe” /background [2010-01-17]
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-01-17]
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO LOCALE’) [2010-01-17]
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO DI RETE’) [2010-01-17]
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) [2010-01-17]
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) [2010-01-17]
O4 - Global Startup: PalTalk.lnk = C:\Programmi\Paltalk Messenger\paltalk.exe [2010-01-17]
O18 - Protocol: bw+0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw+0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw-0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw-0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw00 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw00s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw10 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw10s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw20 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw20s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw30 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw30s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw40 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw40s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw50 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw50s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw60 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw60s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw70 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw70s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw80 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw80s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw90 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw90s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwa0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwa0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwb0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwb0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwc0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwc0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwd0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwd0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwe0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwe0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwf0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwf0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwg0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwg0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwh0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwh0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwi0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwi0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwj0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwj0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwk0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwk0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwl0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwl0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwm0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwm0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwn0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwn0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwo0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwo0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwp0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwp0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwq0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwq0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwr0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwr0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bws0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bws0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwt0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwt0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwu0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwu0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwv0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwv0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bww0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bww0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwx0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwx0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwy0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwy0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwz0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwz0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: offline-8876480 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe [2010-01-17]

======Hosts File======

127.0.0.1 microsoft

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100117-1]

======System event log======

Computer Name: ACER-7FA50A97F2
Event Code: 8033
Message: L’elenco ha imposto un’elezione sulla rete \Device\NetBT_Tcpip_{AD6440BB-CBA4-4AB6-B7C6-DD4EAF30414D} perché il master si è arrestato.

Record Number: 148130
Source Name: BROWSER
Time Written: 20091209192437.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 4202
Message: Il sistema ha rilevato che la scheda di rete \DEVICE\TCPIP_{AD6440BB-CBA4-4AB6-B7C6-DD4EAF30414D} è disconnessa dalla rete,
e la configurazione della scheda di rete è stata rilasciata. Se la scheda
di rete non è disconnessa, ciò potrebbe essere dovuto a un suo malfunzionamento.
Contattare il fornitore per ottenere dei driver aggiornati.

Record Number: 148129
Source Name: Tcpip
Time Written: 20091209192436.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 7036
Message: Il servizio Google Software Updater è ora in modalità arrestato.

Record Number: 148128
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 7035
Message: Invio di un controllo avvio da parte del servizio int15.sys riuscito.

Record Number: 148127
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User: ACER-7FA50A97F2\Helene

Computer Name: ACER-7FA50A97F2
Event Code: 7036
Message: Il servizio Servizio COM di masterizzazione CD IMAPI è ora in modalità arrestato.

Record Number: 148126
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User:

=====Application event log=====

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:47 PM.

Record Number: 4017
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106144256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:42 PM.

Record Number: 4016
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106143756.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:37 PM.

Record Number: 4015
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106143256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:32 PM.

Record Number: 4014
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106142756.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:27 PM.

Record Number: 4013
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106142256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=C:\Programmi\PC Connectivity Solution;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\QuickTime\QTSystem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 13 Stepping 8, GenuineIntel
“PROCESSOR_REVISION”=0d08
“NUMBER_OF_PROCESSORS”=1
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“CLASSPATH”=.;C:\Programmi\Java\jre6\lib\ext\QTJava.zip
“QTJAVA”=C:\Programmi\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

LOG:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Helene at 2010-01-17 19:38:36
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (27%) free of 26 GB
Total RAM: 445 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.38.51, on 17/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\keyhook.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\ms\comsrv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Programmi\Java\jre6\bin\jucheck.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Helene\Impostazioni locali\Temporary Internet Files\Content.IE5\ZYLA89BC\RSIT[1].exe
C:\Programmi\Trend Micro\HijackThis\Helene.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l’accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O4 - HKLM…\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM…\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM…\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM…\Run: [LaunchApp] Alaunch
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Programmi\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” -atboottime
O4 - HKCU…\Run: [MSMSGS] “C:\Programmi\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [VoipStunt] “C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe” -nosplash -minimized
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [Skype] “C:\Programmi\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - [url=res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/300

Re

tu n avais pas supprimé les lignes que j avais donné à fixer avec hijackthis et RSIT est Incomplet !!

tu fais ceci et fais le !!!

Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

regarde ce tutoriel pour fixer des lignes

==>Fixer les lignes

ensuite et seulement aprés

  1. Télécharge OTM de OldTimer sur le bureau :

==>OTM

Double-clique sur OTM.exe sur le bureau

—> sous VISTA:Ne pas oublier l’élévation des privilèges sous Vista.
(Clic droit sur l’icône d OTM, puis sur Exécuter en tant qu’administrateur dans le menu déroulant.)

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

ensuite aprés avoir posté le rapport d OTM

  1. Désactive ton Antivirus et antispyware

Télécharge Navilog1

==>Navilog

Déconnectes toi et fermes toutes applications en cours

==> Double clique sur Navilog1.exe pour lancer l’ installation.

==> Une fois l’ installation terminée, le fix s’ exécutera automatiquement.

(Si ce n’est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

==> Laisse-toi guider et au menu principal, choisis Mode 1(recherche/Désinfection) ==>et valide.

==> Patiente jusqu’ au message : " Analyse terminée le …"

==>Appuie sur une touche comme demandé, le Bloc-notes va s’ ouvrir.

Copie-colle l’ intégralité du rapport ici et referme le Bloc-notes.

(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)

N oublies de réactiver ton Antivirus et antispyware

et en dernier poste un log RSIT ==> en Entier

cricri58
Edité le 17/01/2010 à 20:31

Slut Cricri58,
j’ai fait tout ce ke tu m’as demandè en executant hijackthis sur le rapport les lignes R3, O2, O3 n’exitait pas.

Rapport OTM:

All processes killed
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== FILES ==========
File/Folder C:\Program Files\Search Settings not found.
C:\Programmi\PHPNukeIT folder moved successfully.
File/Folder C:\Programmi\Dealio Toolbar not found.
File/Folder C:\Programmi\iMeshMediabarTb not found.
File/Folder C:\Programmi\Ask.com not found.
File/Folder C:\Programmi\Dealio Toolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 66978 bytes
->Temporary Internet Files folder emptied: 34706 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 8929080 bytes

User: Helene
->Temp folder emptied: 121643658 bytes
->Temporary Internet Files folder emptied: 28877599 bytes
->Java cache emptied: 38488766 bytes
->FireFox cache emptied: 76610101 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5119301 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35848816 bytes
RecycleBin emptied: 89569 bytes

Total Files Cleaned = 301,00 mb

OTM by OldTimer - Version 3.1.6.0 log created on 01182010_000034

Files moved on Reboot…
C:\WINDOWS\temp\Perflib_Perfdata_738.dat moved successfully.

Registry entries deleted on Reboot…

Rapport Navilog:

Fix Navipromo version 4.0.6 commencé le 18/01/2010 0.14.36,40

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Programmi\navilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel® Celeron® M processor 1.50GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.0
USER : Helene ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1368 [VPS 100117-1] 4.8.1368 (Not Activated)

C:\ (Local Disk) - FAT32 - Total:25 Go (Free:7 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:18 Go)
E:\ (CD or DVD)

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l’ordinateur

c:\docume~1\helene\impost~1\datiap~1\Live-Player supprimé !
c:\docume~1\helene\impost~1\datiap~1\hqjtdcog.exe supprimé !
c:\docume~1\helene\impost~1\datiap~1\hqjtdcog.dat supprimé !
c:\docume~1\helene\impost~1\datiap~1\hqjtdcog_nav.dat supprimé !
c:\docume~1\helene\impost~1\datiap~1\hqjtdcog_navps.dat supprimé !

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Helene\impost~1\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

C:\WINDOWS\system32\vxyyxyay.ini2 trouvé ! Infection Vundo possible non traitée par cet outil !

*** Scan terminé 18/01/2010 0.18.17,54 ***

Rapport RSit

info :
info.txt logfile of random’s system information tool 1.06 2010-01-17 19:38:58

======Uninstall list======

–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
–>C:\Programmi\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
–>C:\Programmi\Weflirt/uninstall.exe
–>C:\WINDOWS\IsUninst.exe -f"C:\Programmi\Acer Inc.\Acer Italian Guide Link\Uninst.isu"
–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe” -l0x10 -uninst
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook–>C:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer GridVista–>C:\WINDOWS\UnInst32.exe GridV.UNI
Actual Spy 3.0–>“C:\Programmi\ACSPMonitor\unins000.exe”
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Ad-Remover By C_XX–>“C:\Ad-Remover\Un-ADR.exe”
Aggiornamento critico per Windows Media Player 11 (KB959772)–>“C:\WINDOWS$NtUninstallKB959772_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090)–>“C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768)–>“C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566)–>“C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB937143)–>“C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653)–>“C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)–>“C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)–>“C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)–>“C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)–>“C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)–>“C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)–>“C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)–>“C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)–>“C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)–>“C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 10 (KB917734)–>“C:\WINDOWS$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB936782)–>“C:\WINDOWS$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)–>“C:\WINDOWS$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 9 (KB911565)–>“C:\WINDOWS$NtUninstallKB911565$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB890046)–>“C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB893756)–>“C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896358)–>“C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896422)–>“C:\WINDOWS$NtUninstallKB896422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896423)–>“C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896424)–>“C:\WINDOWS$NtUninstallKB896424$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896428)–>“C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899587)–>“C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899591)–>“C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB900725)–>“C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901017)–>“C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901190)–>“C:\WINDOWS$NtUninstallKB901190$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901214)–>“C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB902400)–>“C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB904706)–>“C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905414)–>“C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905749)–>“C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB908519)–>“C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911562)–>“C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911567)–>“C:\WINDOWS$NtUninstallKB911567$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911927)–>“C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912812)–>“C:\WINDOWS$NtUninstallKB912812$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912919)–>“C:\WINDOWS$NtUninstallKB912919$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913446)–>“C:\WINDOWS$NtUninstallKB913446$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913580)–>“C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914388)–>“C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914389)–>“C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917159)–>“C:\WINDOWS$NtUninstallKB917159$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917344)–>“C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917422)–>“C:\WINDOWS$NtUninstallKB917422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917953)–>“C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918118)–>“C:\WINDOWS$NtUninstallKB918118$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918439)–>“C:\WINDOWS$NtUninstallKB918439$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918899)–>“C:\WINDOWS$NtUninstallKB918899$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB919007)–>“C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920213)–>“C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920214)–>“C:\WINDOWS$NtUninstallKB920214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920670)–>“C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920683)–>“C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920685)–>“C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921398)–>“C:\WINDOWS$NtUninstallKB921398$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921503)–>“C:\WINDOWS$NtUninstallKB921503$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921883)–>“C:\WINDOWS$NtUninstallKB921883$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922616)–>“C:\WINDOWS$NtUninstallKB922616$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922760)–>“C:\WINDOWS$NtUninstallKB922760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922819)–>“C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923191)–>“C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923414)–>“C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923689)–>“C:\WINDOWS$NtUninstallKB923689$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923694)–>“C:\WINDOWS$NtUninstallKB923694$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923980)–>“C:\WINDOWS$NtUninstallKB923980$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924191)–>“C:\WINDOWS$NtUninstallKB924191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924270)–>“C:\WINDOWS$NtUninstallKB924270$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924496)–>“C:\WINDOWS$NtUninstallKB924496$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924667)–>“C:\WINDOWS$NtUninstallKB924667$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925454)–>“C:\WINDOWS$NtUninstallKB925454$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925486)–>“C:\WINDOWS$NtUninstallKB925486$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925902)–>“C:\WINDOWS$NtUninstallKB925902$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926255)–>“C:\WINDOWS$NtUninstallKB926255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926436)–>“C:\WINDOWS$NtUninstallKB926436$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927779)–>“C:\WINDOWS$NtUninstallKB927779$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927802)–>“C:\WINDOWS$NtUninstallKB927802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928255)–>“C:\WINDOWS$NtUninstallKB928255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928843)–>“C:\WINDOWS$NtUninstallKB928843$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB929123)–>“C:\WINDOWS$NtUninstallKB929123$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB930178)–>“C:\WINDOWS$NtUninstallKB930178$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931261)–>“C:\WINDOWS$NtUninstallKB931261$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931784)–>“C:\WINDOWS$NtUninstallKB931784$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB932168)–>“C:\WINDOWS$NtUninstallKB932168$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB933729)–>“C:\WINDOWS$NtUninstallKB933729$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935839)–>“C:\WINDOWS$NtUninstallKB935839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935840)–>“C:\WINDOWS$NtUninstallKB935840$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB936021)–>“C:\WINDOWS$NtUninstallKB936021$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938829)–>“C:\WINDOWS$NtUninstallKB938829$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941202)–>“C:\WINDOWS$NtUninstallKB941202$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941568)–>“C:\WINDOWS$NtUninstallKB941568$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941644)–>“C:\WINDOWS$NtUninstallKB941644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941693)–>“C:\WINDOWS$NtUninstallKB941693$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943055)–>“C:\WINDOWS$NtUninstallKB943055$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943460)–>“C:\WINDOWS$NtUninstallKB943460$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943485)–>“C:\WINDOWS$NtUninstallKB943485$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB944653)–>“C:\WINDOWS$NtUninstallKB944653$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB945553)–>“C:\WINDOWS$NtUninstallKB945553$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946026)–>“C:\WINDOWS$NtUninstallKB946026$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948590)–>“C:\WINDOWS$NtUninstallKB948590$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948881)–>“C:\WINDOWS$NtUninstallKB948881$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950749)–>“C:\WINDOWS$NtUninstallKB950749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950760)–>“C:\WINDOWS$NtUninstallKB950760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376)–>“C:\WINDOWS$NtUninstallKB951376$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB953839)–>“C:\WINDOWS$NtUninstallKB953839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958690)–>“C:\WINDOWS$NtUninstallKB958690$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960715)–>“C:\WINDOWS$NtUninstallKB960715$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB961373)–>“C:\WINDOWS$NtUninstallKB961373$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB894391)–>“C:\WINDOWS$NtUninstallKB894391$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB898461)–>“C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB900485)–>“C:\WINDOWS$NtUninstallKB900485$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB908531)–>“C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB910437)–>“C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB911280)–>“C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB914882)–>“C:\WINDOWS$NtUninstallKB914882$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB916595)–>“C:\WINDOWS$NtUninstallKB916595$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB920872)–>“C:\WINDOWS$NtUninstallKB920872$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB922582)–>“C:\WINDOWS$NtUninstallKB922582$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB923845)–>“C:\WINDOWS$NtUninstallKB923845$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB927891)–>“C:\WINDOWS$NtUninstallKB927891$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB930916)–>“C:\WINDOWS$NtUninstallKB930916$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB931836)–>“C:\WINDOWS$NtUninstallKB931836$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB932823-v3)–>“C:\WINDOWS$NtUninstallKB932823-v3$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB933360)–>“C:\WINDOWS$NtUninstallKB933360$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB936357)–>“C:\WINDOWS$NtUninstallKB936357$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB938828)–>“C:\WINDOWS$NtUninstallKB938828$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB942763)–>“C:\WINDOWS$NtUninstallKB942763$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)–>“C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Media Player 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB873339–>C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885250–>C:\WINDOWS$NtUninstallKB885250$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885835–>C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885836–>C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB886185–>C:\WINDOWS$NtUninstallKB886185$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887472–>C:\WINDOWS$NtUninstallKB887472$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887742–>C:\WINDOWS$NtUninstallKB887742$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888113–>C:\WINDOWS$NtUninstallKB888113$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888302–>C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB890859–>“C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB891781–>C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
aMSN 0.97.2–>C:\Programmi\aMSN\uninstall.exe
Anteprima (Windows Live Toolbar)–>MsiExec.exe /X{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}
Apple Mobile Device Support–>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE” -uninstall
Assistente per l’accesso a Windows Live–>MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
avast! Antivirus–>C:\Programmi\Alwil Software\Avast4\aswRunDll.exe “C:\Programmi\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Business Disc Italia–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{56D833FD-1A45-486F-9CC0-AE0A0529D085}\setup.exe” -l0x10 -uninst
CCScore–>MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Centra Client–>C:\PROGRA~2\Centra\Client\bin\updater.exe -uninstall
Dealio Toolbar v4.0.2–>MsiExec.exe /X{C878CD69-85DB-426B-81A3-E71175AAEB91}
DivX Content Uploader–>C:\Programmi\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player–>C:\Programmi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver di Logitech® Camera–>“C:\Programmi\File comuni\Logitech\QCDRV\BIN\SETUP.EXE” UNINSTALL REMOVEPROMPT
DVDFab Gold 2.68–>“C:\Programmi\DVDFab Gold\unins000.exe”
DVDFab Platinum 2.70–>“C:\Programmi\DVDFab Platinum\unins000.exe”
ESSBrwr–>MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK–>MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore–>MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui–>MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp–>MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini–>MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD–>MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock–>MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC–>MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS–>MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt–>MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt–>MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
Free Video to iPhone Converter version 2.2–>“C:\Programmi\DVDVideoSoft\Free Video to iPhone Converter\unins000.exe”
Free Video to MP3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free Video to MP3 Converter\unins001.exe”
Free YouTube Download 2.3–>“C:\Programmi\DVDVideoSoft\Free YouTube Download\unins000.exe”
Free YouTube to iPod Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe”
Free YouTube to Mp3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe”
Google Chrome–>“C:\Programmi\Google\Chrome\Application\3.0.195.38\Installer\setup.exe” --uninstall --system-level
Google Earth–>MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Toolbar for Internet Explorer–>“C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe” /uninstall
Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater–>“C:\Programmi\Google\Google Updater\GoogleUpdater.exe” -uninstall
HijackThis 2.0.2–>“C:\Programmi\Trend Micro\HijackThis\HijackThis.exe” /uninstall
HLPPDOCK–>MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB915865)–>“C:\WINDOWS$NtUninstallKB915865$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB926239)–>“C:\WINDOWS$NtUninstallKB926239$\spuninst\spuninst.exe”
HP Image Zone Express–>MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
iTunes–>MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
kgcbaby–>MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase–>MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday–>MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn–>MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt–>MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids–>MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove–>MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday–>MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
KSU–>MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LA PATENTE EUROPEA DEL COMPUTER 2–>“C:\Programmi\ECDL2\UNWISE.EXE” “C:\Programmi\ECDL2\INSTALL.LOG”
Launch Manager–>C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
LiveUpdate 3.0 (Symantec Corporation)–>“C:\Programmi\Symantec\LiveUpdate\LSETUP.EXE” /U
Logiciel Kodak EasyShare–>C:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup$SETUP_140010_584337\Setup.exe /APR-REMOVE
Logitech Desktop Messenger–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe” -l0x10 UNINSTALL
Malwarebytes’ Anti-Malware–>“C:\Programmi\Malwarebytes’ Anti-Malware\unins000.exe”
Menu intelligenti (Windows Live Toolbar)–>MsiExec.exe /X{B3EABECF-D820-4246-94B8-0CF300CA505A}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1 Italian Language Pack–>MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft AutoRoute 2006–>MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWdf01005$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWudf01005$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (2.0.0.20)–>C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar–>C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\mtbs.exe c
MSVC80_x86–>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)–>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Suite–>C:\Programmi\File comuni\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver–>MsiExec.exe /X{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}
Notifier–>MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI–>MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP–>MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK–>MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Pacchetto driver Windows - Atheros (ZD1211BU(Atheros)) Net (03/26/2008 1.7.3.16)–>C:\PROGRA~1\DIFX\270581355A767BF1\DPInstX86.exe /u C:\WINDOWS\system32\DRVSTORE\zd1211bu_9BC2C02A155825DC10E391E82B7C23FC67830FF8\zd1211bu.inf
Pacchetto driver Windows - Nokia Modem (05/22/2008 3.8)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution–>MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
Pdf995–>C:\Programmi\pdf995\setup.exe uninstall
PHPNukeIT Toolbar–>C:\PROGRA~1\PHPNUK~1\UNWISE.EXE /U C:\PROGRA~1\PHPNUK~1\INSTALL.LOG
PowerProducer–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE” -uninstall
QuickTime–>MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Raccolta foto di Windows Live–>MsiExec.exe /X{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}
Realtek AC’97 Audio–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe” -l0x10 -removeonly
Search Settings v1.2.3–>MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
SFR–>MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA–>MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SiS 900 PCI Fast Ethernet Adapter Driver–>C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities–>Rundll32 SiSInst.dll,Uninstall VGA,R,oem3.inf
SiSAGP driver–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe” -l0x10
SKIN0001–>MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK–>MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype™ 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoftV90 Data Fax Modem with SmartCP–>C:\Programmi\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_00821025\HXFSETUP.EXE -U -IAcrSisK.inf
Software Logitech QuickCam–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe” -l0x10
Sportello Unico Immigrazione 1.08–>“C:\Documents and Settings\Helene\Desktop\Sportello Unico Immigrazione\uninstall.exe”
staticcr–>MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Synaptics Pointing Device Driver–>rundll32.exe “C:\Programmi\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
TVAnts 1.0–>C:\PROGRA~1\TVANTS\UNWISE.EXE C:\PROGRA~1\TVANTS\INSTALL.LOG
Uninstall 1.0.0.1–>“C:\Programmi\File comuni\DVDVideoSoft\unins000.exe”
Universal Document Converter (Demo)–>“C:\Programmi\Universal Document Converter\unins000.exe”
VideoLAN VLC media player 0.8.4–>C:\Programmi\VideoLAN\VLC\uninstall.exe
VoipStunt–>“C:\Programmi\VoipStunt.com\VoipStunt\unins000.exe”
VPRINTOL–>MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Installer 3.1 (KB893803)–>“C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
Windows Internet Explorer 7–>“C:\WINDOWS\ie7\spuninst\spuninst.exe”
Windows Live Favorites per Windows Live Toolbar–>MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer–>MsiExec.exe /X{CD199CDB-00AE-42BB-B6E9-64C69D8730EF}
Windows Live Mail–>MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Live Toolbar Extension (Windows Live Toolbar)–>MsiExec.exe /X{3F35D1A3-92AD-401B-ABE2-FA27682F4112}
Windows Live Writer–>MsiExec.exe /X{BA0DE1F0-BC4C-4F90-A114-15BE51AFB4BB}
Windows Media Format 11 runtime–>“C:\Programmi\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\Programmi\Windows Media Player\Setup_wm.exe” /Uninstall
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
WIRELESS–>MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordBiz version 1.8–>“C:\Programmi\WordBiz\unins000.exe”
Yahoo! Internet Mail–>C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\YAHOO!\COMMON\YMMAPI~1.DLL
Yahoo! Messenger–>C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update–>C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

=====HijackThis Backups=====

R3 - URLSearchHook: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll [2010-01-17]
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2010-01-17]
O2 - BHO: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programmi\iMesh Applications\iMesh\iMeshIEHelper.dll [2010-01-17]
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll [2010-01-17]
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll [2010-01-17]
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\SearchSettings.dll [2010-01-17]
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll [2010-01-17]
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll [2010-01-17]
O3 - Toolbar: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Programmi\PHPNukeIT\tbPHP1.dll [2010-01-17]
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programmi\iMeshMediabarTb\iMeshMediaBarDx.dll [2010-01-17]
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2010-01-17]
O4 - HKLM…\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [2010-01-17]
O4 - HKLM…\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [2010-01-17]
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2010-01-17]
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [2010-01-17]
O4 - HKLM…\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” -atboottime [2010-01-17]
O4 - HKLM…\Run: [iTunesHelper] “C:\Programmi\iTunes\iTunesHelper.exe” [2010-01-17]
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [2010-01-17]
O4 - HKLM…\Run: [SearchSettings] C:\Programmi\Search Settings\SearchSettings.exe [2010-01-17]
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2010-01-17]
O4 - HKCU…\Run: [MsnMsgr] “C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe” /background [2010-01-17]
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-01-17]
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO LOCALE’) [2010-01-17]
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVIZIO DI RETE’) [2010-01-17]
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) [2010-01-17]
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) [2010-01-17]
O4 - Global Startup: PalTalk.lnk = C:\Programmi\Paltalk Messenger\paltalk.exe [2010-01-17]
O18 - Protocol: bw+0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw+0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw-0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw-0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw00 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw00s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw10 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw10s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw20 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw20s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw30 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw30s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw40 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw40s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw50 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw50s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw60 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw60s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw70 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw70s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw80 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw80s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw90 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bw90s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwa0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwa0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwb0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwb0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwc0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwc0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwd0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwd0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwe0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwe0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwf0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwf0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwg0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwg0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwh0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwh0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwi0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwi0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwj0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwj0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwk0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwk0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwl0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwl0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwm0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwm0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwn0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwn0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwo0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwo0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwp0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwp0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwq0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwq0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwr0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwr0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bws0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bws0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwt0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwt0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwu0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwu0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwv0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwv0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bww0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bww0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwx0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwx0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwy0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwy0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwz0 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: bwz0s - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O18 - Protocol: offline-8876480 - {B438F16C-7988-4BCA-BEF9-A6E06048E4FC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) [2010-01-17]
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe [2010-01-17]

======Hosts File======

127.0.0.1 microsoft

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100117-1]

======System event log======

Computer Name: ACER-7FA50A97F2
Event Code: 8033
Message: L’elenco ha imposto un’elezione sulla rete \Device\NetBT_Tcpip_{AD6440BB-CBA4-4AB6-B7C6-DD4EAF30414D} perché il master si è arrestato.

Record Number: 148130
Source Name: BROWSER
Time Written: 20091209192437.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 4202
Message: Il sistema ha rilevato che la scheda di rete \DEVICE\TCPIP_{AD6440BB-CBA4-4AB6-B7C6-DD4EAF30414D} è disconnessa dalla rete,
e la configurazione della scheda di rete è stata rilasciata. Se la scheda
di rete non è disconnessa, ciò potrebbe essere dovuto a un suo malfunzionamento.
Contattare il fornitore per ottenere dei driver aggiornati.

Record Number: 148129
Source Name: Tcpip
Time Written: 20091209192436.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 7036
Message: Il servizio Google Software Updater è ora in modalità arrestato.

Record Number: 148128
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User:

Computer Name: ACER-7FA50A97F2
Event Code: 7035
Message: Invio di un controllo avvio da parte del servizio int15.sys riuscito.

Record Number: 148127
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User: ACER-7FA50A97F2\Helene

Computer Name: ACER-7FA50A97F2
Event Code: 7036
Message: Il servizio Servizio COM di masterizzazione CD IMAPI è ora in modalità arrestato.

Record Number: 148126
Source Name: Service Control Manager
Time Written: 20091209191924.000000+060
Event Type: Informazione
User:

=====Application event log=====

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:47 PM.

Record Number: 4017
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106144256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:42 PM.

Record Number: 4016
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106143756.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:37 PM.

Record Number: 4015
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106143256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:32 PM.

Record Number: 4014
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106142756.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: ACER-7FA50A97F2
Event Code: 101
Message: Livello informazioni: success

Anticipo della pianificazione in corso; l’esecuzione avverrà approssimativamente alle 2:27 PM.

Record Number: 4013
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20100106142256.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=C:\Programmi\PC Connectivity Solution;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\QuickTime\QTSystem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 13 Stepping 8, GenuineIntel
“PROCESSOR_REVISION”=0d08
“NUMBER_OF_PROCESSORS”=1
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“CLASSPATH”=.;C:\Programmi\Java\jre6\lib\ext\QTJava.zip
“QTJAVA”=C:\Programmi\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Log:

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Helene at 2010-01-18 00:36:56
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (28%) free of 26 GB
Total RAM: 445 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0.36.58, on 18/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\ms\comsrv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\keyhook.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Helene\Impostazioni locali\Temporary Internet Files\Content.IE5\X1E7JQ91\RSIT[1].exe
C:\Programmi\Trend Micro\HijackThis\Helene.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l’accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O4 - HKLM…\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM…\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM…\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM…\Run: [LaunchApp] Alaunch
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Programmi\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU…\Run: [MSMSGS] “C:\Programmi\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [VoipStunt] “C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe” -nosplash -minimized
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [Skype] “C:\Programmi\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Save

Salut

Ok Navilog a fait son Job

==> as-tu fixer les lignes , j ai pas l impression

Redémarres en Mode sans echec

Pour cela, tu tapotes la touche F8 à l’allumage du pc sans t’arrêter.

Une fenêtre va s’ouvrir. Choisis démarrer en mode sans échec puis tape entrée.
Choisis ton compte

RSIT n est pas Complet manque la fin

Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

regarde ce tutoriel pour fixer des lignes

==>Fixer les lignes

et en dernier poste un log RSIT ==> en Entier

j ai pris un exemple de log RSIT ,regarde comment se termine la fin

Exemple
[spoiler]
Logfile of random’s system information tool 1.06 (written by random/random)
Run by danieli at 2010-01-03 22:58:54
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 71 GB (63%) free of 113 GB
Total RAM: 1013 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:58:59, on 03/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\danieli\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\danieli\Desktop\RSIT.exe
C:\Program Files\trend micro\danieli.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.eset-nod32.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM…\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM…\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM…\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM…\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM…\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM…\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM…\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM…\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM…\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM…\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM…\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM…\Run: [lxctmon.exe] “C:\Program Files\Lexmark 5400 Series\lxctmon.exe”
O4 - HKLM…\Run: [Lexmark 5400 Series Fax Server] “C:\Program Files\Lexmark 5400 Series\fm3032.exe” /s
O4 - HKLM…\Run: [EzPrint] “C:\Program Files\Lexmark 5400 Series\ezprint.exe”
O4 - HKLM…\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU…\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU…\Run: [Google Update] “C:\Users\danieli\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-18…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background (User ‘Default user’)
O4 - Startup: MSN Pictures Displayer.lnk = C:\ProgramData\MSN Pictures Displayer\MSN Pictures Displayer.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:PROGRA~1MI1933~1Office12EXCEL.EXE…
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - www.webtip.ch… (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxct_device - - C:\Windows\system32\lxctcoms.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


End of file - 9924 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1899379307-253535167-2046178148-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1899379307-253535167-2046178148-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Barre d’outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-11 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d’outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
“TPwrMain”=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-14 411768]
“HSON”=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
“SmoothView”=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2006-12-14 493688]
“00TCrdMain”=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2006-12-11 530552]
“NvSvc”=C:\Windows\system32\nvsvc.dll [2006-12-07 90191]
“NvCplDaemon”=C:\Windows\system32\NvCpl.dll [2006-12-07 7766016]
“NvMediaCenter”=C:\Windows\system32\NvMcTray.dll [2006-12-07 81920]
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
“RtHDVCpl”=C:\Windows\RtHDVCpl.exe [2006-11-07 3772416]
“LtMoh”=C:\Program Files\ltmoh\Ltmoh.exe [2005-12-16 188416]
“NDSTray.exe”=NDSTray.exe []
“topi”=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-03-16 6158240]
“AppleSyncNotifier”=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-11 149280]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
“Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
“IgfxTray”=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
“Persistence”=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
“Toshiba TEMPRO”=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2009-12-01 1045976]
“lxctmon.exe”=C:\Program Files\Lexmark 5400 Series\lxctmon.exe [2006-11-22 291760]
“Lexmark 5400 Series Fax Server”=C:\Program Files\Lexmark 5400 Series\fm3032.exe [2006-11-22 304048]
“EzPrint”=C:\Program Files\Lexmark 5400 Series\ezprint.exe [2006-11-22 82864]
“LXCTCATS”=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 []
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
“TOSCDSPD”=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2006-11-13 413696]
“Google Update”=C:\Users\danieli\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
“ehTray.exe”=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

C:\Users\danieli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MSN Pictures Displayer.lnk - C:\ProgramData\MSN Pictures Displayer\MSN Pictures Displayer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{AEB6717E-7E19-11d0-97EE-00C04FD91972}”= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\atashost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
“UacDisableNotify”=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=128
“NoDriveAutoRun”=128
“HonorAutoRunSetting”=0
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“BindDirectlyToPropertySetStorage”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“HonorAutoRunSetting”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-01-03 22:48:44 ----SHDC---- C:$RECYCLE.BIN
2010-01-03 22:48:26 ----DC---- C:\Windows\temp
2010-01-03 22:48:20 ----AC---- C:\ComboFix.txt
2010-01-03 22:11:44 ----DC---- C:\dani71.com
2010-01-03 22:10:42 ----AC---- C:\Windows\SWXCACLS.exe
2010-01-03 18:32:42 ----AC---- C:\Windows\system32\Wingde.dll
2010-01-03 18:32:42 ----AC---- C:\Windows\system32\Wing32.dll
2010-01-03 18:32:42 ----AC---- C:\Windows\system32\Wing.dll
2010-01-03 18:32:42 ----AC---- C:\Windows\system32\MSVCR40D.DLL
2010-01-03 18:32:19 ----DC---- C:\Program Files\Mattel Interactive
2010-01-03 15:27:24 ----AC---- C:\Windows\system32\MSVCRTD.DLL
2010-01-03 15:27:24 ----AC---- C:\Windows\dmi.ini
2010-01-03 15:26:26 ----AC---- C:\Windows\IsUn040c.exe
2010-01-02 23:01:39 ----AC---- C:\Windows\system32\lsdelete.exe
2010-01-02 21:59:06 ----DC---- C:\Config.Msi
2010-01-02 20:48:45 ----DC---- C:\ProgramData\Lavasoft
2010-01-02 20:48:45 ----DC---- C:\Program Files\Lavasoft
2010-01-02 20:47:43 ----HDC---- C:\ProgramData{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2010-01-02 14:09:45 ----DC---- C:\ProgramData\Kaspersky Lab
2010-01-02 13:03:58 ----AC---- C:\Windows\system32\aswBoot.exe
2010-01-02 13:03:50 ----DC---- C:\Program Files\Alwil Software
2010-01-02 11:29:16 ----AC---- C:\Windows\zip.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\SWSC.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\SWREG.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\sed.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\PEV.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\NIRCMD.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\MBR.exe
2010-01-02 11:29:16 ----AC---- C:\Windows\grep.exe
2010-01-02 11:28:56 ----DC---- C:\Windows\ERDNT
2010-01-02 10:58:25 ----DC---- C:\Qoobox
2009-12-31 15:20:33 ----DC---- C:\Users\danieli\AppData\Roaming\PeerNetworking
2009-12-31 11:15:28 ----RADC---- C:\autorun.inf
2009-12-30 22:18:24 ----DC---- C:\Users\danieli\AppData\Roaming\InterVideo
2009-12-30 16:39:20 ----AC---- C:\Windows\ntbtlog.txt
2009-12-29 11:47:54 ----DC---- C:\Windows\Minidump
2009-12-28 22:39:17 ----DC---- C:\Users\danieli\AppData\Roaming\Malwarebytes
2009-12-28 22:39:01 ----DC---- C:\ProgramData\Malwarebytes
2009-12-28 22:39:00 ----DC---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-12-28 22:21:26 ----DC---- C:\Program Files\trend micro
2009-12-28 22:21:24 ----DC---- C:\rsit
2009-12-25 10:04:00 ----DC---- C:\Program Files\photoview3.0
2009-12-23 18:49:53 ----DC---- C:\Program Files\CCleaner
2009-12-19 13:05:36 ----DC---- C:\Users\danieli\AppData\Roaming\DeepBurner Pro
2009-12-19 13:04:27 ----DC---- C:\Program Files\Astonsoft
2009-12-19 01:36:10 ----DC---- C:\Users\danieli\AppData\Roaming\Mozilla
2009-12-18 17:21:09 ----DC---- C:\emme
2009-12-16 18:37:06 ----DC---- C:\Program Files\LG Electronics
2009-12-16 18:35:41 ----RAC---- C:\Windows\system32\srctrl.dll
2009-12-16 18:34:56 ----DC---- C:\Program Files\LGGSM
2009-12-11 21:06:35 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-11 21:06:21 ----A---- C:\Windows\system32\httpapi.dll
2009-12-10 09:25:38 ----A---- C:\Windows\system32\mshtml.dll
2009-12-10 09:25:35 ----A---- C:\Windows\system32\ieframe.dll
2009-12-10 09:25:33 ----A---- C:\Windows\system32\wininet.dll
2009-12-10 09:25:33 ----A---- C:\Windows\system32\urlmon.dll
2009-12-10 09:25:33 ----A---- C:\Windows\system32\iertutil.dll
2009-12-10 09:25:32 ----A---- C:\Windows\system32\occache.dll
2009-12-10 09:25:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-10 09:25:32 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-10 09:25:31 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-10 09:25:31 ----A---- C:\Windows\system32\ieui.dll
2009-12-10 09:25:31 ----A---- C:\Windows\system32\iepeers.dll
2009-12-10 09:25:30 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-10 09:25:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-10 09:25:30 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-10 09:25:30 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-10 09:25:30 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-10 09:25:29 ----A---- C:\Windows\system32\iesetup.dll
2009-12-10 09:25:29 ----A---- C:\Windows\system32\iernonce.dll
2009-12-10 09:24:33 ----A---- C:\Windows\system32\winhttp.dll
2009-12-10 09:20:24 ----A---- C:\Windows\system32\rastls.dll
2009-12-05 10:01:04 ----AC---- C:\Windows\system32\atsckernel.exe
2009-12-05 10:00:54 ----AC---- C:\Windows\system32\atashost.exe
2009-12-04 21:03:42 ----DC---- C:\ProgramData\WindowsSearch

======List of files/folders modified in the last 1 months======

2010-01-03 22:53:12 ----DC---- C:\ProgramData
2010-01-03 22:48:26 ----DC---- C:\Windows
2010-01-03 22:39:46 ----AC---- C:\Windows\system.ini
2010-01-03 22:27:24 ----DC---- C:\Windows\system32\drivers
2010-01-03 22:27:24 ----DC---- C:\Windows\System32
2010-01-03 22:27:24 ----DC---- C:\Windows\AppPatch
2010-01-03 22:27:22 ----DC---- C:\Program Files\Common Files
2010-01-03 20:13:52 ----DC---- C:\Windows\Tasks
2010-01-03 18:32:19 ----RDC---- C:\Program Files
2010-01-03 17:37:30 ----DC---- C:\Windows\inf
2010-01-03 17:37:30 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2010-01-03 17:30:24 ----DC---- C:\Program Files\Lx_cats
2010-01-02 21:59:16 ----SHDC---- C:\Windows\Installer
2010-01-02 21:59:14 ----DC---- C:\ProgramData\Symantec
2010-01-02 21:59:13 ----DC---- C:\Program Files\Common Files\Symantec Shared
2010-01-02 21:07:54 ----DC---- C:\Windows\system32\Tasks
2010-01-02 20:58:51 ----DC---- C:\Windows\system32\catroot
2010-01-02 20:58:50 ----DC---- C:\Windows\system32\DRVSTORE
2010-01-02 20:48:32 ----D---- C:\Windows\winsxs
2010-01-02 19:13:53 ----SHD---- C:\System Volume Information
2010-01-02 13:13:47 ----DC---- C:\ProgramData\MSN Pictures Displayer
2010-01-02 11:25:50 ----RSDC---- C:\Windows\assembly
2010-01-02 10:50:33 ----DC---- C:\Windows\Prefetch
2009-12-31 16:18:37 ----DC---- C:\PerfLogs
2009-12-31 15:31:27 ----DC---- C:\Windows\system32\catroot2
2009-12-31 11:22:31 ----HDC---- C:\Windows\system32\GroupPolicy
2009-12-30 10:43:21 ----DC---- C:\Program Files\Toshiba TEMPRO
2009-12-29 09:51:56 ----DC---- C:\Windows\Microsoft.NET
2009-12-28 22:24:55 ----DC---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-28 20:42:37 ----DC---- C:\Windows\system32\wbem
2009-12-28 20:41:37 ----RSDC---- C:\Windows\Media
2009-12-28 20:41:37 ----DC---- C:\Windows\system32\spool
2009-12-28 20:41:37 ----DC---- C:\Windows\system32\restore
2009-12-28 20:41:37 ----DC---- C:\Windows\system32\CodeIntegrity
2009-12-28 20:41:36 ----RDC---- C:\Users
2009-12-28 20:41:33 ----DC---- C:\Users\danieli\AppData\Roaming\MSN Pictures Displayer
2009-12-28 20:41:29 ----DC---- C:\ProgramData\Microsoft Help
2009-12-28 20:41:29 ----DC---- C:\Program Files\Microsoft Works
2009-12-28 20:41:26 ----DC---- C:\Windows\registration
2009-12-24 11:49:30 ----SDC---- C:\Users\danieli\AppData\Roaming\Microsoft
2009-12-23 18:51:05 ----DC---- C:\Windows\Debug
2009-12-21 10:04:05 ----DC---- C:\Users\danieli\AppData\Roaming\Radio France
2009-12-16 18:37:04 ----HDC---- C:\Program Files\InstallShield Installation Information
2009-12-10 10:53:03 ----D---- C:\Windows\rescache
2009-12-10 10:10:23 ----DC---- C:\Windows\system32\migration
2009-12-10 10:10:09 ----DC---- C:\Program Files\Internet Explorer
2009-12-10 10:10:03 ----DC---- C:\Windows\system32\fr-FR
2009-12-10 10:09:59 ----DC---- C:\Program Files\Windows Mail
2009-12-09 20:32:38 ----DC---- C:\Windows\system32\Msdtc
2009-12-09 20:31:52 ----DC---- C:\Windows\system32\config

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 73892391;73892391; C:\Windows\system32\DRIVERS\73892391.sys [2009-09-25 128016]
R1 81510131;81510131; C:\Windows\system32\DRIVERS\81510131.sys [2009-09-25 128016]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 catchme;catchme; ??\C:\Users\danieli\AppData\Local\Temp\catchme.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-17 1651752]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 mbr;mbr; ??\C:\Users\danieli\AppData\Local\Temp\mbr.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-07 4456416]
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\Windows\system32\DRIVERS\usb8023.sys [2009-04-11 15872]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 uti0odc2;AVZ Kernel Driver; ??\C:\Windows\system32\Drivers\uti0odc2.sys [2010-01-02 7168]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-02-14 216320]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-02-14 208256]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-24 1169232]
R2 lxct_device;lxct_device; C:\Windows\system32\lxctcoms.exe [2006-11-22 537520]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-14 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2009-12-01 116176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/spoiler]

Un fois le log RSIT posté en entier

Mets à jour Malwarebytes et fais une analyse Compléte + SUPPRESSION(S) de ce que tu trouves
Edité le 18/01/2010 à 04:32

slut,
j’ai lancer hijackthis et fixer les lignes ke tu m’as donnèe:

RAPPORT RSIT:
LOG:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Helene at 2010-01-18 18:06:38
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (26%) free of 26 GB
Total RAM: 445 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.06.50, on 18/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\ms\comsrv.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\DOCUME~1\Helene\IMPOST~1\Temp\RtkBtMnt.EXE
C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Java\jre6\bin\jucheck.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Helene\Impostazioni locali\Temporary Internet Files\Content.IE5\X1E7JQ91\RSIT[1].exe
C:\Programmi\trend micro\Helene.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l’accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O4 - HKLM…\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM…\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM…\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM…\Run: [LaunchApp] Alaunch
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Programmi\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM…\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM…\Run: [PCMService] “C:\Program Files\Arcade\PCMService.exe”
O4 - HKLM…\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM…\Run: [MMTray] C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM…\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM…\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM…\Run: [IMJPMIG8.1] “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32
O4 - HKLM…\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM…\Run: [CD AutoPlay] cdplayer.exe
O4 - HKLM…\Run: [ccApp] “C:\Programmi\File comuni\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [avgnt] “C:\Programmi\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKCU…\Run: [MSMSGS] “C:\Programmi\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [VoipStunt] “C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe” -nosplash -minimized
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [Skype] “C:\Programmi\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU…\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU…\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU…\Run: [BlazeServoTool] “C:\Programmi\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe”
O4 - HKCU…\Run: [12Voip] “C:\Programmi\12Voip.com\12Voip\12Voip.exe” -nosplash -minimized
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Save YouTube Video - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programmi\Application Updater\ApplicationUpdater.exe
O23 - Service: COMService - Unknown owner - C:\WINDOWS\system32\ms\comsrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe


End of file - 11105 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll [2009-03-14 908528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Guida per l’accesso a Windows Live - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-18 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programmi\Java\jre6\bin\jp2ssv.dll [2009-09-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-30 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll [2009-03-14 165616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“LManager”=C:\Programmi\Launch Manager\QtZgAcer.EXE [2005-03-28 315392]
“eRecoveryService”=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 393216]
“SiSPower”=SiSPower.dll,ModeAgent []
“SiS Windows KeyHook”=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
“MSPY2002”=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-19 59392]
“LaunchApp”=Alaunch []
“SunJavaUpdateSched”=C:\Programmi\Java\jre6\bin\jusched.exe [2009-09-30 149280]
“SynTPLpr”=C:\Programmi\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
“SynTPEnh”=C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
“SoundMan”=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
“PCSuiteTrayApplication”=C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray []
“PCMService”=C:\Program Files\Arcade\PCMService.exe []
“Motive SmartBridge”=C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe []
“MMTray”=C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe []
“LogitechVideoTray”=C:\Programmi\Logitech\Video\LogiTray.exe [2005-01-18 217088]
“LogitechVideoRepair”=C:\Programmi\Logitech\Video\ISStart.exe [2005-01-18 458752]
“IMJPMIG8.1”=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-19 208952]
“DataLayer”=C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe []
“CD AutoPlay”=cdplayer.exe []
“ccApp”=C:\Programmi\File comuni\Symantec Shared\ccApp.exe []
“avgnt”=C:\Programmi\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“MSMSGS”=C:\Programmi\Messenger\msmsgs.exe [2004-10-13 1694208]
“VoipStunt”=C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe [2010-01-05 9109296]
“Messenger (Yahoo!)”=C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
“Skype”=C:\Programmi\Skype\Phone\Skype.exe [2009-10-09 25623336]
“PcSync”=C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog []
“LogitechSoftwareUpdate”=C:\Programmi\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
“LDM”=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe []
“BlazeServoTool”=C:\Programmi\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe []
“12Voip”=C:\Programmi\12Voip.com\12Voip\12Voip.exe -nosplash -minimized []
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logiciel Kodak EasyShare.lnk - C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
KODAK Software Updater.lnk - C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe
Adobe Reader Speed Launch.lnk - C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{5F02D04B-50B3-4A07-BA6E-DAB1562CE975}”= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“authentication packages”=msv1_0
C:\WINDOWS\system32\yayxyyxv

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
“NoActiveDesktopChanges”=0
“NoSetActiveDesktop”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoActiveDesktopChanges”=
“NoSetActiveDesktop”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe”="C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe:
:Enabled:Yahoo! Messenger"
“C:\Programmi\Yahoo!\Messenger\YServer.exe”=“C:\Programmi\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server"
“C:\Programmi\HP\Digital Imaging\BIN\hpqste08.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqste08.exe:
:Enabled:hpqste08.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpofxm08.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpofxm08.exe::Enabled:hpofxm08.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hposfx08.exe”="C:\Programmi\HP\Digital Imaging\BIN\hposfx08.exe:
:Enabled:hposfx08.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hposid01.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hposid01.exe::Enabled:hposid01.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpqscnvw.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqscnvw.exe:
:Enabled:hpqscnvw.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpqkygrp.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpqkygrp.exe::Enabled:hpqkygrp.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpqCopy.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqCopy.exe:
:Enabled:hpqcopy.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpfccopy.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpfccopy.exe::Enabled:hpfccopy.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpzwiz01.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpzwiz01.exe:
:Enabled:hpzwiz01.exe”
“C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe”=“C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpoews01.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpoews01.exe:
:Enabled:hpoews01.exe”
“C:\Programmi\Messenger\MSMSGS.EXE”=“C:\Programmi\Messenger\MSMSGS.EXE::Enabled:Windows Messenger"
“C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe”="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe:
:Enabled:VoipStunt”
“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”=“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe::Enabled:Logitech Desktop Messenger"
“C:\Programmi\LimeWire\LimeWire.exe”="C:\Programmi\LimeWire\LimeWire.exe:
:Enabled:LimeWire”
“C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe”=“C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe::Enabled:EasyShare"
“C:\Programmi\12Voip.com\12Voip\12Voip.exe”="C:\Programmi\12Voip.com\12Voip\12Voip.exe:
:Enabled:12Voip”
“C:\Programmi\Bonjour\mDNSResponder.exe”=“C:\Programmi\Bonjour\mDNSResponder.exe::Enabled:Bonjour"
“C:\Programmi\iTunes\iTunes.exe”="C:\Programmi\iTunes\iTunes.exe:
:Enabled:iTunes”
“C:\Programmi\TVAnts\Tvants.exe”=“C:\Programmi\TVAnts\Tvants.exe::Enabled:TVAnts"
“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE”="C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE:
:Enabled:Windows Live Messenger”
“C:\Programmi\Windows Live\Messenger\livecall.exe”=“C:\Programmi\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)"
“C:\Programmi\ACSPMonitor\ASMonitor.exe”="C:\Programmi\ACSPMonitor\ASMonitor.exe:
:Enabled:System”
“C:\Programmi\Skype\Plugin Manager\skypePM.exe”=“C:\Programmi\Skype\Plugin Manager\skypePM.exe::Enabled:Skype Extras Manager"
“C:\Programmi\Skype\Phone\Skype.exe”="C:\Programmi\Skype\Phone\Skype.exe:
:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:
:Enabled:Logitech Desktop Messenger"
“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE”=“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE::Enabled:Windows Live Messenger"
“C:\Programmi\Windows Live\Messenger\livecall.exe”="C:\Programmi\Windows Live\Messenger\livecall.exe:
:Enabled:Windows Live Messenger (Phone)”

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{14e618b0-c172-11de-9304-0016ce3ed2d9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{1cef1482-d615-11de-9336-00163639a89e}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{2de16326-ca2b-11de-931a-0016ce3ed2d9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{3513d913-f72a-11da-844f-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{571368d6-c646-11de-930c-0016ce3ed2d9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{8c5201fe-8e40-11dd-9075-00163639a89e}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{8e1bd300-556c-11dd-9014-00163639a89e}]
shell\Auto\command - auto.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{d1fd25c4-9dd8-11de-9298-00163639a89e}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

======List of files/folders created in the last 1 months======

2010-01-18 17:54:58 ----D---- C:\Programmi\TrendMicro
2010-01-18 17:13:33 ----D---- C:\WINDOWS\LastGood
2010-01-18 17:13:04 ----D---- C:\Programmi\Avira
2010-01-18 17:13:04 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Avira
2010-01-18 15:59:18 ----SHD---- C:\FOUND.015
2010-01-18 00:14:36 ----A---- C:\cleannavi.txt
2010-01-18 00:11:39 ----D---- C:\Programmi\Navilog1
2010-01-18 00:00:34 ----D---- C:_OTM
2010-01-17 22:15:08 ----SHD---- C:\FOUND.014
2010-01-17 19:38:36 ----D---- C:\rsit
2010-01-17 19:34:51 ----D---- C:\GenProc
2010-01-17 16:00:09 ----D---- C:\Ad-Remover
2010-01-17 15:52:42 ----A---- C:\TB.txt
2010-01-17 15:50:15 ----D---- C:\ToolBar SD
2010-01-16 11:10:41 ----D---- C:\Programmi\Trend Micro
2010-01-16 00:42:56 ----A---- C:\WINDOWS\system32\26962.exe
2010-01-16 00:22:55 ----A---- C:\WINDOWS\system32\29358.exe
2010-01-16 00:02:53 ----A---- C:\WINDOWS\system32\11478.exe
2010-01-15 23:42:51 ----A---- C:\WINDOWS\system32\15724.exe
2010-01-15 23:39:01 ----D---- C:\Documents and Settings\Helene\Dati applicazioni\Malwarebytes
2010-01-15 23:38:40 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2010-01-15 23:38:38 ----D---- C:\Programmi\Malwarebytes’ Anti-Malware
2010-01-15 23:22:48 ----A---- C:\WINDOWS\system32\19169.exe
2010-01-15 22:51:01 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-01-15 22:37:39 ----D---- C:\Programmi\Windows Defender
2010-01-15 19:32:52 ----A---- C:\WINDOWS\system32\26500.exe
2010-01-15 19:12:51 ----A---- C:\WINDOWS\system32\6334.exe
2010-01-15 18:52:50 ----A---- C:\WINDOWS\system32\18467.exe
2010-01-12 20:57:30 ----D---- C:\Programmi\Application Updater
2010-01-08 17:25:29 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\1D3A9
2009-12-21 09:39:16 ----D---- C:\Programmi\File comuni\Skype

======List of files/folders modified in the last 1 months======

2010-01-18 17:04:46 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-01-18 17:04:10 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2010-01-18 17:02:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-18 16:59:14 ----RASH---- C:\boot.ini
2010-01-18 16:59:14 ----A---- C:\WINDOWS\win.ini
2010-01-18 16:59:14 ----A---- C:\WINDOWS\system.ini
2010-01-18 16:06:58 ----A---- C:\WINDOWS\ntbtlog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??\C:\Programmi\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-10-17 9072]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-10-17 9200]
R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40192]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 WS2IFSL;Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-19 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 int15.sys;int15.sys; ??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R2 osaio;osaio; ??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; ??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 BCM43XX;Driver per l’adattatore di rete Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 CmBatt;Driver batteria a metodo di controllo ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-19 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2004-12-15 200576]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-30 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-08-06 6144]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-01-12 39264]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-01 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-19 26624]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-19 57600]
R3 usbohci;Driver miniport per controller open host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-19 17024]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; ??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-19 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-19 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Driver audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-19 31616]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Driver scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-19 26496]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 ZD1211BU(Atheros);IEEE 802.11 Wireless LAN Driver (USB)(Atheros); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2007-12-18 712704]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2005-06-06 1273344]
R2 AntiVirScheduler;Avira AntiVir Scheduler; C:\Programmi\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programmi\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Application Updater;Application Updater; C:\Programmi\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 COMService;COMService; C:\WINDOWS\system32\ms\comsrv.exe [2009-09-18 12288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programmi\Java\jre6\bin\jqs.exe [2009-09-30 153376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 YahooAUService;Yahoo! Updater; C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268288]
S2 gupdate;Service Google Update (gupdate); C:\Programmi\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
S2 gusvc;Google Software Updater; C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Servizio iPod; C:\Programmi\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 ose;Office Source Engine; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Programmi\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; C:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-02 918528]

-----------------EOF-----------------

INFO:

info.txt logfile of random’s system information tool 1.06 2010-01-18 18:06:54

======Uninstall list======

–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
–>C:\Programmi\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
–>C:\Programmi\Weflirt/uninstall.exe
–>C:\WINDOWS\IsUninst.exe -f"C:\Programmi\Acer Inc.\Acer Italian Guide Link\Uninst.isu"
–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe” -l0x10 -uninst
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook–>C:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer GridVista–>C:\WINDOWS\UnInst32.exe GridV.UNI
Actual Spy 3.0–>“C:\Programmi\ACSPMonitor\unins000.exe”
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Ad-Remover By C_XX–>“C:\Ad-Remover\Un-ADR.exe”
Aggiornamento critico per Windows Media Player 11 (KB959772)–>“C:\WINDOWS$NtUninstallKB959772_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090)–>“C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768)–>“C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566)–>“C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB937143)–>“C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653)–>“C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)–>“C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)–>“C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)–>“C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)–>“C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)–>“C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)–>“C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)–>“C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)–>“C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)–>“C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 10 (KB917734)–>“C:\WINDOWS$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB936782)–>“C:\WINDOWS$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)–>“C:\WINDOWS$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 9 (KB911565)–>“C:\WINDOWS$NtUninstallKB911565$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB890046)–>“C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB893756)–>“C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896358)–>“C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896422)–>“C:\WINDOWS$NtUninstallKB896422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896423)–>“C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896424)–>“C:\WINDOWS$NtUninstallKB896424$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896428)–>“C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899587)–>“C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899591)–>“C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB900725)–>“C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901017)–>“C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901190)–>“C:\WINDOWS$NtUninstallKB901190$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901214)–>“C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB902400)–>“C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB904706)–>“C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905414)–>“C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905749)–>“C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB908519)–>“C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911562)–>“C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911567)–>“C:\WINDOWS$NtUninstallKB911567$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911927)–>“C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912812)–>“C:\WINDOWS$NtUninstallKB912812$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912919)–>“C:\WINDOWS$NtUninstallKB912919$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913446)–>“C:\WINDOWS$NtUninstallKB913446$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913580)–>“C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914388)–>“C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914389)–>“C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917159)–>“C:\WINDOWS$NtUninstallKB917159$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917344)–>“C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917422)–>“C:\WINDOWS$NtUninstallKB917422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917953)–>“C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918118)–>“C:\WINDOWS$NtUninstallKB918118$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918439)–>“C:\WINDOWS$NtUninstallKB918439$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918899)–>“C:\WINDOWS$NtUninstallKB918899$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB919007)–>“C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920213)–>“C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920214)–>“C:\WINDOWS$NtUninstallKB920214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920670)–>“C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920683)–>“C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920685)–>“C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921398)–>“C:\WINDOWS$NtUninstallKB921398$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921503)–>“C:\WINDOWS$NtUninstallKB921503$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921883)–>“C:\WINDOWS$NtUninstallKB921883$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922616)–>“C:\WINDOWS$NtUninstallKB922616$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922760)–>“C:\WINDOWS$NtUninstallKB922760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922819)–>“C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923191)–>“C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923414)–>“C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923689)–>“C:\WINDOWS$NtUninstallKB923689$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923694)–>“C:\WINDOWS$NtUninstallKB923694$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923980)–>“C:\WINDOWS$NtUninstallKB923980$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924191)–>“C:\WINDOWS$NtUninstallKB924191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924270)–>“C:\WINDOWS$NtUninstallKB924270$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924496)–>“C:\WINDOWS$NtUninstallKB924496$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924667)–>“C:\WINDOWS$NtUninstallKB924667$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925454)–>“C:\WINDOWS$NtUninstallKB925454$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925486)–>“C:\WINDOWS$NtUninstallKB925486$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925902)–>“C:\WINDOWS$NtUninstallKB925902$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926255)–>“C:\WINDOWS$NtUninstallKB926255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926436)–>“C:\WINDOWS$NtUninstallKB926436$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927779)–>“C:\WINDOWS$NtUninstallKB927779$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927802)–>“C:\WINDOWS$NtUninstallKB927802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928255)–>“C:\WINDOWS$NtUninstallKB928255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928843)–>“C:\WINDOWS$NtUninstallKB928843$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB929123)–>“C:\WINDOWS$NtUninstallKB929123$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB930178)–>“C:\WINDOWS$NtUninstallKB930178$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931261)–>“C:\WINDOWS$NtUninstallKB931261$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931784)–>“C:\WINDOWS$NtUninstallKB931784$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB932168)–>“C:\WINDOWS$NtUninstallKB932168$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB933729)–>“C:\WINDOWS$NtUninstallKB933729$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935839)–>“C:\WINDOWS$NtUninstallKB935839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935840)–>“C:\WINDOWS$NtUninstallKB935840$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB936021)–>“C:\WINDOWS$NtUninstallKB936021$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938829)–>“C:\WINDOWS$NtUninstallKB938829$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941202)–>“C:\WINDOWS$NtUninstallKB941202$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941568)–>“C:\WINDOWS$NtUninstallKB941568$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941644)–>“C:\WINDOWS$NtUninstallKB941644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941693)–>“C:\WINDOWS$NtUninstallKB941693$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943055)–>“C:\WINDOWS$NtUninstallKB943055$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943460)–>“C:\WINDOWS$NtUninstallKB943460$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943485)–>“C:\WINDOWS$NtUninstallKB943485$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB944653)–>“C:\WINDOWS$NtUninstallKB944653$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB945553)–>“C:\WINDOWS$NtUninstallKB945553$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946026)–>“C:\WINDOWS$NtUninstallKB946026$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948590)–>“C:\WINDOWS$NtUninstallKB948590$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948881)–>“C:\WINDOWS$NtUninstallKB948881$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950749)–>“C:\WINDOWS$NtUninstallKB950749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950760)–>“C:\WINDOWS$NtUninstallKB950760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376)–>“C:\WINDOWS$NtUninstallKB951376$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB953839)–>“C:\WINDOWS$NtUninstallKB953839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958690)–>“C:\WINDOWS$NtUninstallKB958690$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960715)–>“C:\WINDOWS$NtUninstallKB960715$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB961373)–>“C:\WINDOWS$NtUninstallKB961373$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB894391)–>“C:\WINDOWS$NtUninstallKB894391$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB898461)–>“C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB900485)–>“C:\WINDOWS$NtUninstallKB900485$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB908531)–>“C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB910437)–>“C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB911280)–>“C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB914882)–>“C:\WINDOWS$NtUninstallKB914882$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB916595)–>“C:\WINDOWS$NtUninstallKB916595$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB920872)–>“C:\WINDOWS$NtUninstallKB920872$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB922582)–>“C:\WINDOWS$NtUninstallKB922582$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB923845)–>“C:\WINDOWS$NtUninstallKB923845$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB927891)–>“C:\WINDOWS$NtUninstallKB927891$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB930916)–>“C:\WINDOWS$NtUninstallKB930916$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB931836)–>“C:\WINDOWS$NtUninstallKB931836$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB932823-v3)–>“C:\WINDOWS$NtUninstallKB932823-v3$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB933360)–>“C:\WINDOWS$NtUninstallKB933360$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB936357)–>“C:\WINDOWS$NtUninstallKB936357$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB938828)–>“C:\WINDOWS$NtUninstallKB938828$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB942763)–>“C:\WINDOWS$NtUninstallKB942763$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)–>“C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Media Player 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB873339–>C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885250–>C:\WINDOWS$NtUninstallKB885250$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885835–>C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885836–>C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB886185–>C:\WINDOWS$NtUninstallKB886185$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887472–>C:\WINDOWS$NtUninstallKB887472$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887742–>C:\WINDOWS$NtUninstallKB887742$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888113–>C:\WINDOWS$NtUninstallKB888113$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888302–>C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB890859–>“C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB891781–>C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
aMSN 0.97.2–>C:\Programmi\aMSN\uninstall.exe
Anteprima (Windows Live Toolbar)–>MsiExec.exe /X{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}
Apple Mobile Device Support–>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE” -uninstall
Assistente per l’accesso a Windows Live–>MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
Avira AntiVir Personal - Free Antivirus–>C:\Programmi\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Business Disc Italia–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{56D833FD-1A45-486F-9CC0-AE0A0529D085}\setup.exe” -l0x10 -uninst
CCScore–>MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Centra Client–>C:\PROGRA~2\Centra\Client\bin\updater.exe -uninstall
Dealio Toolbar v4.0.2–>MsiExec.exe /X{C878CD69-85DB-426B-81A3-E71175AAEB91}
DivX Content Uploader–>C:\Programmi\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player–>C:\Programmi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver di Logitech® Camera–>“C:\Programmi\File comuni\Logitech\QCDRV\BIN\SETUP.EXE” UNINSTALL REMOVEPROMPT
DVDFab Gold 2.68–>“C:\Programmi\DVDFab Gold\unins000.exe”
DVDFab Platinum 2.70–>“C:\Programmi\DVDFab Platinum\unins000.exe”
ESSBrwr–>MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK–>MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore–>MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui–>MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp–>MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini–>MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD–>MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock–>MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC–>MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS–>MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt–>MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt–>MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
Free Video to iPhone Converter version 2.2–>“C:\Programmi\DVDVideoSoft\Free Video to iPhone Converter\unins000.exe”
Free Video to MP3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free Video to MP3 Converter\unins001.exe”
Free YouTube Download 2.3–>“C:\Programmi\DVDVideoSoft\Free YouTube Download\unins000.exe”
Free YouTube to iPod Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe”
Free YouTube to Mp3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe”
Google Chrome–>“C:\Programmi\Google\Chrome\Application\3.0.195.38\Installer\setup.exe” --uninstall --system-level
Google Earth–>MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Toolbar for Internet Explorer–>“C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe” /uninstall
Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater–>“C:\Programmi\Google\Google Updater\GoogleUpdater.exe” -uninstall
HijackThis 2.0.2–>“C:\Programmi\Trend Micro\HijackThis\HijackThis.exe” /uninstall
HiJackThis–>MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
HLPPDOCK–>MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB915865)–>“C:\WINDOWS$NtUninstallKB915865$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB926239)–>“C:\WINDOWS$NtUninstallKB926239$\spuninst\spuninst.exe”
HP Image Zone Express–>MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
iTunes–>MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
kgcbaby–>MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase–>MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday–>MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn–>MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt–>MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids–>MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove–>MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday–>MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
KSU–>MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LA PATENTE EUROPEA DEL COMPUTER 2–>“C:\Programmi\ECDL2\UNWISE.EXE” “C:\Programmi\ECDL2\INSTALL.LOG”
Launch Manager–>C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
Logiciel Kodak EasyShare–>C:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup$SETUP_140010_584337\Setup.exe /APR-REMOVE
Logitech Desktop Messenger–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe” -l0x10 UNINSTALL
Malwarebytes’ Anti-Malware–>“C:\Programmi\Malwarebytes’ Anti-Malware\unins000.exe”
Menu intelligenti (Windows Live Toolbar)–>MsiExec.exe /X{B3EABECF-D820-4246-94B8-0CF300CA505A}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1 Italian Language Pack–>MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft AutoRoute 2006–>MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWdf01005$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWudf01005$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (2.0.0.20)–>C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar–>C:\Programmi\MSN Apps\MSN Toolbar\

Salut

Fais dans l ordre ,lis bien

  1. Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes

Fermes tes autres applications

et Cliques sur ==> Fix Checked

ensuite

  1. Désactives ton antivirus

Télécharge OTM de OldTimer sur le bureau :

==>OTM

Double-clique sur OTM.exe sur le bureau

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

ensuite Important

  1. Désactives ton antivirus

Telecharge et install UsbFix (de C_XX & Chiquitine29)

==>UsbFix

Déconnectes toi et fermes toutes applications en cours

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc…) susceptibles d avoir été infectés sans les ouvrir

Double clic sur le raccourci UsbFix présent sur ton bureau .

Choisi ==>l’option " 2 " ( Suppression )

et tape sur [entrée]

Laisse travailler l outil.

Ensuite poste le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Réactives ton antivirus

Poste les rapports

@+ cricri58

Salut cricri58,

mon curseur s’est bloquè? ai je desactivè un programme?
je te poste les rapports:

rapport otm:

All processes killed
========== SERVICES/DRIVERS ==========
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== FILES ==========
File/Folder C:\Program Files\Google\Update not found.
C:\WINDOWS\system32\26500.exe moved successfully.
C:\WINDOWS\system32\6334.exe moved successfully.
C:\WINDOWS\system32\18467.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 192885 bytes

User: Helene
->Temp folder emptied: 3208055 bytes
->Temporary Internet Files folder emptied: 107241482 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5886379 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180676 bytes
RecycleBin emptied: 15712057 bytes

Total Files Cleaned = 126,00 mb

OTM by OldTimer - Version 3.1.6.0 log created on 01182010_213143

Files moved on Reboot…
C:\WINDOWS\temp\Perflib_Perfdata_598.dat moved successfully.

Registry entries deleted on Reboot…

rapport usbfix:

############################## | UsbFix V6.074 |

User : Helene (Administrators) # ACER-7FA50A97F2
Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21.45.56 | 18/01/2010
Website : pagesperso-orange.fr…
Contact : FindyKill.Contact@gmail.com

Intel® Celeron® M processor 1.50GHz
Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | (!) Outdated ]

C:\ -> Disco rigido locale # 25,74 Go (6,96 Go free) [ACER] # FAT32
D:\ -> Disco rigido locale # 26,22 Go (18,88 Go free) [ACERDATA] # FAT32
E:\ -> Disco CD-ROM
F:\ -> Disco rimovibile # 62,21 Mo (32 Mo free) # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 552
C:\WINDOWS\system32\csrss.exe 616
C:\WINDOWS\system32\winlogon.exe 640
C:\WINDOWS\system32\services.exe 684
C:\WINDOWS\system32\lsass.exe 696
C:\WINDOWS\system32\svchost.exe 852
C:\WINDOWS\system32\svchost.exe 896
C:\WINDOWS\System32\svchost.exe 932
C:\WINDOWS\system32\svchost.exe 972
C:\WINDOWS\system32\logonui.exe 1004
C:\WINDOWS\system32\svchost.exe 1216
C:\WINDOWS\system32\svchost.exe 1280
C:\WINDOWS\Explorer.EXE 1312
C:\WINDOWS\system32\spoolsv.exe 1552
C:\Programmi\Avira\AntiVir Desktop\sched.exe 1596
C:\WINDOWS\system32\svchost.exe 1744
C:\Acer\eManager\anbmServ.exe 1836
C:\Programmi\Avira\AntiVir Desktop\avguard.exe 140
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 260
C:\Programmi\Application Updater\ApplicationUpdater.exe 272
C:\WINDOWS\system32\ms\comsrv.exe 320
C:\Programmi\Google\Update\GoogleUpdate.exe 348
C:\WINDOWS\system32\HPZipm12.exe 472
C:\WINDOWS\system32\svchost.exe 580
C:\WINDOWS\system32\MsPMSPSv.exe 1032
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe 1152
C:\WINDOWS\System32\alg.exe 1992
C:\WINDOWS\system32\wbem\wmiprvse.exe 372

################## | Elements infectieux |

Supprimé ! C:\WINDOWS\antiv.exe
Supprimé ! D:\autorun.inf

################## | Registre |

Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] “DisableTaskMgr”

################## | Mountpoints2 |

Supprimé ! HKCU…\Explorer\MountPoints2{14e618b0-c172-11de-9304-0016ce3ed2d9}\Shell\AutoRun\Command
Supprimé ! HKCU…\Explorer\MountPoints2{1cef1482-d615-11de-9336-00163639a89e}\Shell\AutoRun\Command
Supprimé ! HKCU…\Explorer\MountPoints2{2de16326-ca2b-11de-931a-0016ce3ed2d9}\Shell\AutoRun\Command
Supprimé ! HKCU…\Explorer\MountPoints2{571368d6-c646-11de-930c-0016ce3ed2d9}\Shell\AutoRun\Command
Supprimé ! HKCU…\Explorer\MountPoints2{8c5201fe-8e40-11dd-9075-00163639a89e}\Shell\AutoRun\Command
Supprimé ! HKCU…\Explorer\MountPoints2{8e1bd300-556c-11dd-9014-00163639a89e}\Shell\Auto\Command
Supprimé ! HKCU…\Explorer\MountPoints2{d1fd25c4-9dd8-11de-9298-00163639a89e}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[?|?|?] C:\pagefile.sys
[13/11/2009 23.13|–a------|177594] C:\pastedpic_11132009_231357.png
[05/12/2009 20.01|–a------|0] C:\testwma.raw
[19/08/2004 05.00|-rahs----|4952] C:\Bootfont.bin
[19/08/2004 05.00|-rahs----|251072] C:\ntldr
[19/08/2004 05.00|-rahs----|47564] C:\NTDETECT.COM
[18/01/2010 16.59|-rahs----|211] C:\boot.ini
[06/08/2005 19.14|–a------|0] C:\CONFIG.SYS
[06/08/2005 19.38|–a------|50] C:\AUTOEXEC.BAT
[06/08/2005 19.14|-rahs----|0] C:\IO.SYS
[06/08/2005 19.14|-rahs----|0] C:\MSDOS.SYS
[10/08/2005 08.42|-rahs----|76] C:\Preload.aaa
[13/06/2006 18.05|–a------|77670] C:\Roma.bmp
[13/11/2009 23.16|–a------|181810] C:\pastedpic_11132009_231600.png
[17/01/2010 15.55|–a------|4237] C:\TB.txt
[17/01/2010 16.12|–a------|13721] C:\Ad-Report-CLEAN[1].log
[18/01/2010 00.18|–a------|1620] C:\cleannavi.txt
[?|?|?] C:\hiberfil.sys
[18/01/2010 21.48|–a------|3961] C:\UsbFix.txt
[19/08/2004 15.39|–a------|28672] D:\setupSNK.exe
[15/04/2009 17.29|–a------|82432] F:\Helene cv en frcais + lettre de motivation.doc
[30/04/2009 15.51|–a------|27648] F:\ekedi.doc
[08/01/2010 12.25|–a------|123904] F:\Helene1 cv.doc
[27/03/2009 13.53|–a------|88064] F:\Helene cv.doc

################## | Vaccination |

C:\autorun.inf -> Dossier créé par UsbFix.

D:\autorun.inf -> Dossier créé par UsbFix.

F:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |

################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\Helene\Desktop\UsbFix_Upload_Me_ACER-7FA50A97F2.zip : chiquitine.changelog.fr…
Merci pour votre contribution .

Re

ok nettoge fait

Maintenant

télécharges et installes Ccleaner

==>Ccleaner

Une fois sur le bureau, clic sur l’install de CCleaner.
-> Mais avant de cliquer sur le bouton “installer”, décoche toutes les “options supplémentaires”.(install de la barre yahoo,etc…)

–>Ensuite, clique sur “Options”, “Avancé” et décoche la case
–>“Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”.

–>Clique sur l’onglet ==> Nettoyeur puis sur “Lancer le Nettoyage”.

–> Ensuite clique sur l’icone==> Registre , à droite, clique sur “Chercher des erreurs” puis sur “Réparer les erreurs sélectionnées”.

Accepte la sauvegarde, de la BDR (base de registre )qu’il propose .
Je te conseille de le repasser au moins deux fois,(ou + jusqu’à qu’il ne trouve plus d’erreurs.)

Redémarres ton Pc-

et tu me postes un nouveu log RSIT(entier)

ciao cricri58,

rapport rsit:

log:

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Helene at 2010-01-19 22:55:02
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (27%) free of 26 GB
Total RAM: 445 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.55.04, on 19/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\keyhook.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Logitech\Video\LogiTray.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ms\comsrv.exe
C:\WINDOWS\system32\sistray.exe
C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
C:\Programmi\Java\jre6\bin\jucheck.exe
C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Helene\Impostazioni locali\Temporary Internet Files\Content.IE5\NTGNRX0Z\RSIT[1].exe
C:\Programmi\trend micro\Helene.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l’accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O4 - HKLM…\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM…\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM…\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [LaunchApp] Alaunch
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Programmi\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM…\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM…\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM…\Run: [CD AutoPlay] cdplayer.exe
O4 - HKLM…\Run: [avgnt] “C:\Programmi\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKCU…\Run: [MSMSGS] “C:\Programmi\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [VoipStunt] “C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe” -nosplash -minimized
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [Skype] “C:\Programmi\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [swg] “C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Save YouTube Video - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Programmi\File… comuni\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programmi\Application Updater\ApplicationUpdater.exe
O23 - Service: COMService - Unknown owner - C:\WINDOWS\system32\ms\comsrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe


End of file - 9314 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\yt.dll [2009-03-14 908528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Guida per l’accesso a Windows Live - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-18 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programmi\Java\jre6\bin\jp2ssv.dll [2009-09-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-30 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn3\YTSingleInstance.dll [2009-03-14 165616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“LManager”=C:\Programmi\Launch Manager\QtZgAcer.EXE [2005-03-28 315392]
“eRecoveryService”=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 393216]
“SiSPower”=SiSPower.dll,ModeAgent []
“SiS Windows KeyHook”=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
“LaunchApp”=Alaunch []
“SunJavaUpdateSched”=C:\Programmi\Java\jre6\bin\jusched.exe [2009-09-30 149280]
“SynTPLpr”=C:\Programmi\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
“SynTPEnh”=C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
“LogitechVideoTray”=C:\Programmi\Logitech\Video\LogiTray.exe [2005-01-18 217088]
“LogitechVideoRepair”=C:\Programmi\Logitech\Video\ISStart.exe [2005-01-18 458752]
“CD AutoPlay”=cdplayer.exe []
“avgnt”=C:\Programmi\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“MSMSGS”=C:\Programmi\Messenger\msmsgs.exe [2004-10-13 1694208]
“VoipStunt”=C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe [2010-01-05 9109296]
“Messenger (Yahoo!)”=C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
“Skype”=C:\Programmi\Skype\Phone\Skype.exe [2009-10-09 25623336]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
“swg”=C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-06 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
Logiciel Kodak EasyShare.lnk - C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
KODAK Software Updater.lnk - C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{5F02D04B-50B3-4A07-BA6E-DAB1562CE975}”= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“authentication packages”=msv1_0
C:\WINDOWS\system32\yayxyyxv

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=128
“NoActiveDesktopChanges”=0
“NoSetActiveDesktop”=0
“NoDriveAutoRun”=128
“HonorAutoRunSetting”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoActiveDesktopChanges”=
“NoSetActiveDesktop”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe”="C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe:
:Enabled:Yahoo! Messenger"
“C:\Programmi\Yahoo!\Messenger\YServer.exe”=“C:\Programmi\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server"
“C:\Programmi\HP\Digital Imaging\BIN\hpqste08.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqste08.exe:
:Enabled:hpqste08.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpofxm08.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpofxm08.exe::Enabled:hpofxm08.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hposfx08.exe”="C:\Programmi\HP\Digital Imaging\BIN\hposfx08.exe:
:Enabled:hposfx08.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hposid01.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hposid01.exe::Enabled:hposid01.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpqscnvw.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqscnvw.exe:
:Enabled:hpqscnvw.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpqkygrp.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpqkygrp.exe::Enabled:hpqkygrp.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpqCopy.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpqCopy.exe:
:Enabled:hpqcopy.exe”
“C:\Programmi\HP\Digital Imaging\BIN\hpfccopy.exe”=“C:\Programmi\HP\Digital Imaging\BIN\hpfccopy.exe::Enabled:hpfccopy.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpzwiz01.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpzwiz01.exe:
:Enabled:hpzwiz01.exe”
“C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe”=“C:\Programmi\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe"
“C:\Programmi\HP\Digital Imaging\BIN\hpoews01.exe”="C:\Programmi\HP\Digital Imaging\BIN\hpoews01.exe:
:Enabled:hpoews01.exe”
“C:\Programmi\Messenger\MSMSGS.EXE”=“C:\Programmi\Messenger\MSMSGS.EXE::Enabled:Windows Messenger"
“C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe”="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe:
:Enabled:VoipStunt”
“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”=“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe::Enabled:Logitech Desktop Messenger"
“C:\Programmi\LimeWire\LimeWire.exe”="C:\Programmi\LimeWire\LimeWire.exe:
:Enabled:LimeWire”
“C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe”=“C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe::Enabled:EasyShare"
“C:\Programmi\12Voip.com\12Voip\12Voip.exe”="C:\Programmi\12Voip.com\12Voip\12Voip.exe:
:Enabled:12Voip”
“C:\Programmi\Bonjour\mDNSResponder.exe”=“C:\Programmi\Bonjour\mDNSResponder.exe::Enabled:Bonjour"
“C:\Programmi\iTunes\iTunes.exe”="C:\Programmi\iTunes\iTunes.exe:
:Enabled:iTunes”
“C:\Programmi\TVAnts\Tvants.exe”=“C:\Programmi\TVAnts\Tvants.exe::Enabled:TVAnts"
“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE”="C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE:
:Enabled:Windows Live Messenger”
“C:\Programmi\Windows Live\Messenger\livecall.exe”=“C:\Programmi\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)"
“C:\Programmi\ACSPMonitor\ASMonitor.exe”="C:\Programmi\ACSPMonitor\ASMonitor.exe:
:Enabled:System”
“C:\Programmi\Skype\Plugin Manager\skypePM.exe”=“C:\Programmi\Skype\Plugin Manager\skypePM.exe::Enabled:Skype Extras Manager"
“C:\Programmi\Skype\Phone\Skype.exe”="C:\Programmi\Skype\Phone\Skype.exe:
:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:
:Enabled:Logitech Desktop Messenger"
“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE”=“C:\Programmi\Windows Live\Messenger\MSNMSGR.EXE::Enabled:Windows Live Messenger"
“C:\Programmi\Windows Live\Messenger\livecall.exe”="C:\Programmi\Windows Live\Messenger\livecall.exe:
:Enabled:Windows Live Messenger (Phone)”

======List of files/folders created in the last 1 months======

2010-01-19 22:31:55 ----D---- C:\Programmi\CCleaner
2010-01-18 21:48:25 ----RASHD---- C:\autorun.inf
2010-01-18 21:45:34 ----A---- C:\UsbFix.txt
2010-01-18 21:41:56 ----D---- C:\UsbFix
2010-01-18 17:54:58 ----D---- C:\Programmi\TrendMicro
2010-01-18 17:13:04 ----D---- C:\Programmi\Avira
2010-01-18 17:13:04 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Avira
2010-01-18 15:59:18 ----SHD---- C:\FOUND.015
2010-01-18 00:14:36 ----A---- C:\cleannavi.txt
2010-01-18 00:11:39 ----D---- C:\Programmi\Navilog1
2010-01-18 00:00:34 ----D---- C:_OTM
2010-01-17 22:15:08 ----SHD---- C:\FOUND.014
2010-01-17 19:38:36 ----D---- C:\rsit
2010-01-17 19:34:51 ----D---- C:\GenProc
2010-01-17 16:00:09 ----D---- C:\Ad-Remover
2010-01-17 15:52:42 ----A---- C:\TB.txt
2010-01-17 15:50:15 ----D---- C:\ToolBar SD
2010-01-16 11:10:41 ----D---- C:\Programmi\Trend Micro
2010-01-16 00:42:56 ----A---- C:\WINDOWS\system32\26962.exe
2010-01-16 00:22:55 ----A---- C:\WINDOWS\system32\29358.exe
2010-01-16 00:02:53 ----A---- C:\WINDOWS\system32\11478.exe
2010-01-15 23:42:51 ----A---- C:\WINDOWS\system32\15724.exe
2010-01-15 23:39:01 ----D---- C:\Documents and Settings\Helene\Dati applicazioni\Malwarebytes
2010-01-15 23:38:40 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2010-01-15 23:38:38 ----D---- C:\Programmi\Malwarebytes’ Anti-Malware
2010-01-15 23:22:48 ----A---- C:\WINDOWS\system32\19169.exe
2010-01-15 22:51:01 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-01-15 22:37:39 ----D---- C:\Programmi\Windows Defender
2010-01-12 20:57:30 ----D---- C:\Programmi\Application Updater
2010-01-08 17:25:29 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\1D3A9
2009-12-21 09:39:16 ----D---- C:\Programmi\File comuni\Skype

======List of files/folders modified in the last 1 months======

2010-01-19 22:47:06 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-01-19 22:46:06 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2010-01-19 22:43:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-18 16:59:14 ----RASH---- C:\boot.ini
2010-01-18 16:59:14 ----A---- C:\WINDOWS\win.ini
2010-01-18 16:59:14 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??\C:\Programmi\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-10-17 9072]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-10-17 9200]
R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40192]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WS2IFSL;Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-19 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 int15.sys;int15.sys; ??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R2 osaio;osaio; ??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; ??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 BCM43XX;Driver per l’adattatore di rete Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 CmBatt;Driver batteria a metodo di controllo ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-19 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2004-12-15 200576]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-30 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-08-06 6144]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-01-12 39264]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-01 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-19 26624]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-19 57600]
R3 usbohci;Driver miniport per controller open host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-19 17024]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; ??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-19 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-19 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Driver audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-19 31616]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Driver scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-19 26496]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 ZD1211BU(Atheros);IEEE 802.11 Wireless LAN Driver (USB)(Atheros); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2007-12-18 712704]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2005-06-06 1273344]
R2 AntiVirScheduler;Avira AntiVir Scheduler; C:\Programmi\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programmi\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Application Updater;Application Updater; C:\Programmi\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 COMService;COMService; C:\WINDOWS\system32\ms\comsrv.exe [2009-09-18 12288]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 YahooAUService;Yahoo! Updater; C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268288]
S2 gupdate;Service Google Update (gupdate); C:\Programmi\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Servizio iPod; C:\Programmi\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 ose;Office Source Engine; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Programmi\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; C:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-02 918528]

-----------------EOF-----------------

info :
info.txt logfile of random’s system information tool 1.06 2010-01-19 22:55:07

======Uninstall list======

–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
–>C:\Programmi\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
–>C:\WINDOWS\IsUninst.exe -f"C:\Programmi\Acer Inc.\Acer Italian Guide Link\Uninst.isu"
–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe” -l0x10 -uninst
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook–>C:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer GridVista–>C:\WINDOWS\UnInst32.exe GridV.UNI
Actual Spy 3.0–>“C:\Programmi\ACSPMonitor\unins000.exe”
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Ad-Remover By C_XX–>“C:\Ad-Remover\Un-ADR.exe”
Aggiornamento critico per Windows Media Player 11 (KB959772)–>“C:\WINDOWS$NtUninstallKB959772_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090)–>“C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768)–>“C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566)–>“C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB937143)–>“C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653)–>“C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)–>“C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)–>“C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)–>“C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)–>“C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)–>“C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)–>“C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)–>“C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)–>“C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)–>“C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 10 (KB917734)–>“C:\WINDOWS$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB936782)–>“C:\WINDOWS$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)–>“C:\WINDOWS$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows Media Player 9 (KB911565)–>“C:\WINDOWS$NtUninstallKB911565$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB890046)–>“C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB893756)–>“C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896358)–>“C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896422)–>“C:\WINDOWS$NtUninstallKB896422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896423)–>“C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896424)–>“C:\WINDOWS$NtUninstallKB896424$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB896428)–>“C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899587)–>“C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB899591)–>“C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB900725)–>“C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901017)–>“C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901190)–>“C:\WINDOWS$NtUninstallKB901190$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB901214)–>“C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB902400)–>“C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB904706)–>“C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905414)–>“C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB905749)–>“C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB908519)–>“C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911562)–>“C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911567)–>“C:\WINDOWS$NtUninstallKB911567$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB911927)–>“C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912812)–>“C:\WINDOWS$NtUninstallKB912812$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB912919)–>“C:\WINDOWS$NtUninstallKB912919$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913446)–>“C:\WINDOWS$NtUninstallKB913446$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB913580)–>“C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914388)–>“C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB914389)–>“C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917159)–>“C:\WINDOWS$NtUninstallKB917159$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917344)–>“C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917422)–>“C:\WINDOWS$NtUninstallKB917422$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB917953)–>“C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918118)–>“C:\WINDOWS$NtUninstallKB918118$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918439)–>“C:\WINDOWS$NtUninstallKB918439$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB918899)–>“C:\WINDOWS$NtUninstallKB918899$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB919007)–>“C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920213)–>“C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920214)–>“C:\WINDOWS$NtUninstallKB920214$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920670)–>“C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920683)–>“C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB920685)–>“C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921398)–>“C:\WINDOWS$NtUninstallKB921398$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921503)–>“C:\WINDOWS$NtUninstallKB921503$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB921883)–>“C:\WINDOWS$NtUninstallKB921883$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922616)–>“C:\WINDOWS$NtUninstallKB922616$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922760)–>“C:\WINDOWS$NtUninstallKB922760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB922819)–>“C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923191)–>“C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923414)–>“C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923689)–>“C:\WINDOWS$NtUninstallKB923689$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923694)–>“C:\WINDOWS$NtUninstallKB923694$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB923980)–>“C:\WINDOWS$NtUninstallKB923980$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924191)–>“C:\WINDOWS$NtUninstallKB924191$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924270)–>“C:\WINDOWS$NtUninstallKB924270$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924496)–>“C:\WINDOWS$NtUninstallKB924496$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB924667)–>“C:\WINDOWS$NtUninstallKB924667$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925454)–>“C:\WINDOWS$NtUninstallKB925454$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925486)–>“C:\WINDOWS$NtUninstallKB925486$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB925902)–>“C:\WINDOWS$NtUninstallKB925902$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926255)–>“C:\WINDOWS$NtUninstallKB926255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB926436)–>“C:\WINDOWS$NtUninstallKB926436$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927779)–>“C:\WINDOWS$NtUninstallKB927779$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB927802)–>“C:\WINDOWS$NtUninstallKB927802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928255)–>“C:\WINDOWS$NtUninstallKB928255$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB928843)–>“C:\WINDOWS$NtUninstallKB928843$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB929123)–>“C:\WINDOWS$NtUninstallKB929123$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB930178)–>“C:\WINDOWS$NtUninstallKB930178$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931261)–>“C:\WINDOWS$NtUninstallKB931261$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB931784)–>“C:\WINDOWS$NtUninstallKB931784$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB932168)–>“C:\WINDOWS$NtUninstallKB932168$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB933729)–>“C:\WINDOWS$NtUninstallKB933729$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935839)–>“C:\WINDOWS$NtUninstallKB935839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB935840)–>“C:\WINDOWS$NtUninstallKB935840$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB936021)–>“C:\WINDOWS$NtUninstallKB936021$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB938829)–>“C:\WINDOWS$NtUninstallKB938829$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941202)–>“C:\WINDOWS$NtUninstallKB941202$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941568)–>“C:\WINDOWS$NtUninstallKB941568$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941644)–>“C:\WINDOWS$NtUninstallKB941644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB941693)–>“C:\WINDOWS$NtUninstallKB941693$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943055)–>“C:\WINDOWS$NtUninstallKB943055$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943460)–>“C:\WINDOWS$NtUninstallKB943460$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB943485)–>“C:\WINDOWS$NtUninstallKB943485$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB944653)–>“C:\WINDOWS$NtUninstallKB944653$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB945553)–>“C:\WINDOWS$NtUninstallKB945553$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946026)–>“C:\WINDOWS$NtUninstallKB946026$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948590)–>“C:\WINDOWS$NtUninstallKB948590$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB948881)–>“C:\WINDOWS$NtUninstallKB948881$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950749)–>“C:\WINDOWS$NtUninstallKB950749$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950760)–>“C:\WINDOWS$NtUninstallKB950760$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376)–>“C:\WINDOWS$NtUninstallKB951376$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB953839)–>“C:\WINDOWS$NtUninstallKB953839$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB958690)–>“C:\WINDOWS$NtUninstallKB958690$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960715)–>“C:\WINDOWS$NtUninstallKB960715$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Aggiornamento della protezione per Windows XP (KB961373)–>“C:\WINDOWS$NtUninstallKB961373$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB894391)–>“C:\WINDOWS$NtUninstallKB894391$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB898461)–>“C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB900485)–>“C:\WINDOWS$NtUninstallKB900485$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB908531)–>“C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB910437)–>“C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB911280)–>“C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB914882)–>“C:\WINDOWS$NtUninstallKB914882$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB916595)–>“C:\WINDOWS$NtUninstallKB916595$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB920872)–>“C:\WINDOWS$NtUninstallKB920872$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB922582)–>“C:\WINDOWS$NtUninstallKB922582$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB923845)–>“C:\WINDOWS$NtUninstallKB923845$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB927891)–>“C:\WINDOWS$NtUninstallKB927891$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB930916)–>“C:\WINDOWS$NtUninstallKB930916$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB931836)–>“C:\WINDOWS$NtUninstallKB931836$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB932823-v3)–>“C:\WINDOWS$NtUninstallKB932823-v3$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB933360)–>“C:\WINDOWS$NtUninstallKB933360$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB936357)–>“C:\WINDOWS$NtUninstallKB936357$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB938828)–>“C:\WINDOWS$NtUninstallKB938828$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB942763)–>“C:\WINDOWS$NtUninstallKB942763$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
Aggiornamento per Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)–>“C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe”
Aggiornamento rapido per Windows Media Player 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB873339–>C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885250–>C:\WINDOWS$NtUninstallKB885250$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885835–>C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB885836–>C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB886185–>C:\WINDOWS$NtUninstallKB886185$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887472–>C:\WINDOWS$NtUninstallKB887472$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB887742–>C:\WINDOWS$NtUninstallKB887742$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888113–>C:\WINDOWS$NtUninstallKB888113$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB888302–>C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP - KB890859–>“C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
Aggiornamento rapido per Windows XP - KB891781–>C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
Aggiornamento rapido per Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
aMSN 0.97.2–>C:\Programmi\aMSN\uninstall.exe
Anteprima (Windows Live Toolbar)–>MsiExec.exe /X{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}
Apple Mobile Device Support–>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE” -uninstall
Assistente per l’accesso a Windows Live–>MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
Avira AntiVir Personal - Free Antivirus–>C:\Programmi\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Business Disc Italia–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{56D833FD-1A45-486F-9CC0-AE0A0529D085}\setup.exe” -l0x10 -uninst
CCleaner–>“C:\Programmi\CCleaner\uninst.exe”
CCScore–>MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Dealio Toolbar v4.0.2–>MsiExec.exe /X{C878CD69-85DB-426B-81A3-E71175AAEB91}
DivX Content Uploader–>C:\Programmi\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player–>C:\Programmi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver di Logitech® Camera–>“C:\Programmi\File comuni\Logitech\QCDRV\BIN\SETUP.EXE” UNINSTALL REMOVEPROMPT
DVDFab Gold 2.68–>“C:\Programmi\DVDFab Gold\unins000.exe”
DVDFab Platinum 2.70–>“C:\Programmi\DVDFab Platinum\unins000.exe”
ESSBrwr–>MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK–>MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore–>MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui–>MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp–>MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini–>MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD–>MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock–>MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC–>MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS–>MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt–>MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
essvcpt–>MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
Free Video to iPhone Converter version 2.2–>“C:\Programmi\DVDVideoSoft\Free Video to iPhone Converter\unins000.exe”
Free Video to MP3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free Video to MP3 Converter\unins001.exe”
Free YouTube Download 2.3–>“C:\Programmi\DVDVideoSoft\Free YouTube Download\unins000.exe”
Free YouTube to iPod Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe”
Free YouTube to Mp3 Converter version 3.2–>“C:\Programmi\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe”
Google Chrome–>“C:\Programmi\Google\Chrome\Application\3.0.195.38\Installer\setup.exe” --uninstall --system-level
Google Earth–>MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Toolbar for Internet Explorer–>“C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe” /uninstall
Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater–>“C:\Programmi\Google\Google Updater\GoogleUpdater.exe” -uninstall
HijackThis 2.0.2–>“C:\Programmi\Trend Micro\HijackThis\HijackThis.exe” /uninstall
HiJackThis–>MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
HLPPDOCK–>MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB915865)–>“C:\WINDOWS$NtUninstallKB915865$\spuninst\spuninst.exe”
Hotfix for Windows XP (KB926239)–>“C:\WINDOWS$NtUninstallKB926239$\spuninst\spuninst.exe”
HP Image Zone Express–>MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
iTunes–>MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
kgcbaby–>MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase–>MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday–>MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn–>MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt–>MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids–>MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove–>MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday–>MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
KSU–>MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LA PATENTE EUROPEA DEL COMPUTER 2–>“C:\Programmi\ECDL2\UNWISE.EXE” “C:\Programmi\ECDL2\INSTALL.LOG”
Launch Manager–>C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
Logiciel Kodak EasyShare–>C:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup$SETUP_140010_584337\Setup.exe /APR-REMOVE
Logitech Desktop Messenger–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe” -l0x10 UNINSTALL
Malwarebytes’ Anti-Malware–>“C:\Programmi\Malwarebytes’ Anti-Malware\unins000.exe”
Menu intelligenti (Windows Live Toolbar)–>MsiExec.exe /X{B3EABECF-D820-4246-94B8-0CF300CA505A}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1 Italian Language Pack–>MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft AutoRoute 2006–>MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWdf01005$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWudf01005$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSN Toolbar–>C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\mtbs.exe c
MSVC80_x86–>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)–>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Suite–>C:\Programmi\File comuni\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver–>MsiExec.exe /X{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}
Notifier–>MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI–>MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP–>MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK–>MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Pacchetto driver Windows - Atheros (ZD1211BU(Atheros)) Net (03/26/2008 1.7.3.16)–>C:\PROGRA~1\DIFX\270581355A767BF1\DPInstX86.exe /u C:\WINDOWS\system32\DRVSTORE\zd1211bu_9BC2C02A155825DC10E391E82B7C23FC67830FF8\zd1211bu.inf
Pacchetto driver Windows - Nokia Modem (05/22/2008 3.8)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)–>C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution–>MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
Pdf995–>C:\Programmi\pdf995\setup.exe uninstall
PowerProducer–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE” -uninstall
QuickTime–>MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Raccolta foto di Windows Live–>MsiExec.exe /X{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}
Realtek AC’97 Audio–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe” -l0x10 -removeonly
Search Settings v1.2.3–>MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
SFR–>MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA–>MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SiS 900 PCI Fast Ethernet Adapter Driver–>C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities–>Rundll32 SiSInst.dll,Uninstall VGA,R,oem3.inf
SiSAGP driver–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe” -l0x10
SKIN0001–>MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK–>MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype™ 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoftV90 Data Fax Modem with SmartCP–>C:\Programmi\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_00821025\HXFSETUP.EXE -U -IAcrSisK.inf
Software Logitech QuickCam–>RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup “C:\Programmi\InstallShield Installation Information{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe” -l0x10
Sportello Unico Immigrazione 1.08–>“C:\Documents and Settings\Helene\Desktop\Sportello Unico Immigrazione\uninstall.exe”
staticcr–>MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Synaptics Pointing Device Driver–>rundll32.exe “C:\Programmi\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
TVAnts 1.0–>C:\PROGRA~1\TVANTS\UNWISE.EXE C:\PROGRA~1\TVANTS\INSTALL.LOG
Uninstall 1.0.0.1–>“C:\Programmi\File comuni\DVDVideoSoft\unins000.exe”
VideoLAN VLC media player 0.8.4–>C:\Programmi\VideoLAN\VLC\uninstall.exe
VoipStunt–>“C:\Programmi\VoipStunt.com\VoipStunt\unins000.exe”
VPRINTOL–>MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Installer 3.1 (KB893803)–>“C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
Windows Internet Explorer 7–>“C:\WINDOWS\ie7\spuninst\spuninst.exe”
Windows Live Favorites per Windows Live Toolbar–>MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer–>MsiExec.exe /X{CD199CDB-00AE-42BB-B6E9-64C69D8730EF}
Windows Live Mail–>MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Live Toolbar Extension (Windows Live Toolbar)–>MsiExec.exe /X{3F35D1A3-92AD-401B-ABE2-FA27682F4112}
Windows Live Writer–>MsiExec.exe /X{BA0DE1F0-BC4C-4F90-A114-15BE51AFB4BB}
Windows Media Format 11 runtime–>“C:\Programmi\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\Programmi\Windows Media Player\Setup_wm.exe” /Uninstall
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
WIRELESS–>MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordBiz version 1.8–>“C:\Programmi\WordBiz\unins000.exe”
Yahoo! Internet Mail–>C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\YAHOO!\COMMON\YMMAPI~1.DLL
Yahoo! Messenger–>C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update–>C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar–>C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1 microsoft

======Security center information======

AV: AntiVir Desktop (disabled) (outdated)

======System event log======

Computer Name: ACER-7FA50A97F2
Event Code: 240
Message: Richiesta di sospensione dell’alimentazione negata da WINLOGON.EXE.

Record