Boot. Tidserv

Solved/Closed
ferrux Posts 4 Registration date Sunday January 8, 2012 Status Member Last seen January 10, 2012 - Jan 8, 2012 at 03:47 PM
ferrux Posts 4 Registration date Sunday January 8, 2012 Status Member Last seen January 10, 2012 - Jan 10, 2012 at 07:25 AM
Hello,
googling I had the chance to read this old post from this community.

I am in the same situation, trying to follow these directions, I do step #3
but after that, rebooting the pc, it gets crazy, it continuosly restarts since cannot accomplish the boot and windows normal loading, so far I had to reboot with 'last know good configuration' to get the pc back to normal operations.

Here are some screebshots:
https://picasaweb.google.com/109175126296685887586/KIOSKEATIDSERV?authuser=0&feat=directlink

hope someone has a good advice how to avoid that problem and keep with next steps of the procedure.

Thank you very much.
best regards.
Ferrux


>>> ----- old post -------

Ambucias Jul 8, 2010 10:51am BST

Hello Mullin
Jul 8, 2010 10:51am BST

Nice little rootkit you have here!:))

Please follow the instructions hereunder:


Set your cookies to high or block everything in the internet options
1.Right click My computer>Hardware>Device Manager
2.In Device Manager click view>Show hidden devices
3.In Non-plug and play drivers disable TDSS.sys or related drivers. 4.Restart computer.
5.Now regedit and delete all TDSS related entries.(If you are not able to delete some entries right click and grant yourself full access for the entry)
6. Temporarily Disable System Restore (Windows Me/XP).
7. Update the virus definitions.
8. Reboot computer in SafeMode
9. Run a full system scan and clean/delete all infected file(s)
10. Delete any values added to the registry. (spme may not be present)
Navigate to and delete the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"build" = "standart"
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"serversdown" = "1?
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"type" = "popup"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\"affid" = "39?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\"asubid" = "v2test7?

Navigate to and delete the following registry subkeys:
HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Services\TDSServ
HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Control\SafeBoot\Minimal\TDSServ.sys
HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Control\SafeBoot\Network\TDSServ.sys
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\version
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\connections
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\disallowed
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\injector

11. Exit registry editor

12. Download, install and run Malwarebyte which you can find on this site:

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware

Ensure you make an update.

Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.

If Malwarebyte restarts your system, launch it again to finish the Full scan.

When the scan is completed, delete all items found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.

Please let us know about the results of your cleaning work

Regards







5 responses

Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,162
Jan 8, 2012 at 04:06 PM
Bongiorno,

You may not have the very same rootkit or virus

To help you and precribe a remedy, I must make a diagnostic and to do so, I require a system log.

1. Boot in safemode with networking.

2. Open this link and download ZHPDiag2 :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message. Also clicking on the "hardhat" icon allows to change the language.)

3. Save the file on your Desktop.

4. Double click on ZHPDiag.exe and follow the installation instructions.

the tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix at the next step).

5. Double click on the short cut ZHPDiag on your Destktop.

6. Click on the Magnifying glass and run the analysys.

Wait for the tool to finished (maybe a long time)

7. Close ZHPDiag.


6. To transmit the report, click on this link :

https://authentification.site

7. Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\Program Files\ZHPDiag).

8. Select the file ZHPDiag.txt.

9. Click on "upload »

10. Copy the url and post it here

Best regards
0
ferrux Posts 4 Registration date Sunday January 8, 2012 Status Member Last seen January 10, 2012
Jan 8, 2012 at 04:29 PM
Thank you for you reply :-)

I will be able to reach the 'infected' pc via remote support within maximum next saturday, hope you can leave this thread open till then.

Thank you, regards.
Ferrux
0
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,162
Jan 9, 2012 at 04:30 AM
I'm standing by.
0
ferrux Posts 4 Registration date Sunday January 8, 2012 Status Member Last seen January 10, 2012
Jan 9, 2012 at 03:21 PM
Rapport de ZHPDiag v1.28.308 par Nicolas Coolman, Update du 06/01/2012
Run by HP_Proprietario at 09/01/2012 21.58.06
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Versione aggiorno.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 9.0.1 v9.0.1

---\\ Windows Product Information
~ Langage: Italien
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ System Information
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2046 MB (85% free)
System Restore: Activé (Enable)
System drive C: has 90 GB (50%) free of 180 GB

---\\ Logged in mode
~ Computer Name: NOME-80B5784770
~ User Name: HP_Proprietario
~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Proprietario, HelpAssistant, Guest, Anna, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\HP_Proprietario\Dati applicazioni\
~ %Desktop% : C:\Documents and Settings\HP_Proprietario\Desktop\
~ %Favorites% : C:\Documents and Settings\HP_Proprietario\Preferiti\
~ %LocalAppData% : C:\Documents and Settings\HP_Proprietario\Impostazioni locali\Dati applicazioni\
~ %StartMenu% : C:\Documents and Settings\HP_Proprietario\Menu Avvio\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 90 Go of 180 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 6 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Search Generic System Files
[MD5.70D7F99D95615C3C278367756287DB71] - (.Microsoft Corporation - Esplora risorse.) (.09/01/2012 - 3.14.07.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.D51A4B912A90554B580A2401DFAB02A5] - (.Microsoft Corporation - Modulo di esecuzione DLL come applicazioni.) (.09/01/2012 - 3.14.18.) -- C:\WINDOWS\system32\rundll32.exe [33280]
[MD5.BE94B711CF6F539A220EE5042DA61B82] - (.Microsoft Corporation - Internet Extensions for Win32.) (.09/01/2012 - 20.13.33.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.9259170D29B5A256735FCB8B80280857] - (.Microsoft Corporation - Applicazione Accesso a Windows NT.) (.09/01/2012 - 3.14.24.) -- C:\WINDOWS\system32\Winlogon.exe [510464]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/01/2012 - 14.49.54.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.09/01/2012 - 19.40.30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.09/01/2012 - 20.14.21.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.09/01/2012 - 19.40.46.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976]
[MD5.2CFEA3326981A18C6BAF2BD9BE76225B] - (.Microsoft Corporation - FIPS Crypto Driver.) (.09/01/2012 - 2.48.54.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.09/01/2012 - 17.36.05.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384]
[MD5.610726E28AF55B95043C5C35A727E320] - (.Microsoft Corporation - Driver della porta i8042.) (.09/01/2012 - 2.50.58.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [53248]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.09/01/2012 - 19.40.58.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.09/01/2012 - 19.57.15.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.09/01/2012 - 20.19.42.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/01/2012 - 14.29.31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.09/01/2012 - 20.21.00.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.09/01/2012 - 20.15.53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
[MD5.4E9408A178B2D955871C2CDD278DE3C3] - (.Microsoft Corporation - Driver della porta parallela.) (.09/01/2012 - 2.55.56.) -- C:\WINDOWS\system32\drivers\Parport.sys [80256]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.09/01/2012 - 20.19.43.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.09/01/2012 - 19.32.51.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224]
[MD5.393FC252593323B624B230ECA6B85E63] - (.Microsoft Corporation - Driver del filtro audio Redbook.) (.09/01/2012 - 2.49.27.) -- C:\WINDOWS\system32\drivers\redbook.sys [58368]
[MD5.E46C1B5A56DA7DA603D09DFCC79EC59E] - (.Microsoft Corporation - Driver copia replicata del volume.) (.09/01/2012 - 2.49.24.) -- C:\WINDOWS\system32\drivers\volsnap.sys [53376]
~ Scan Generic Processes in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 11/88
~ Mes musiques (My Musics) : 1/4
~ Mes Favoris (My Favorites) : 2/340
~ Mes Documents (My Documents) : 16/161
~ Mon Bureau (My Desktop) : 224/6612
~ Menu demarrer (Programs) : 6/54
~ Scan Hidden Files in 00mn 23s



---\\ Processi correnti
[MD5.3364A0B0338356CD936073B453AE6915] - (.TeamViewer GmbH - Applicazione controllo remoto TeamViewer.) -- C:\Documents and Settings\HP_Proprietario\temp\TeamViewer3\TeamViewer.exe [2990376] [PID.1780]
[MD5.2E1A988538B6C570172B3EAA39A156A8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Programmi\ZHPDiag\ZHPDiag.exe [2210304] [PID.916]
~ Scan Processes Running in 00mn 01s



---\\ Mozilla Firefox, Plugins,Avviamento,Ricerca,Estensione (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.3.633.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Programmi\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Programmi\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2303] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Programmi\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2361] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Programmi\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1465] - (.RealNetworks, Inc. - 6.0.12.1465.) -- C:\Programmi\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Programmi\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Programmi\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Avviamento,Ricerca,Estensione (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=5DB4675643E0419D99344A2CDA90EED9
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19165 (longhorn_ie8_gdr.111021-1715)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Scan Proxy management in 00mn 00s



---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - AutorunsDisabled Orphean Key
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Programmi\Norton 360\Engine\5.1.0.29\coieplg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Programmi\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Programmi\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Programmi\Norton 360\Engine\5.1.0.29\coieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Auto loading programs from Registry (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- C:\WINDOWS\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] . (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\KBD\kbd.exe
O4 - HKLM\..\Run: [Recguard] . (.Unknown owner - Recguard Application.) -- C:\WINDOWS\SMINST\Recguard.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] . (.Hewlett-Packard - hpgs2wnd.) -- C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [UserFaultCheck] Orphean Key
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1459894080-1535819799-2687965844-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1459894080-1535819799-2687965844-1008\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s



---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\MBRCheck.lnk . (...) -- C:\Programmi\ZHPDiag\mbrcheck.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\ZHPDiag.lnk . (.Nicolas Coolman.) -- C:\Programmi\ZHPDiag\ZHPDiag.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\Collegamento a firefox.exe.lnk . (.Mozilla Corporation.) -- C:\Programmi\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\Collegamento a Programmi.lnk . (...) -- C:\Programmi
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\fototaxi3.lnk . (.Rikorda.) -- C:\Programmi\fototaxi3\pyt.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\MULO ARRIVATI.lnk . (...) -- C:\Programmi\eMule\Incoming
O4 - Global Startup: C:\Documents And Settings\Anna\Desktop\Guida in linea e supporto tecnico.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\pchealth\helpctr\Binaries\helpctr.exe
O4 - Global Startup: C:\Documents And Settings\Administrator\Desktop\Guida in linea e supporto tecnico.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\pchealth\helpctr\Binaries\helpctr.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\MBRCheck.lnk . (...) -- C:\Programmi\ZHPDiag\mbrcheck.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\ZHPDiag.lnk . (.Nicolas Coolman.) -- C:\Programmi\ZHPDiag\ZHPDiag.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\Collegamento a firefox.exe.lnk . (.Mozilla Corporation.) -- C:\Programmi\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\Collegamento a Programmi.lnk . (...) -- C:\Programmi
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\fototaxi3.lnk . (.Rikorda.) -- C:\Programmi\fototaxi3\pyt.exe
O4 - Global Startup: C:\Documents And Settings\HP_Proprietario\Desktop\MULO ARRIVATI.lnk . (...) -- C:\Programmi\eMule\Incoming
O4 - Global Startup: C:\Documents And Settings\Anna\Desktop\Guida in linea e supporto tecnico.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\pchealth\helpctr\Binaries\helpctr.exe
O4 - Global Startup: C:\Documents And Settings\Administrator\Desktop\Guida in linea e supporto tecnico.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\pchealth\helpctr\Binaries\helpctr.exe
~ Scan Global Startup in 00mn 00s



---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Service Provider Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Service Provider Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E0F218E-C1AC-4DBC-81F9-003B5B644B8C}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{6610B93B-FABA-4E4D-830B-73E41592D355}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS2\Services\Tcpip\..\{2E0F218E-C1AC-4DBC-81F9-003B5B644B8C}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CS2\Services\Tcpip\..\{6610B93B-FABA-4E4D-830B-73E41592D355}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS3\Services\Tcpip\..\{2E0F218E-C1AC-4DBC-81F9-003B5B644B8C}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CS3\Services\Tcpip\..\{6610B93B-FABA-4E4D-830B-73E41592D355}: DhcpDomain = americas.hpqcorp.net
~ Scan Domain in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controllo ActiveX per streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controllo ActiveX per streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL comune della shell di Windows.) -- C:\WINDOWS\system32\shell32.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente rete disconnessa.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comune per ricevere le notifiche di Win.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comune per ricevere le notifiche di Win.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL di notifica del Servizio di accesso sec.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comune per ricevere le notifiche di Win.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comune per ricevere le notifiche di Win.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifica Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comune per ricevere le notifiche di Win.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WRNotifier . (...) -- WRLogonNTF.dll
~ Scan Winlogon in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL comune della shell di Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL comune della shell di Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Oggetto servizio shell Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Programmi\Norton 360\Engine\5.1.0.29\ccsvchst.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.exe
~ Scan Services in 00mn 00s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Compiti progettati in automazione (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
~ Scan Scheduled Task in 00mn 00s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Internet Explorer - Aggiornamento versione - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilità di configurazione di Microsoft Windows Media Player.) -- C:\WINDOWS\inf\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilità di inizializzazione Per utente di Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\WINDOWS\system32\iedkcs32.dll
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\WINDOWS\system32\msjava.dll
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Adobe\Director\SwDir.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Estensione shell della cartella FTP di Microsoft Internet Explo.) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilità di inizializzazione Per utente di Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (...) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.1 r102.) -- C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx
~ Scan Active Setup in 00mn 00s



---\\ Drivers lanciati all'avviamento (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\Documents and Settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Programmi\File comuni\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Driver della porta i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.)
O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.)
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Driver classe tastiera.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Driver Mouse Class.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Driver di periferica processore.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Driver del filtro audio Redbook.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Programmi\SUPERAntiSpyware\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.sys
O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\WINDOWS\system32\Drivers\N360\0501000.01D\SYMTDI.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Controller video VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s



---\\ Softwares installati (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Unknown owner.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI Control Panel - (.Unknown owner.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Access Gateway USB - (.Unknown owner.) [HKLM] -- Access Gateway USB
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.1) - Italiano - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1040-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc.) [HKLM] -- {FF2A5498-4EFE-430F-A138-7EB365DBEBAD}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agere Systems PCI Soft Modem - (.Unknown owner.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Aggiornamento critico per Windows Media Player 11 (KB959772) - (.Microsoft Corporation.) [HKLM] -- KB959772_WM11
O42 - Logiciel: Aggiornamento della protezione per Step by Step Interactive Training (KB898458) - (.Microsoft Corporation.) [HKLM] -- KB898458
O42 - Logiciel: Aggiornamento della protezione per Step by Step Interactive Training (KB923723) - (.Microsoft Corporation.) [HKLM] -- KB923723
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090) - (.Microsoft Corporation.) [HKLM] -- KB928090-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB929969) - (.Microsoft Corporation.) [HKLM] -- KB929969
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768) - (.Microsoft Corporation.) [HKLM] -- KB931768-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566) - (.Microsoft Corporation.) [HKLM] -- KB933566-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB937143) - (.Microsoft Corporation.) [HKLM] -- KB937143-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127) - (.Microsoft Corporation.) [HKLM] -- KB938127-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653) - (.Microsoft Corporation.) [HKLM] -- KB939653-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615) - (.Microsoft Corporation.) [HKLM] -- KB942615-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533) - (.Microsoft Corporation.) [HKLM] -- KB944533-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759) - (.Microsoft Corporation.) [HKLM] -- KB950759-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838) - (.Microsoft Corporation.) [HKLM] -- KB953838-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390) - (.Microsoft Corporation.) [HKLM] -- KB956390-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215) - (.Microsoft Corporation.) [HKLM] -- KB958215-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714) - (.Microsoft Corporation.) [HKLM] -- KB960714-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260) - (.Microsoft Corporation.) [HKLM] -- KB961260-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027) - (.Microsoft Corporation.) [HKLM] -- KB963027-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB969897) - (.Microsoft Corporation.) [HKLM] -- KB969897-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 7 (KB972260) - (.Microsoft Corporation.) [HKLM] -- KB972260-IE7
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461) - (.Microsoft Corporation.) [HKLM] -- KB2183461-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131) - (.Microsoft Corporation.) [HKLM] -- KB2360131-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400) - (.Microsoft Corporation.) [HKLM] -- KB2416400-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017) - (.Microsoft Corporation.) [HKLM] -- KB2482017-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640) - (.Microsoft Corporation.) [HKLM] -- KB2497640-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548) - (.Microsoft Corporation.) [HKLM] -- KB2530548-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521) - (.Microsoft Corporation.) [HKLM] -- KB2544521-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049) - (.Microsoft Corporation.) [HKLM] -- KB2559049-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448) - (.Microsoft Corporation.) [HKLM] -- KB2586448-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444) - (.Microsoft Corporation.) [HKLM] -- KB2618444-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961) - (.Microsoft Corporation.) [HKLM] -- KB971961-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB972260) - (.Microsoft Corporation.) [HKLM] -- KB972260-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB974455) - (.Microsoft Corporation.) [HKLM] -- KB974455-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325) - (.Microsoft Corporation.) [HKLM] -- KB976325-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207) - (.Microsoft Corporation.) [HKLM] -- KB978207-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332) - (.Microsoft Corporation.) [HKLM] -- KB981332-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381) - (.Microsoft Corporation.) [HKLM] -- KB982381-IE8
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB2378111) - (.Microsoft Corporation.) [HKLM] -- KB2378111_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB952069) - (.Microsoft Corporation.) [HKLM] -- KB952069_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB954155) - (.Microsoft Corporation.) [HKLM] -- KB954155_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB968816) - (.Microsoft Corporation.) [HKLM] -- KB968816_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB973540) - (.Microsoft Corporation.) [HKLM] -- KB973540_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player (KB978695) - (.Microsoft Corporation.) [HKLM] -- KB978695_WM9
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player 10 (KB911565) - (.Microsoft Corporation.) [HKLM] -- KB911565
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player 10 (KB917734) - (.Microsoft Corporation.) [HKLM] -- KB917734_WMP10
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player 11 (KB936782) - (.Microsoft Corporation.) [HKLM] -- KB936782_WMP11
O42 - Logiciel: Aggiornamento della protezione per Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2079403) - (.Microsoft Corporation.) [HKLM] -- KB2079403
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2115168) - (.Microsoft Corporation.) [HKLM] -- KB2115168
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2121546) - (.Microsoft Corporation.) [HKLM] -- KB2121546
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2160329) - (.Microsoft Corporation.) [HKLM] -- KB2160329
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2259922) - (.Microsoft Corporation.) [HKLM] -- KB2259922
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2279986) - (.Microsoft Corporation.) [HKLM] -- KB2279986
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2286198) - (.Microsoft Corporation.) [HKLM] -- KB2286198
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2296011) - (.Microsoft Corporation.) [HKLM] -- KB2296011
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2296199) - (.Microsoft Corporation.) [HKLM] -- KB2296199
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2347290) - (.Microsoft Corporation.) [HKLM] -- KB2347290
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2360937) - (.Microsoft Corporation.) [HKLM] -- KB2360937
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2387149) - (.Microsoft Corporation.) [HKLM] -- KB2387149
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2412687) - (.Microsoft Corporation.) [HKLM] -- KB2412687
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2423089) - (.Microsoft Corporation.) [HKLM] -- KB2423089
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2436673) - (.Microsoft Corporation.) [HKLM] -- KB2436673
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2440591) - (.Microsoft Corporation.) [HKLM] -- KB2440591
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2443105) - (.Microsoft Corporation.) [HKLM] -- KB2443105
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2476490) - (.Microsoft Corporation.) [HKLM] -- KB2476490
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2476687) - (.Microsoft Corporation.) [HKLM] -- KB2476687
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2479628) - (.Microsoft Corporation.) [HKLM] -- KB2479628
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2481109) - (.Microsoft Corporation.) [HKLM] -- KB2481109
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2485376) - (.Microsoft Corporation.) [HKLM] -- KB2485376
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2491683) - (.Microsoft Corporation.) [HKLM] -- KB2491683
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2503658) - (.Microsoft Corporation.) [HKLM] -- KB2503658
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2503665) - (.Microsoft Corporation.) [HKLM] -- KB2503665
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2506223) - (.Microsoft Corporation.) [HKLM] -- KB2506223
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2507618) - (.Microsoft Corporation.) [HKLM] -- KB2507618
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2508272) - (.Microsoft Corporation.) [HKLM] -- KB2508272
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2511455) - (.Microsoft Corporation.) [HKLM] -- KB2511455
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2524375) - (.Microsoft Corporation.) [HKLM] -- KB2524375
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2536276) - (.Microsoft Corporation.) [HKLM] -- KB2536276
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2536276-v2) - (.Microsoft Corporation.) [HKLM] -- KB2536276-v2
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2544893) - (.Microsoft Corporation.) [HKLM] -- KB2544893
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2544893-v2) - (.Microsoft Corporation.) [HKLM] -- KB2544893-v2
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2555917) - (.Microsoft Corporation.) [HKLM] -- KB2555917
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2562937) - (.Microsoft Corporation.) [HKLM] -- KB2562937
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2567053) - (.Microsoft Corporation.) [HKLM] -- KB2567053
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2567680) - (.Microsoft Corporation.) [HKLM] -- KB2567680
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2570222) - (.Microsoft Corporation.) [HKLM] -- KB2570222
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2618451) - (.Microsoft Corporation.) [HKLM] -- KB2618451
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2619339) - (.Microsoft Corporation.) [HKLM] -- KB2619339
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2620712) - (.Microsoft Corporation.) [HKLM] -- KB2620712
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2624667) - (.Microsoft Corporation.) [HKLM] -- KB2624667
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2633171) - (.Microsoft Corporation.) [HKLM] -- KB2633171
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB2639417) - (.Microsoft Corporation.) [HKLM] -- KB2639417
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB938464) - (.Microsoft Corporation.) [HKLM] -- KB938464
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB938464-v2) - (.Microsoft Corporation.) [HKLM] -- KB938464-v2
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB950762) - (.Microsoft Corporation.) [HKLM] -- KB950762
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB950974) - (.Microsoft Corporation.) [HKLM] -- KB950974
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB951066) - (.Microsoft Corporation.) [HKLM] -- KB951066
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB951376) - (.Microsoft Corporation.) [HKLM] -- KB951376
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB951376-v2) - (.Microsoft Corporation.) [HKLM] -- KB951376-v2
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB951698) - (.Microsoft Corporation.) [HKLM] -- KB951698
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB951748) - (.Microsoft Corporation.) [HKLM] -- KB951748
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB952004) - (.Microsoft Corporation.) [HKLM] -- KB952004
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB952954) - (.Microsoft Corporation.) [HKLM] -- KB952954
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB953839) - (.Microsoft Corporation.) [HKLM] -- KB953839
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB954211) - (.Microsoft Corporation.) [HKLM] -- KB954211
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB954459) - (.Microsoft Corporation.) [HKLM] -- KB954459
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB954600) - (.Microsoft Corporation.) [HKLM] -- KB954600
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB955069) - (.Microsoft Corporation.) [HKLM] -- KB955069
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956391) - (.Microsoft Corporation.) [HKLM] -- KB956391
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956572) - (.Microsoft Corporation.) [HKLM] -- KB956572
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956744) - (.Microsoft Corporation.) [HKLM] -- KB956744
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956802) - (.Microsoft Corporation.) [HKLM] -- KB956802
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956803) - (.Microsoft Corporation.) [HKLM] -- KB956803
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956841) - (.Microsoft Corporation.) [HKLM] -- KB956841
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB956844) - (.Microsoft Corporation.) [HKLM] -- KB956844
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB957095) - (.Microsoft Corporation.) [HKLM] -- KB957095
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB957097) - (.Microsoft Corporation.) [HKLM] -- KB957097
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB958644) - (.Microsoft Corporation.) [HKLM] -- KB958644
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB958687) - (.Microsoft Corporation.) [HKLM] -- KB958687
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB958690) - (.Microsoft Corporation.) [HKLM] -- KB958690
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB958869) - (.Microsoft Corporation.) [HKLM] -- KB958869
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB959426) - (.Microsoft Corporation.) [HKLM] -- KB959426
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB960225) - (.Microsoft Corporation.) [HKLM] -- KB960225
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB960715) - (.Microsoft Corporation.) [HKLM] -- KB960715
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB960803) - (.Microsoft Corporation.) [HKLM] -- KB960803
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB960859) - (.Microsoft Corporation.) [HKLM] -- KB960859
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB961371) - (.Microsoft Corporation.) [HKLM] -- KB961371
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB961373) - (.Microsoft Corporation.) [HKLM] -- KB961373
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB961501) - (.Microsoft Corporation.) [HKLM] -- KB961501
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB968537) - (.Microsoft Corporation.) [HKLM] -- KB968537
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB969059) - (.Microsoft Corporation.) [HKLM] -- KB969059
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB969898) - (.Microsoft Corporation.) [HKLM] -- KB969898
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB969947) - (.Microsoft Corporation.) [HKLM] -- KB969947
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB970238) - (.Microsoft Corporation.) [HKLM] -- KB970238
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB970430) - (.Microsoft Corporation.) [HKLM] -- KB970430
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB971468) - (.Microsoft Corporation.) [HKLM] -- KB971468
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB971486) - (.Microsoft Corporation.) [HKLM] -- KB971486
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB971557) - (.Microsoft Corporation.) [HKLM] -- KB971557
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB971633) - (.Microsoft Corporation.) [HKLM] -- KB971633
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB971657) - (.Microsoft Corporation.) [HKLM] -- KB971657
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB972270) - (.Microsoft Corporation.) [HKLM] -- KB972270
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973346) - (.Microsoft Corporation.) [HKLM] -- KB973346
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973354) - (.Microsoft Corporation.) [HKLM] -- KB973354
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973507) - (.Microsoft Corporation.) [HKLM] -- KB973507
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973525) - (.Microsoft Corporation.) [HKLM] -- KB973525
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973869) - (.Microsoft Corporation.) [HKLM] -- KB973869
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB973904) - (.Microsoft Corporation.) [HKLM] -- KB973904
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB974112) - (.Microsoft Corporation.) [HKLM] -- KB974112
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB974318) - (.Microsoft Corporation.) [HKLM] -- KB974318
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB974392) - (.Microsoft Corporation.) [HKLM] -- KB974392
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB974571) - (.Microsoft Corporation.) [HKLM] -- KB974571
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975025) - (.Microsoft Corporation.) [HKLM] -- KB975025
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975467) - (.Microsoft Corporation.) [HKLM] -- KB975467
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975560) - (.Microsoft Corporation.) [HKLM] -- KB975560
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975561) - (.Microsoft Corporation.) [HKLM] -- KB975561
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975562) - (.Microsoft Corporation.) [HKLM] -- KB975562
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB975713) - (.Microsoft Corporation.) [HKLM] -- KB975713
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB977165) - (.Microsoft Corporation.) [HKLM] -- KB977165
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB977816) - (.Microsoft Corporation.) [HKLM] -- KB977816
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB977914) - (.Microsoft Corporation.) [HKLM] -- KB977914
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB978037) - (.Microsoft Corporation.) [HKLM] -- KB978037
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB978251) - (.Microsoft Corporation.) [HKLM] -- KB978251
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB978262) - (.Microsoft Corporation.) [HKLM] -- KB978262
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB978338) - (.Microsoft Corporation.) [HKLM] -- KB978338
O42 - Logiciel: Aggiornamento della protezione per Windows XP (KB978542) - (.Microsoft Corporation.) [HKLM] -- KB978542
O42 - Logi
0
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,162
Jan 10, 2012 at 05:30 AM
Your system no longer shows any signs of infection.

There is probably a missing operating file which I cannot identify.

I suggest you first update Windows (Start, programs, Windows update)

If you still experience the problem, you should repair Windows using the CD

Sorry about that
0

Didn't find the answer you are looking for?

Ask a question
ferrux Posts 4 Registration date Sunday January 8, 2012 Status Member Last seen January 10, 2012
Jan 10, 2012 at 07:25 AM
Hello,
just the fact you don't see infection is a good news.

Thank you, and please close the thread.

Regards
Ferrux
0