Tous les programmes sont disparue

le raport log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Sabah at 2010-02-27 19:04:58
Microsoft Windows XP Professional Service Pack 3
System drive C: has 130 GB (85%) free of 153 GB
Total RAM: 953 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:07, on 27/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sabah\Documenti\Téléchargements\RSIT.exe
C:\Programmi\trend micro\Sabah.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: (no name) - {9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
O3 - Toolbar: (no name) - {9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Programmi\ma-config.com\maconfservice.exe (file missing)
O23 - Service: NBService - Unknown owner - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (file missing)

le 2em raport

info.txt logfile of random's system information tool 1.06 2010-02-07 15:08:28

======Uninstall list======

-->C:\Programmi\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.2.0 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A82000000003}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
AKVIS Chameleon-->"C:\Programmi\AKVIS\Chameleon\Uninstall\Uninstall.exe" "C:\Programmi\AKVIS\Chameleon\Uninstall\install.log" -u
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira Premium Security Suite-->C:\Programmi\Avira\AntiVir Desktop\setup.exe /REMOVE
Broadcom Driver v4.170.25.12_Foxconn Installation Program-->C:\Programmi\InstallShield Installation Information\{153F839F-0A63-41D8-890F-7324C0E13743}\setup.exe -runfromtemp -l0x0009 -removeonly
CardRecovery 5.20-->"C:\Programmi\CardRecovery\unins000.exe"
CCleaner (remove only)-->"C:\Programmi\CCleaner\uninst.exe"
FaceOnBody Pro v 2.4-->C:\Programmi\FaceOnBody Pro\Uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Programmi\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\Programmi\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Ma-Config.com-->MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
Malwarebytes' Anti-Malware-->"C:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Programmi\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA-->MsiExec.exe /I{71CB2612-627C-3D58-8D82-B77444B27B6A}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Silverlight 3 Toolkit November 2009-->MsiExec.exe /I{3EA86486-E94C-49E1-831A-4974B06C1D9B}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Web Platform Installer 2.0-->MsiExec.exe /X{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}
Mozilla Firefox (3.5.7)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /X{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1040}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pacchetto driver Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
Pacchetto driver Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
PC Camera-->C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C679F9B9-C65D-4C65-BD6C-BF90B859E281} /l1036
PC Camera-->C:\Programmi\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe -runfromtemp -l0x0010 -removeonly
PowerDVD-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x10 -removeonly
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Programmi\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SPlayer-->"C:\Programmi\SPlayer\uninstall.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIMICRO USB PC Camera(ZC0301PL)-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Programmi\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Sidebar-->rundll32.exe advpack.dll,LaunchINFSection WSidebar.inf,DefaultUninstall
WinRAR gestione archivi-->C:\Programmi\WinRAR\uninstall.exe
ZSMC USB PC Camera (ZS0211)-->C:\Programmi\InstallShield Installation Information\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}\setup.exe -runfromtemp -l0x0010 -removeonly

======Security center information======

AV: AntiVir Desktop (outdated)
FW: Avira Firewall

======System event log======

Computer Name: XXX-257974745A3
Event Code: 7036
Message: Il servizio QoS RSVP è ora in modalità arrestato.

Record Number: 4685
Source Name: Service Control Manager
Time Written: 20100126173742.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 29
Message: Il time provider NtpClient è configurato per acquisire l'ora da una o più
origini dell'ora, ma nessuna origine dell'ora è accessibile attualmente e
non verrà eseguito alcun tentativo di contattare un'origine per 14 minuti.
NtpClient non dispone di alcuna origine di ora esatta.

Record Number: 4684
Source Name: W32Time
Time Written: 20100126173629.000000+060
Event Type: Errore
User:

Computer Name: XXX-257974745A3
Event Code: 17
Message: Time providerNtpClient: si è verificato un errore durante la ricerca DNS del peer configurato
manualmente 'time.windows.com,0x1'. NtpClient ritenterà la ricerca DNS fra 15
minuti.
Errore Tentativo di operazione del socket verso un host non raggiungibile. (0x80072751)

Record Number: 4683
Source Name: W32Time
Time Written: 20100126173629.000000+060
Event Type: Errore
User:

Computer Name: XXX-257974745A3
Event Code: 2505
Message: Il server non ha potuto effettuare il binding del trasporto \Device\NetBT_Tcpip_{8A8554E3-D2D4-48B4-875F-6C55127015F6} perché un altro computer sulla rete ha lo stesso nome. Impossibile avviare il server.

Record Number: 4682
Source Name: Server
Time Written: 20100126173615.000000+060
Event Type: Errore
User:

Computer Name: XXX-257974745A3
Event Code: 29
Message: Il time provider NtpClient è configurato per acquisire l'ora da una o più
origini dell'ora, ma nessuna origine dell'ora è accessibile attualmente e
non verrà eseguito alcun tentativo di contattare un'origine per 14 minuti.
NtpClient non dispone di alcuna origine di ora esatta.

Record Number: 4681
Source Name: W32Time
Time Written: 20100126173611.000000+060
Event Type: Errore
User:

=====Application event log=====

Computer Name: XXX-257974745A3
Event Code: 1000
Message: I contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 1365
Source Name: LoadPerf
Time Written: 20100121125037.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 1001
Message: Contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) rimossi.
I dati del record contengono i nuovi valori delle voci del Registro di sistema relativo all'ultimo contatore e
all'ultima guida.

Record Number: 1364
Source Name: LoadPerf
Time Written: 20100121125037.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 1800
Message: Servizio Centro sicurezza PC Windows avviato.

Record Number: 1363
Source Name: SecurityCenter
Time Written: 20100121124634.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 1000
Message: I contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) sono stati caricati.
I Dati del record contengono nuovi valori di indice assegnati
al servizio.

Record Number: 1362
Source Name: LoadPerf
Time Written: 20100120165332.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 1001
Message: Contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) rimossi.
I dati del record contengono i nuovi valori delle voci del Registro di sistema relativo all'ultimo contatore e
all'ultima guida.

Record Number: 1361
Source Name: LoadPerf
Time Written: 20100120165332.000000+060
Event Type: Informazione
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\Alky for Applications\Libraries\;C:\Programmi\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

alors que dites vous des raport

que dites vous du rapport ?

bonjour, voici le raport :lopR


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processore Intel Pentium III Xeon )
BIOS : Ver 1.00PARTTBL
USER : Sabah ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 9.0.0.736 (Not Activated)
Firewall : Kaspersky Internet Security 9.0.0.736 (Not Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:126 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/02/2010|14:40 )

--------------------\\ Listing des dossiers dans DATIAP~1

[26/01/2010|17:28] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[27/02/2010|17:33] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Avira
[04/12/2009|17:08] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Broadcom
[04/12/2009|17:05] C:\DOCUME~1\ALLUSE~1\DATIAP~1\CyberLink
[14/02/2010|20:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DriverCure
[12/02/2010|20:56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\FaceOnBody
[28/02/2010|13:29] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab
[27/02/2010|21:18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab Setup Files
[30/01/2010|12:54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ma-config.com
[05/12/2009|19:23] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[19/02/2010|16:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Messenger Plus!
[23/02/2010|16:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[24/02/2010|12:09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[04/12/2009|17:08] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nero
[14/02/2010|15:15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ParetoLogic
[23/12/2009|15:04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[05/12/2009|19:31] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com
[31/01/2010|20:07] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SuperMP3Download
[03/12/2009|21:28] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[28/02/2010|00:27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\WLInstaller
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[22|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[03/12/2009|20:10] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[12/02/2010|21:31] C:\DOCUME~1\LOCALS~1\DATIAP~1\Ahead
[04/12/2009|10:38] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[03/12/2009|20:10] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[12/02/2010|20:42] C:\DOCUME~1\Sabah\DATIAP~1\Adobe
[04/12/2009|17:09] C:\DOCUME~1\Sabah\DATIAP~1\Ahead
[05/12/2009|12:39] C:\DOCUME~1\Sabah\DATIAP~1\ArcSoft
[13/02/2010|13:28] C:\DOCUME~1\Sabah\DATIAP~1\DMCache
[14/02/2010|15:16] C:\DOCUME~1\Sabah\DATIAP~1\DriverCure
[21/12/2009|18:54] C:\DOCUME~1\Sabah\DATIAP~1\dvdcss
[31/01/2010|02:04] C:\DOCUME~1\Sabah\DATIAP~1\Help
[23/02/2010|16:49] C:\DOCUME~1\Sabah\DATIAP~1\Identities
[04/12/2009|17:08] C:\DOCUME~1\Sabah\DATIAP~1\InstallShield
[04/12/2009|10:39] C:\DOCUME~1\Sabah\DATIAP~1\Macromedia
[05/12/2009|19:23] C:\DOCUME~1\Sabah\DATIAP~1\Malwarebytes
[15/12/2009|21:20] C:\DOCUME~1\Sabah\DATIAP~1\Media Player Classic
[05/02/2010|16:00] C:\DOCUME~1\Sabah\DATIAP~1\Microsoft
[19/02/2010|22:02] C:\DOCUME~1\Sabah\DATIAP~1\Move Networks
[06/12/2009|01:10] C:\DOCUME~1\Sabah\DATIAP~1\Mozilla
[06/12/2009|01:23] C:\DOCUME~1\Sabah\DATIAP~1\Opera
[01/02/2010|23:42] C:\DOCUME~1\Sabah\DATIAP~1\PhotoFiltre
[23/02/2010|18:19] C:\DOCUME~1\Sabah\DATIAP~1\PhotoFiltre Studio X
[01/02/2010|22:50] C:\DOCUME~1\Sabah\DATIAP~1\Samsung
[25/02/2010|20:40] C:\DOCUME~1\Sabah\DATIAP~1\Skype
[25/02/2010|18:36] C:\DOCUME~1\Sabah\DATIAP~1\skypePM
[28/01/2010|13:14] C:\DOCUME~1\Sabah\DATIAP~1\Softplicity
[20/12/2009|11:59] C:\DOCUME~1\Sabah\DATIAP~1\SPlayer
[05/12/2009|19:31] C:\DOCUME~1\Sabah\DATIAP~1\SUPERAntiSpyware.com
[31/01/2010|18:21] C:\DOCUME~1\Sabah\DATIAP~1\SuperMP3Download
[21/12/2009|21:32] C:\DOCUME~1\Sabah\DATIAP~1\vlc
[12/02/2010|22:44] C:\DOCUME~1\Sabah\DATIAP~1\WinRAR
[0|File] C:\DOCUME~1\Sabah\DATIAP~1\byte
[29|Directory] C:\DOCUME~1\Sabah\DATIAP~1\byte disponibili

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/02/2010 13:28][--a------] C:\WINDOWS\tasks\OGALogon.job
[28/02/2010 13:28][--ah-----] C:\WINDOWS\tasks\SA.DAT
[31/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Programmi

[27/02/2010|17:22] C:\Programmi\7-Zip
[27/02/2010|17:22] C:\Programmi\Adobe
[27/02/2010|17:22] C:\Programmi\CardRecovery
[04/12/2009|17:05] C:\Programmi\CyberLink
[28/02/2010|13:24] C:\Programmi\Easy & Secure Eraser
[28/02/2010|01:15] C:\Programmi\File comuni
[18/02/2010|11:21] C:\Programmi\InCode Solutions
[27/02/2010|17:22] C:\Programmi\InstallShield Installation Information
[27/02/2010|17:23] C:\Programmi\Internet Explorer
[27/02/2010|21:22] C:\Programmi\Kaspersky Lab
[27/02/2010|17:23] C:\Programmi\Messenger Plus! Live
[28/02/2010|01:21] C:\Programmi\Microsoft
[03/12/2009|20:12] C:\Programmi\microsoft frontpage
[27/02/2010|17:23] C:\Programmi\Movie Maker
[27/02/2010|17:36] C:\Programmi\Mozilla Firefox
[03/12/2009|20:03] C:\Programmi\MSN Gaming Zone
[27/02/2010|17:23] C:\Programmi\NetMeeting
[27/02/2010|17:24] C:\Programmi\Outlook Express
[28/02/2010|00:33] C:\Programmi\Patch MsnCreative
[27/02/2010|17:23] C:\Programmi\PhotoFiltre Studio X
[04/12/2009|17:17] C:\Programmi\Realtek
[28/02/2010|11:45] C:\Programmi\Recuva
[27/02/2010|17:24] C:\Programmi\SPlayer
[27/02/2010|21:19] C:\Programmi\SUPERAntiSpyware
[27/02/2010|19:05] C:\Programmi\trend micro
[28/02/2010|01:21] C:\Programmi\Windows Live
[28/02/2010|01:21] C:\Programmi\Windows Live SkyDrive
[27/02/2010|17:24] C:\Programmi\Windows Media Player
[27/02/2010|17:24] C:\Programmi\Windows NT
[03/12/2009|20:12] C:\Programmi\xerox
[0|File] C:\Programmi\byte
[32|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing des dossiers dans C:\Programmi\File comuni

[27/02/2010|17:22] C:\Programmi\File comuni\Adobe
[27/02/2010|17:22] C:\Programmi\File comuni\InstallShield
[28/02/2010|00:00] C:\Programmi\File comuni\Microsoft Shared
[03/12/2009|20:07] C:\Programmi\File comuni\MSSoap
[03/12/2009|20:54] C:\Programmi\File comuni\SpeechEngines
[27/02/2010|17:23] C:\Programmi\File comuni\System
[28/02/2010|01:15] C:\Programmi\File comuni\Windows Live
[28/02/2010|00:00] C:\Programmi\File comuni\WindowsLiveInstaller
[0|File] C:\Programmi\File comuni\byte
[10|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 29 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 14:42:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:853][D:164]-> C:\DOCUME~1\Sabah\IMPOST~1\Temp
[F:11][D:0]-> C:\DOCUME~1\Sabah\Cookies
[F:15][D:4]-> C:\DOCUME~1\Sabah\IMPOST~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 27/02/2010|19:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 28/02/2010|14:43 - Option : [1]

--------------------\\ Fin du rapport a 14:43:06

voila le rapport

ComboFix 10-02-27.04 - Sabah 28/02/2010 18:03:27.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.33.1040.18.953.565 [GMT 1:00]
Eseguito da: c:\documents and settings\Sabah\Documenti\Téléchargements\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\bcmwl5.inf
c:\windows\system32\ICON.ico
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((( Files Creati Da 2010-01-28 al 2010-02-28 )))))))))))))))))))))))))))))))))))
.

2010-02-28 16:21 . 2010-02-28 16:21 -------- d-----w- c:\documents and settings\Sabah\Impostazioni locali\Dati applicazioni\Google
2010-02-28 16:04 . 2008-04-13 06:34 11935 -c--a-w- c:\windows\system32\dllcache\wadv11nt.sys
2010-02-28 16:03 . 2001-08-30 20:08 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2010-02-28 16:02 . 2001-08-30 20:07 10752 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-02-28 16:01 . 2001-08-17 17:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-02-28 16:00 . 2001-08-30 17:41 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-28 15:59 . 2008-06-28 08:40 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll
2010-02-28 15:58 . 2008-04-13 06:35 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-02-28 15:57 . 2001-08-17 18:52 179584 -c--a-w- c:\windows\system32\dllcache\dac2w2k.sys
2010-02-28 15:56 . 2001-08-30 20:07 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
2010-02-28 15:55 . 2001-08-17 19:07 101888 -c--a-w- c:\windows\system32\dllcache\adpu160m.sys
2010-02-28 12:24 . 2010-02-28 12:24 -------- d-----w- c:\programmi\Easy & Secure Eraser
2010-02-28 10:45 . 2010-02-28 10:45 -------- d-----w- c:\programmi\Recuva
2010-02-28 00:21 . 2010-02-28 00:21 -------- d-----w- c:\programmi\Microsoft
2010-02-28 00:21 . 2010-02-28 00:21 -------- d-----w- c:\programmi\Windows Live SkyDrive
2010-02-28 00:15 . 2010-02-28 00:15 -------- d-----w- c:\programmi\File comuni\Windows Live
2010-02-27 23:30 . 2010-02-27 23:33 -------- d-----w- c:\programmi\Patch MsnCreative
2010-02-27 23:00 . 2010-02-27 23:00 -------- dcsh--w- c:\programmi\File comuni\WindowsLiveInstaller
2010-02-27 23:00 . 2010-02-28 00:21 -------- d-----w- c:\programmi\Windows Live
2010-02-27 22:59 . 2010-02-27 23:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WLInstaller
2010-02-27 21:54 . 2010-02-27 21:54 932368 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-02-27 21:54 . 2010-02-27 21:54 678416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-02-27 21:54 . 2010-02-27 21:54 604688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-02-27 21:53 . 2010-02-27 21:53 1096208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-02-27 21:53 . 2010-02-27 21:53 522768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-02-27 21:31 . 2010-01-16 03:14 554280 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\uninstall\helper.exe
2010-02-27 21:30 . 2010-01-16 03:14 138712 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\components\brwsrcmp.dll
2010-02-27 21:30 . 2010-01-16 03:14 23000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\components\browserdirprovider.dll
2010-02-27 21:29 . 2010-01-16 03:14 64984 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\plugins\npnul32.dll
2010-02-27 21:27 . 2010-01-16 03:14 17880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\AccessibleMarshal.dll
2010-02-27 21:27 . 2010-01-16 03:14 910296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\firefox.exe
2010-02-27 20:54 . 2010-02-27 20:54 80400 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-02-27 20:54 . 2010-02-27 20:54 397328 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2010-02-27 20:18 . 2010-02-27 20:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2010-02-27 18:51 . 2010-02-28 13:43 -------- d-----w- C:\Lop SD
2010-02-27 18:04 . 2010-02-27 18:05 -------- d-----w- c:\programmi\trend micro
2010-02-27 16:23 . 2009-03-08 13:09 638816 ----a-w- c:\documents and settings\iexplore.exe
2010-02-27 16:23 . 2009-03-08 03:24 68608 ----a-w- c:\documents and settings\hmmapi.dll
2010-02-27 16:03 . 2009-11-20 18:00 653419 ----a-w- c:\documents and settings\encoding.bin
2010-02-27 10:29 . 2009-11-20 18:11 240923 ----a-w- c:\documents and settings\en.zip
2010-02-27 10:29 . 2007-06-25 21:00 22060 ----a-w- c:\documents and settings\npds.zip
2010-02-25 14:26 . 2010-02-25 14:26 -------- d-----w- C:\18d239021d3aaa1458
2010-02-25 11:40 . 2009-07-18 03:21 3883424 ----a-w- c:\documents and settings\A0009446.dll
2010-02-24 19:47 . 2010-02-25 11:02 -------- d-----w- c:\documents and settings\Sabah\Contacts
2010-02-23 19:13 . 2004-05-19 09:02 49152 ----a-w- c:\windows\system32\Xsusie.dll
2010-02-23 19:13 . 2004-05-19 09:02 225280 ----a-w- c:\windows\system32\Xjp2.dll
2010-02-23 19:13 . 2004-05-19 09:02 114688 ----a-w- c:\windows\system32\Xjpegls.dll
2010-02-23 19:13 . 2004-05-19 09:01 49152 ----a-w- c:\windows\system32\Xjng.dll
2010-02-23 19:13 . 2004-05-19 09:01 81920 ----a-w- c:\windows\system32\Xjbig.dll
2010-02-23 19:13 . 2004-05-19 09:01 364544 ----a-w- c:\windows\system32\Xfpx.dll
2010-02-23 19:13 . 2004-02-04 05:33 307200 ----a-w- c:\windows\system32\libmng.dll
2010-02-23 19:13 . 2004-05-27 15:46 872448 ----a-w- c:\windows\system32\libgfl211.dll
2010-02-23 15:49 . 2010-02-23 17:19 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\PhotoFiltre Studio X
2010-02-23 15:23 . 2008-08-24 19:27 45056 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll
2010-02-21 13:18 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 20:08 . 2010-02-19 20:08 143973 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Move Networks\uninstall.exe
2010-02-19 20:08 . 2010-02-19 21:02 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\Move Networks
2010-02-19 15:34 . 2010-02-19 15:34 -------- d-----w- c:\documents and settings\Sabah\Impostazioni locali\Dati applicazioni\Messenger_Plus_Live
2010-02-18 10:21 . 2010-02-18 10:21 -------- d-----w- c:\programmi\InCode Solutions
2010-02-14 18:32 . 2010-02-14 18:32 125952 ----a-w- c:\documents and settings\All Users\Dati applicazioni\ParetoLogic\UUS2\Temp\Update.exe
2010-02-14 14:15 . 2010-02-14 14:16 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\DriverCure
2010-02-14 14:15 . 2010-02-14 19:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DriverCure
2010-02-14 14:15 . 2010-02-14 14:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ParetoLogic
2010-02-13 14:46 . 2010-02-13 14:49 -------- d-----w- c:\windows\SHELLNEW
2010-02-13 14:44 . 2010-02-13 14:44 -------- d-----r- C:\MSOCache
2010-02-12 21:47 . 2010-02-13 12:28 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\DMCache
2010-02-12 21:40 . 2010-02-27 16:22 -------- d-----w- c:\programmi\7-Zip
2010-02-12 20:31 . 2010-02-12 20:31 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Ahead
2010-02-12 20:02 . 2010-02-27 16:23 -------- d-----w- c:\programmi\PhotoFiltre Studio X
2010-02-10 14:32 . 2010-02-10 14:32 177024 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\FlashGot.exe
2010-02-07 17:32 . 2010-02-07 17:32 -------- d-----w- C:\Kill'em
2010-02-07 14:06 . 2010-02-07 14:08 -------- d-----w- C:\rsit
2010-02-07 11:10 . 2010-02-07 12:06 -------- d-----w- c:\documents and settings\Sabah\DoctorWeb
2010-02-06 14:37 . 2010-02-06 14:37 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2010-02-06 10:06 . 2008-04-13 07:44 2560 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\USMT\iconlib.dll
2010-02-05 18:30 . 2010-02-05 18:30 -------- d-----w- c:\documents and settings\Sabah\Impostazioni locali\Dati applicazioni\PCHealth
2010-02-01 22:40 . 2010-02-01 22:42 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\PhotoFiltre
2010-02-01 22:14 . 2010-02-01 22:14 -------- d-----w- C:\ConvertTemp
2010-02-01 21:50 . 2010-02-01 21:50 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\Samsung
2010-02-01 21:27 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2010-02-01 21:26 . 2010-02-01 21:26 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-02-01 21:26 . 2007-05-02 10:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys
2010-02-01 21:26 . 2007-05-02 10:11 12424 ----a-w- c:\windows\system32\drivers\ss_whnt.sys
2010-02-01 21:26 . 2007-05-02 10:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys
2010-02-01 21:26 . 2007-05-02 10:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys
2010-02-01 21:26 . 2007-05-02 10:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys
2010-02-01 21:26 . 2007-05-02 10:11 12424 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys
2010-02-01 21:26 . 2007-05-02 10:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys
2010-02-01 21:26 . 2006-07-24 15:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-02-01 12:15 . 2010-02-27 16:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-01-31 17:59 . 2009-10-06 10:02 52224 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll
2010-01-31 17:59 . 2009-10-06 10:02 114688 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\npmozax.dll
2010-01-31 17:21 . 2010-01-31 19:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SuperMP3Download
2010-01-31 17:21 . 2010-01-31 17:21 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\SuperMP3Download
2010-01-31 15:43 . 2010-01-31 15:43 1024 ----a-w- c:\windows\system32\PDF2TXT.DAT
2010-01-31 01:04 . 2010-01-31 01:04 -------- d-----w- c:\documents and settings\Sabah\Impostazioni locali\Dati applicazioni\Help
2010-01-30 14:23 . 2002-10-16 08:29 49152 ----a-w- c:\windows\amcap.exe
2010-01-30 14:23 . 2004-12-15 18:01 40960 ----a-w- c:\windows\VM_STI.EXE
2010-01-30 14:23 . 2004-12-10 13:30 61440 ----a-w- c:\windows\system32\VM31bSTI.dll
2010-01-30 14:23 . 2004-03-08 16:00 24576 ----a-w- c:\windows\system32\RunSetup.dll
2010-01-30 14:23 . 2010-01-30 14:23 -------- d-----w- c:\windows\CatRoot
2010-01-30 14:23 . 2006-04-03 12:57 195299 ----a-w- c:\windows\system32\drivers\usbVM31b.sys
2010-01-30 14:23 . 2004-12-10 09:07 94208 ----a-w- c:\windows\VMCap.exe
2010-01-30 12:30 . 2010-01-30 12:30 -------- d-----w- c:\windows\F20A984B9B304A9EA3AC918AF0D85A48.TMP
2010-01-30 12:15 . 2007-04-06 10:06 57344 ----a-w- c:\windows\ZSSnp211.exe
2010-01-30 12:00 . 2009-11-30 09:14 121344 ----a-w- c:\windows\system32\gfxSrvc.dll
2010-01-30 12:00 . 2009-11-30 09:14 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2010-01-30 12:00 . 2009-11-30 10:01 81920 ----a-w- c:\windows\system32\igfxCoIn_v5189.dll
2010-01-30 12:00 . 2009-11-30 09:14 3110912 ----a-w- c:\windows\system32\GfxUI.exe
2010-01-30 11:50 . 2010-01-30 11:50 -------- d--h--w- c:\windows\PIF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 17:09 . 2010-02-27 20:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-02-27 20:54 . 2010-02-27 20:54 19472 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2010-02-27 20:54 . 2010-02-27 20:54 109072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2010-02-27 20:54 . 2010-02-27 20:54 315408 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\sys\i386\5.1\klif.sys
2010-02-27 20:54 . 2010-02-27 20:54 397328 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2010-02-27 20:54 . 2010-02-27 20:54 109072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2010-02-27 20:54 . 2010-02-27 20:54 17936 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2010-02-27 20:54 . 2010-02-27 20:54 80400 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-02-27 20:54 . 2010-02-27 20:54 315408 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\5.1\klif.sys
2010-02-27 20:23 . 2010-02-27 20:23 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2010-02-27 20:23 . 2010-02-27 20:23 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2010-02-27 20:22 . 2010-02-27 20:22 -------- d-----w- c:\programmi\Kaspersky Lab
2010-02-27 20:19 . 2009-12-05 18:31 -------- d-----w- c:\programmi\SUPERAntiSpyware
2010-02-27 16:24 . 2009-12-19 17:24 -------- d-----w- c:\programmi\SPlayer
2010-02-27 16:23 . 2009-12-03 19:03 -------- d-----w- c:\programmi\Messenger Plus! Live
2010-02-27 16:22 . 2009-12-04 16:05 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-27 16:22 . 2009-12-04 16:04 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-02-27 16:22 . 2009-12-04 16:02 -------- d-----w- c:\programmi\File comuni\Adobe
2010-02-27 16:22 . 2009-12-20 16:21 -------- d-----w- c:\programmi\CardRecovery
2010-02-25 19:40 . 2009-12-23 14:11 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\Skype
2010-02-25 17:36 . 2009-12-23 14:19 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\skypePM
2010-02-24 11:09 . 2010-01-29 10:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-02-19 20:08 . 2009-09-24 21:45 5644224 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\Move Networks\plugins\npqmp071700000016.dll
2010-02-19 15:35 . 2009-12-03 20:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2010-02-13 15:00 . 2009-12-03 20:28 107360 ----a-w- c:\documents and settings\Sabah\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-12 19:56 . 2010-01-25 19:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FaceOnBody
2010-02-07 17:40 . 2001-08-31 12:00 99882 ----a-w- c:\windows\system32\perfc010.dat
2010-02-07 17:40 . 2001-08-31 12:00 545348 ----a-w- c:\windows\system32\perfh010.dat
2010-01-30 11:54 . 2009-12-05 11:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ma-config.com
2010-01-28 12:14 . 2010-01-28 12:11 -------- d-----w- c:\documents and settings\Sabah\Dati applicazioni\Softplicity
2010-01-19 17:46 . 2010-01-19 17:46 230432 ----a-w- C:\PA207.DAT
2010-01-16 00:13 . 2010-02-27 21:28 155648 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\softokn3.dll
2010-01-16 00:13 . 2010-02-27 21:28 98304 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\nssdbm3.dll
2010-01-16 00:13 . 2010-02-27 21:28 249856 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\Sandbox\KLSB1\Device\HarddiskVolume1\Programmi\Mozilla Firefox\freebl3.dll
2009-12-31 16:50 . 2008-04-13 10:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-23 14:19 . 2009-12-23 14:19 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-21 19:06 . 2008-06-28 08:41 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:40 . 2009-12-03 19:02 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-13 17:13 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 14:31 . 2008-06-28 08:40 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 14:31 . 2008-04-23 17:58 2069888 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-06 00:10 . 2009-12-06 00:10 0 ----a-w- c:\windows\nsreg.dat
2009-12-05 18:35 . 2009-12-05 18:35 117760 ----a-w- c:\documents and settings\Sabah\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-04 17:25 . 2008-06-28 08:40 456832 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-04 16:17 . 2009-12-04 16:17 315392 ----a-w- c:\windows\HideWin.exe
2009-12-03 19:41 . 2009-12-03 19:09 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-03 19:05 . 2009-12-03 19:05 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-03 15:14 . 2009-12-05 18:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-05 18:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.

------- Sigcheck -------

[-] 2008-06-28 . 902E0A75C51196A82BED9CC0E3AC8756 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^FirePanel XP.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\FirePanel XP.lnk
backup=c:\windows\pss\FirePanel XP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 17:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-07-17 21:40 53248 ------w- c:\programmi\Realtek\Audio\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
2004-12-15 18:01 40960 ----a-w- c:\windows\VM_STI.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 17:14 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-11-30 09:15 166912 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-11-30 09:16 135168 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-13 07:43 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-13 07:43 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-11-30 09:15 138240 ----a-w- c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-13 07:43 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-13 07:43 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\InCode Solutions\\RemoveIT Pro v4 - SE\\removeit.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 21:18 36880]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 14:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/10/2009 19:39 19472]
S1 SASKUTIL;SASKUTIL;\??\c:\programmi\SUPERAntiSpyware\SASKUTIL.sys --> c:\programmi\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [07/10/2009 02:44 129856]
S3 maconfservice;Ma-Config Service;"c:\programmi\ma-config.com\maconfservice.exe" --> c:\programmi\ma-config.com\maconfservice.exe [?]
S3 PAC207;CIF USB Camera;c:\windows\system32\DRIVERS\PFC027.SYS --> c:\windows\system32\DRIVERS\PFC027.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [07/10/2009 02:44 752984]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-28 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Ajouter à l'Anti-bannière - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - component: c:\documents and settings\Sabah\Dati applicazioni\Mozilla\Firefox\Profiles\kue9y8yl.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\Sabah\Dati applicazioni\Move Networks\plugins\npqmp071700000016.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.mozilla.org/en-US/firefox/new/?redirect_source=firefox-com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

URLSearchHooks-{9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
BHO-{9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
Toolbar-{9b339f6e-ddcd-401b-8764-230adbd01761} - (no file)
MSConfigStartUp-Adobe ARM - c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-MSSE - c:\programmi\Microsoft Security Essentials\msseces.exe
MSConfigStartUp-NeroFilterCheck - c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-RemoteControl - c:\programmi\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-Skype - c:\programmi\Skype\Phone\Skype.exe
MSConfigStartUp-SUPERAntiSpyware - c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
AddRemove-6194C28A8F62DD817EA1B918E6E46E806A21B452 - c:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-65B6FE5418CE28F4D72543FB2D964C3CEC83F161 - c:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-CCleaner - c:\programmi\CCleaner\uninst.exe
AddRemove-FaceOnBody Pro v 2.4 - c:\programmi\FaceOnBody Pro\Uninstall.exe
AddRemove-FireLogXP_is1 - c:\programmi\2BrightSparks\FireLogXP\unins000.exe
AddRemove-InstallShield_{C679F9B9-C65D-4C65-BD6C-BF90B859E281} - c:\progra~1\FILECO~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\programmi\Malwarebytes' Anti-Malware\unins000.exe
AddRemove-Messenger Plus! Live - c:\programmi\Messenger Plus! Live\Uninstall.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\programmi\Nero\Nero 7\\nero\uninstall\UNNERO.exe
AddRemove-PROPLUS - c:\programmi\File comuni\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe
AddRemove-RemoveIT Pro v4 - SE - c:\progra~1\INCODE~1\REMOVE~1\UNWISE.EXE
AddRemove-SPlayer - c:\programmi\SPlayer\uninstall.exe
AddRemove-Windows Media Format Runtime - c:\programmi\Windows Media Player\wmsetsdk.exe
AddRemove-{153F839F-0A63-41D8-890F-7324C0E13743} - c:\programmi\InstallShield Installation Information\{153F839F-0A63-41D8-890F-7324C0E13743}\setup.exe
AddRemove-{44D02D8B-FFB3-4245-8D26-68D10B4C4023} - c:\programmi\InstallShield Installation Information\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}\setup.exe
AddRemove-{88D68A69-D247-466B-90DD-575F6BE16230}_is1 - c:\programmi\CardRecovery\unins000.exe
AddRemove-{C4A4722E-79F9-417C-BD72-8D359A090C97} - c:\programmi\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe
AddRemove-{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} - c:\programmi\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe
AddRemove-PhotoFiltre Studio X - c:\programmi\PhotoFiltre Studio X\Uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 18:09
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3604)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-02-28 18:12:36 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-02-28 17:12

Pre-Run: 135 130 431 488 byte disponibili
Post-Run: 135 391 637 504 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - C3E017CBAA99319C2701A85BEEE9952C

rapport log.txt


Logfile of random's system information tool 1.06 (written by random/random)
Run by Sabah at 2010-02-28 18:39:29
Microsoft Windows XP Professional Service Pack 3
System drive C: has 129 GB (85%) free of 153 GB
Total RAM: 953 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:34, on 28/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Documents and Settings\Sabah\Documenti\RSIT.exe
C:\Programmi\trend micro\Sabah.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Programmi\ma-config.com\maconfservice.exe (file missing)
O23 - Service: NBService - Unknown owner - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (file missing)

rapport info txt :


info.txt logfile of random's system information tool 1.06 2010-02-28 18:39:36

======Uninstall list======

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.2.0 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A82000000003}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
FirePanel XP-->MsiExec.exe /I{25094F78-5812-4722-81F3-D752060EEDF7}
HijackThis 2.0.2-->"C:\Programmi\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Programmi\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Ma-Config.com-->MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA-->MsiExec.exe /I{71CB2612-627C-3D58-8D82-B77444B27B6A}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile Beta 2-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile Beta 2-->MsiExec.exe /X{57EC5BFE-7CB7-3057-8385-C9D72918511C}
Microsoft .NET Framework 4 Extended Beta 2-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended Beta 2-->MsiExec.exe /X{6E405B40-3879-3C9B-9286-8D5E71258C35}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight 3 Toolkit November 2009-->MsiExec.exe /I{3EA86486-E94C-49E1-831A-4974B06C1D9B}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Web Platform Installer 2.0-->MsiExec.exe /X{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}
Mozilla Firefox (3.6)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /X{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1040}
NeroBackItUp!UninstallKey-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
NeroMediaHome!UninstallKey-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
NeroRecode!UninstallKey-->C:\WINDOWS\UNRecode.exe /UNINSTALL
NeroShowTime!UninstallKey-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
NeroVision!UninstallKey-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PCHealth-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
PowerDVD-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x10 -removeonly
Recuva-->"C:\Programmi\Recuva\uninst.exe"
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
VIMICRO USB PC Camera(ZC0301PL)-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Sidebar-->rundll32.exe advpack.dll,LaunchINFSection WSidebar.inf,DefaultUninstall

======Security center information======

AV: Kaspersky Internet Security
FW: Kaspersky Internet Security

======System event log======

Computer Name: XXX-257974745A3
Event Code: 7036
Message: Il servizio Windows Installer è ora in modalità esecuzione.

Record Number: 7823
Source Name: Service Control Manager
Time Written: 20100216235119.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 7035
Message: Invio di un controllo avvio da parte del servizio Windows Installer riuscito.

Record Number: 7822
Source Name: Service Control Manager
Time Written: 20100216235119.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: XXX-257974745A3
Event Code: 4226
Message: È stato raggiunto il limite di protezione imposto sul numero di tentativi temporanei di connessione TCP.

Record Number: 7821
Source Name: Tcpip
Time Written: 20100216234933.000000+060
Event Type: Attenzione
User:

Computer Name: XXX-257974745A3
Event Code: 18
Message: Installazione pronta. I seguenti aggiornamenti sono stati scaricati e sono pronti per l'installazione. L'installazione di questi aggiornamenti è attualmente pianificata per il giorno ?lunedì ?22 ?febbraio ?2010 alle 10.00:
- Aggiornamento per Microsoft Silverlight (KB979202)

Record Number: 7820
Source Name: Windows Update Agent
Time Written: 20100216225258.000000+060
Event Type: Informazione
User:

Computer Name: XXX-257974745A3
Event Code: 7036
Message: Il servizio Servizio COM di masterizzazione CD IMAPI è ora in modalità arrestato.

Record Number: 7819
Source Name: Service Control Manager
Time Written: 20100216225147.000000+060
Event Type: Informazione
User:

=====Application event log=====

Computer Name: XXX-257974745A3
Event Code: 1033
Message:
Record Number: 3391
Source Name: MsiInstaller
Time Written: 20100211000725.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: XXX-257974745A3
Event Code: 11708
Message:
Record Number: 3390
Source Name: MsiInstaller
Time Written: 20100211000725.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: XXX-257974745A3
Event Code: 1040
Message:
Record Number: 3389
Source Name: MsiInstaller
Time Written: 20100211000653.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: XXX-257974745A3
Event Code: 4096
Message:
Record Number: 3388
Source Name: Avira AntiVir
Time Written: 20100210221434.000000+060
Event Type: Informazione
User: NT AUTHORITY\SYSTEM

Computer Name: XXX-257974745A3
Event Code: 1800
Message: Servizio Centro sicurezza PC Windows avviato.

Record Number: 3387
Source Name: SecurityCenter
Time Written: 20100210221430.000000+060
Event Type: Informazione
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Programmi\Alky for Applications\Libraries;C:\Programmi\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

bonjour, voila le rapport de :eset.onlinescan :
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.21115 (vista_ldr.090826-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=e1c22ac7358e21419e90cb3a0ede574a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-03-01 11:01:22
# local_time=2010-03-01 12:01:22 (+0100, ora solare Europa occidentale)
# country="France"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 64914 64914 0 0
# compatibility_mode=1280 16777175 100 0 141549 141549 0 0
# compatibility_mode=8192 67108863 100 0 4710 4710 0 0
# scanned=31143
# found=0
# cleaned=0
# scan_time=1202