Ciao A.Roselli!!!
ti ringrazio per avermi risposto nel precedente post. Ho fatto come hai detto, ma il problema si ripresenta :-(((
Ho fatto la scansione con AVG Professional 7.5; con AD-AWARE Professional 2007; con Trojan Remover v6.5.5; con SarsFX; ecc. ... Niente.
ti posto il file di hijackthis2 fatto in modalità temporanea. Ti sarei grato se potesti aiutarmi ;-)
StartupList report, 29/06/2007, 19.07.02
StartupList version 2.00.0
Started from: C:\Documents and Settings\Massimiliano\Documenti\Istallazioni\hijackthis2.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Logged on as 'Massimiliano' to 'MASSIMIL-895D35'
* Using default options (see end of log for possible options)
==================================================
Running processes (9):
[C:\Documents and Settings\Massimiliano\Documenti\Istallazioni\hijackthis2.exe (40)]
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\asycfilt.dll
C:\WINDOWS\system32\CLBCATQ.DLL
C:\WINDOWS\system32\COMCTL32.dll
C:\WINDOWS\system32\comdlg32.dll
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\system32\DNSAPI.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MSCOMCTL.OCX
C:\WINDOWS\system32\msctfime.ime
C:\WINDOWS\system32\msi.dll
C:\WINDOWS\system32\MSVBVM60.DLL
C:\WINDOWS\system32\MSVCP60.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\NTDSAPI.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\system32\PSAPI.DLL
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\Secur32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\SXS.DLL
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\wbem\fastprox.dll
C:\WINDOWS\system32\wbem\wbemcomn.dll
C:\WINDOWS\system32\wbem\wbemdisp.dll
C:\WINDOWS\system32\wbem\wbemprox.dll
C:\WINDOWS\system32\wbem\wbemsvc.dll
C:\WINDOWS\system32\wbem\wmiutils.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\xpsp2res.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe (35)]
C:\Programmi\Lavasoft\Ad-Aware 2007\CEAPI.dll
C:\Programmi\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll
C:\Programmi\Lavasoft\Ad-Aware 2007\Update.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\CRYPT32.dll
C:\WINDOWS\system32\DNSAPI.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\iertutil.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\system32\msctfime.ime
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\System32\mswsock.dll
C:\WINDOWS\system32\Normaliz.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\PSAPI.DLL
C:\WINDOWS\system32\rasadhlp.dll
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\rsaenh.dll
C:\WINDOWS\system32\Secur32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\WININET.dll
C:\WINDOWS\System32\winrnr.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\WSOCK32.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[C:\WINDOWS\Explorer.EXE (103)]
C:\PROGRA~1\TROJAN~1\Trshlex.dll
C:\PROGRA~1\WINDOW~2\wmpband.dll
C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
C:\Programmi\File comuni\Ahead\Lib\MediaLibraryNSE.dll
C:\Programmi\Grisoft\AVG7\avgse.dll
C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
C:\Programmi\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
C:\Programmi\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
C:\Programmi\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
C:\Programmi\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
C:\Programmi\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
C:\Programmi\WinRAR\rarext.dll
C:\WINDOWS\AppPatch\AcGenral.DLL
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\appHelp.dll
C:\WINDOWS\system32\ATL.DLL
C:\WINDOWS\system32\Audiodev.dll
C:\WINDOWS\system32\browselc.dll
C:\WINDOWS\system32\BROWSEUI.dll
C:\WINDOWS\system32\CLBCATQ.DLL
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\comdlg32.dll
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\system32\credui.dll
C:\WINDOWS\system32\CRYPT32.dll
C:\WINDOWS\system32\CRYPTUI.dll
C:\WINDOWS\System32\CSCDLL.dll
C:\WINDOWS\System32\cscui.dll
C:\WINDOWS\System32\davclnt.dll
C:\WINDOWS\System32\drprov.dll
C:\WINDOWS\system32\Faultrep.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\ieframe.dll
C:\WINDOWS\system32\iertutil.dll
C:\WINDOWS\system32\IMAGEHLP.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\LINKINFO.dll
C:\WINDOWS\system32\MLANG.dll
C:\WINDOWS\system32\MPR.dll
C:\WINDOWS\system32\MSACM32.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\system32\msctfime.ime
C:\WINDOWS\system32\MSGINA.dll
C:\WINDOWS\system32\msi.dll
C:\WINDOWS\system32\MSIMG32.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\MSVFW32.dll
C:\WINDOWS\system32\mydocs.dll
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\System32\NETRAP.dll
C:\WINDOWS\system32\NETSHELL.dll
C:\WINDOWS\System32\NETUI0.dll
C:\WINDOWS\System32\NETUI1.dll
C:\WINDOWS\system32\Normaliz.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\System32\ntlanman.dll
C:\WINDOWS\system32\ntshrui.dll
C:\WINDOWS\system32\ODBC32.dll
C:\WINDOWS\system32\odbcint.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\system32\olepro32.dll
C:\WINDOWS\system32\PortableDeviceApi.dll
C:\WINDOWS\system32\PSAPI.DLL
C:\WINDOWS\system32\RICHED20.dll
C:\WINDOWS\system32\RICHED32.DLL
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\rsaenh.dll
C:\WINDOWS\system32\rtutils.dll
C:\WINDOWS\system32\SAMLIB.dll
C:\WINDOWS\system32\Secur32.dll
C:\WINDOWS\system32\sendmail.dll
C:\WINDOWS\system32\SETUPAPI.dll
C:\WINDOWS\system32\SHDOCVW.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\shgina.dll
C:\WINDOWS\system32\ShimEng.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\themeui.dll
C:\WINDOWS\system32\urlmon.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\WININET.dll
C:\WINDOWS\system32\WINMM.dll
C:\WINDOWS\system32\WINSPOOL.DRV
C:\WINDOWS\system32\WINSTA.dll
C:\WINDOWS\system32\WINTRUST.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WMASF.DLL
C:\WINDOWS\system32\WMVCore.DLL
C:\WINDOWS\system32\wpdshext.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\WTSAPI32.dll
C:\WINDOWS\system32\xpsp2res.dll
C:\WINDOWS\system32\zipfldr.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
[C:\WINDOWS\system32\lsass.exe (48)]
C:\WINDOWS\AppPatch\AcGenral.DLL
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\CRYPT32.dll
C:\WINDOWS\system32\cryptdll.dll
C:\WINDOWS\system32\DNSAPI.dll
C:\WINDOWS\system32\dssenh.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\system32\kerberos.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\LSASRV.dll
C:\WINDOWS\system32\MPR.dll
C:\WINDOWS\system32\MSACM32.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\system32\msprivs.dll
C:\WINDOWS\system32\msv1_0.dll
C:\WINDOWS\system32\MSVCP60.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\netlogon.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\NTDSAPI.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\rsaenh.dll
C:\WINDOWS\system32\SAMLIB.dll
C:\WINDOWS\system32\SAMSRV.dll
C:\WINDOWS\system32\scecli.dll
C:\WINDOWS\system32\schannel.dll
C:\WINDOWS\system32\Secur32.dll
C:\WINDOWS\system32\SETUPAPI.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\ShimEng.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\w32time.dll
C:\WINDOWS\system32\wdigest.dll
C:\WINDOWS\system32\WINMM.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[C:\WINDOWS\system32\services.exe (26)]
C:\WINDOWS\AppPatch\AcAdProc.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\Apphelp.dll
C:\WINDOWS\system32\AUTHZ.dll
C:\WINDOWS\system32\eventlog.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MSVCP60.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NCObjAPI.DLL
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\PSAPI.DLL
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\SCESRV.dll
C:\WINDOWS\system32\secur32.dll
C:\WINDOWS\system32\ShimEng.dll
C:\WINDOWS\system32\umpnpmgr.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\WINSTA.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\wtsapi32.dll
[C:\WINDOWS\System32\smss.exe (1)]
C:\WINDOWS\system32\ntdll.dll
[C:\WINDOWS\system32\svchost.exe (37)]
C:\WINDOWS\AppPatch\AcGenral.DLL
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\Apphelp.dll
C:\WINDOWS\system32\CLBCATQ.DLL
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MSACM32.dll
C:\WINDOWS\system32\msv1_0.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\NTMARTA.DLL
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\system32\RPCRT4.dll
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\SAMLIB.dll
c:\windows\system32\Secur32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\ShimEng.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\WINMM.dll
C:\WINDOWS\system32\WINSTA.dll
C:\WINDOWS\system32\WLDAP32.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
C:\WINDOWS\system32\WTSAPI32.dll
C:\WINDOWS\system32\xpsp2res.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[C:\WINDOWS\system32\svchost.exe (66)]
C:\WINDOWS\AppPatch\AcGenral.DLL
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\Apphelp.dll
c:\windows\system32\ATL.DLL
c:\windows\system32\certcli.dll
C:\WINDOWS\system32\CLBCATQ.DLL
C:\WINDOWS\system32\comctl32.dll
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\system32\CRYPT32.dll
c:\windows\system32\cryptsvc.dll
C:\WINDOWS\system32\CRYPTUI.dll
C:\WINDOWS\system32\DNSAPI.dll
c:\windows\system32\ESENT.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\iertutil.dll
C:\WINDOWS\system32\IMAGEHLP.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MSACM32.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\system32\MSVCP60.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NCObjAPI.DLL
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\Normaliz.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\NTDSAPI.dll
C:\WINDOWS\system32\NTMARTA.DLL
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
c:\windows\system32\POWRPROF.dll
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\rsaenh.dll
C:\WINDOWS\system32\SAMLIB.dll
c:\windows\system32\Secur32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\ShimEng.dll
C:\WINDOWS\system32\SHLWAPI.dll
c:\windows\system32\srsvc.dll
C:\WINDOWS\system32\SXS.DLL
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\VSSAPI.DLL
C:\WINDOWS\system32\wbem\esscli.dll
C:\WINDOWS\system32\wbem\FastProx.dll
C:\WINDOWS\system32\wbem\ncprov.dll
C:\WINDOWS\system32\wbem\repdrvfs.dll
C:\WINDOWS\system32\wbem\wbemcomn.dll
C:\WINDOWS\system32\wbem\wbemcore.dll
C:\WINDOWS\system32\wbem\wbemess.dll
C:\WINDOWS\system32\wbem\wbemsvc.dll
C:\WINDOWS\system32\wbem\wmiprvsd.dll
c:\windows\system32\wbem\wmisvc.dll
C:\WINDOWS\system32\wbem\wmiutils.dll
C:\WINDOWS\system32\WININET.dll
C:\WINDOWS\system32\WINMM.dll
C:\WINDOWS\system32\WINSTA.dll
C:\WINDOWS\system32\WINTRUST.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\xpsp2res.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[C:\WINDOWS\system32\winlogon.exe (59)]
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\Apphelp.dll
C:\WINDOWS\system32\AUTHZ.dll
C:\WINDOWS\system32\CLBCATQ.DLL
C:\WINDOWS\system32\COMCTL32.dll
C:\WINDOWS\system32\comdlg32.dll
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\system32\CRYPT32.dll
C:\WINDOWS\system32\cscdll.dll
C:\WINDOWS\system32\cscui.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\IMAGEHLP.dll
C:\WINDOWS\system32\IMM32.DLL
C:\WINDOWS\system32\iphlpapi.dll
C:\WINDOWS\system32\kernel32.dll
C:\WINDOWS\system32\MPR.dll
C:\WINDOWS\system32\MSASN1.dll
C:\WINDOWS\system32\msctfime.ime
C:\WINDOWS\system32\MSGINA.dll
C:\WINDOWS\system32\msv1_0.dll
C:\WINDOWS\system32\msvcrt.dll
C:\WINDOWS\system32\NDdeApi.dll
C:\WINDOWS\system32\NETAPI32.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\NTMARTA.DLL
C:\WINDOWS\system32\ODBC32.dll
C:\WINDOWS\system32\odbcint.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\OLEAUT32.dll
C:\WINDOWS\system32\PROFMAP.dll
C:\WINDOWS\system32\PSAPI.DLL
C:\WINDOWS\system32\REGAPI.dll
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\system32\rsaenh.dll
C:\WINDOWS\system32\SAMLIB.dll
C:\WINDOWS\system32\Secur32.dll
C:\WINDOWS\system32\SETUPAPI.dll
C:\WINDOWS\system32\sfc.dll
C:\WINDOWS\system32\sfc_os.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHLWAPI.dll
C:\WINDOWS\system32\SHSVCS.dll
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\USERENV.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\VERSION.dll
C:\WINDOWS\system32\WgaLogon.dll
C:\WINDOWS\system32\WINMM.dll
C:\WINDOWS\system32\WinSCard.dll
C:\WINDOWS\system32\WINSPOOL.DRV
C:\WINDOWS\system32\WINSTA.dll
C:\WINDOWS\system32\WINTRUST.dll
C:\WINDOWS\system32\WLDAP32.dll
C:\WINDOWS\system32\WlNotify.dll
C:\WINDOWS\system32\WS2_32.dll
C:\WINDOWS\system32\WS2HELP.dll
C:\WINDOWS\system32\WTSAPI32.dll
C:\WINDOWS\system32\xpsp2res.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
Autostart folders:
[Startup (1)]
desktop.ini
[User Startup (1)]
desktop.ini
[Common Startup (2)]
Acrobat Assistant.lnk
desktop.ini
[User Common Startup (2)]
Acrobat Assistant.lnk
desktop.ini
IniMapping values:
System NT shell = Explorer.exe
User screensaver = C:\WINDOWS\system32\logon.scr
Autostarting batch files:
[autoexec.nt]
@echo off
lh :SystemRoot:\system32\mscdexnt.exe
lh :SystemRoot:\system32\redir
lh :SystemRoot:\system32\dosx
SET BLASTER=A220 I5 D1 P330 T3
[config.nt]
dos=high, umb
device=:SystemRoot:\system32\himem.sys
files=40
On-reboot actions:
BootExecute = autocheck autochk *
Shell commands:
.bat - File batch MS-DOS - ":1" :*
.cmd - Script di comandi Windows NT - ":1" :*
.com - Applicazione per MS-DOS - ":1" :*
.exe - Applicazione - ":1" :*
.hta - HTML Application - C:\WINDOWS\system32\mshta.exe ":1" :*
.js - File di script JScript - C:\WINDOWS\System32\WScript.exe ":1" :*
.jse - File di script codificato in JScript - C:\WINDOWS\System32\WScript.exe ":1" :*
.pif - Collegamento ad un programma per MS-DOS - ":1" :*
.scr - Screen saver - ":1" /S
.txt - Documento di testo - C:\WINDOWS\system32\NOTEPAD.EXE :1
.vbe - File di script codificato in VBScript - C:\WINDOWS\System32\WScript.exe ":1" :*
.vbs - File di script VBScript - C:\WINDOWS\System32\WScript.exe ":1" %*
.wsf - File di script Windows - C:\WINDOWS\System32\WScript.exe "%1" %*
.wsh - File di impostazioni di Windows Script Host - C:\WINDOWS\System32\WScript.exe "%1" %*
Driver filters:
[Class filters]
* Mouse e altre periferiche di puntamento *
- Upper filters
mouclass.sys
* Periferiche infrarossi *
- Upper filters
IRENUM.sys
* Tastiere *
- Upper filters
kbdclass.sys
* Unità disco *
- Upper filters
PartMgr.sys
* Unità DVD/CD-ROM *
- Lower filters
PxHelp20.sys
AnyDVD.sys
ElbyDelay.sys
* Volumi di archiviazione *
- Upper filters
VolSnap.sys
[Device filters]
* Direct Parallel *
- Lower filters
PtiLink.sys
* Driver mouse di Terminal Server *
- Upper filters
mouclass.sys
* Driver tastiera di Terminal Server *
- Upper filters
kbdclass.sys
* HSP56 MR *
- Lower filters
Ptserial.sys
* Miniport WAN (PPPOE) *
- Lower filters
NdisTapi.sys
* Porta di comunicazione *
- Upper filters
serenum.sys
* Processore Intel(r) 82845 per controller AGP - 1A31 *
- Upper filters
AGP440.sys
* Synaptics PS/2 Port TouchPad *
- Upper filters
SynTP.sys
* Unità CD-ROM *
- Upper filters
redbook.sys
- Lower filters
imapi.sys
* Unità CD-ROM *
- Upper filters
redbook.sys
* WAN Miniport (IP) *
- Lower filters
NdisTapi.sys
* WAN Miniport (PPTP) *
- Lower filters
NdisTapi.sys
Print monitors (7):
BJ Language Monitor - cnbjmon.dll
Local Port - localspl.dll
Microsoft Document Imaging Writer Monitor - mdimon.dll
PDF Port - C:\WINDOWS\system32\pdfports.dll
PJL Language Monitor - pjlmon.dll
Standard TCP/IP Port - tcpmon.dll
USB Monitor - usbmon.dll
WinLogon autoruns:
UserInit = C:\WINDOWS\system32\userinit.exe,
VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl"
[Notify (10)]
crypt32chain = crypt32.dll
cryptnet = cryptnet.dll
cscdll = cscdll.dll
ScCertProp = wlnotify.dll
Schedule = wlnotify.dll
sclgntfy = sclgntfy.dll
SensLogn = WlNotify.dll
termsrv = wlnotify.dll
WgaLogon = WgaLogon.dll
wlballoon = wlnotify.dll
[Group policy extensions (7)]
Quota disco Microsoft = dskquota.dll
Internet Explorer Zonemapping = iedkcs32.dll
Security = scecli.dll
Internet Explorer Branding = iedkcs32.dll
EFS recovery = scecli.dll
Microsoft Offline Files = %SystemRoot%\System32\cscui.dll
Installazione software = appmgmts.dll
Policies:
[This user]
* Alternate policies *
- Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1)
NoDriveTypeAutoRun = dword: 145
[All users]
* Primary policies *
- Software\Policies\Microsoft\Windows\Installer (1)
EnableAdminTSRemote = dword: 1
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{72385235-70fa-11d1-864c-14a300000000} (7)
ClassName = ipsecFilter
description = Confronta tutti i pacchetti ICMP scambiati tra il computer in uso e ogni altro computer.
name = ipsecFilter{72385235-70fa-11d1-864c-14a300000000}
ipsecName = Traffico su tutti gli ICMP
ipsecID = {72385235-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{7238523a-70fa-11d1-864c-14a300000000} (7)
ClassName = ipsecFilter
description = Confronta tutti i pacchetti IP inviati dal computer in uso a ogni altro computer, eccetto broadcast, multicast, Kerberos, RSVP e ISAKMP (IKE).
name = ipsecFilter{7238523a-70fa-11d1-864c-14a300000000}
ipsecName = Traffico su tutti gli IP
ipsecID = {7238523a-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} (5)
ClassName = ipsecISAKMPPolicy
name = ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}
ipsecID = {72385231-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000} (5)
ClassName = ipsecISAKMPPolicy
name = ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000}
ipsecID = {72385234-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} (5)
ClassName = ipsecISAKMPPolicy
name = ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}
ipsecID = {72385237-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} (5)
ClassName = ipsecISAKMPPolicy
name = ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}
ipsecID = {7238523d-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{03257f69-05b0-475d-9a7b-05926e321dad} (7)
ClassName = ipsecNegotiationPolicy
name = ipsecNegotiationPolicy{03257f69-05b0-475d-9a7b-05926e321dad}
ipsecID = {03257f69-05b0-475d-9a7b-05926e321dad}
ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000}
ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{3cca0a87-89a9-4284-acc9-7ac0fd663575} (7)
ClassName = ipsecNegotiationPolicy
name = ipsecNegotiationPolicy{3cca0a87-89a9-4284-acc9-7ac0fd663575}
ipsecID = {3cca0a87-89a9-4284-acc9-7ac0fd663575}
ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000}
ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} (9)
ClassName = ipsecNegotiationPolicy
description = Accetta la comunicazione non protetta, ma richiede ai client di stabilire metodi di trust e di protezione. Comunica in modalità non protetta ai client non attendibili che non rispondono alla richiesta.
name = ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}
ipsecName = Richiedi protezione (facoltativo)
ipsecID = {72385233-70fa-11d1-864c-14a300000000}
ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000}
ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} (9)
ClassName = ipsecNegotiationPolicy
description = Autorizza il passaggio dei pacchetti IP non protetti.
name = ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000}
ipsecName = Autorizza
ipsecID = {7238523b-70fa-11d1-864c-14a300000000}
ipsecNegotiationPolicyAction = {8a171dd2-77e3-11d1-8659-a04f00000000}
ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} (9)
ClassName = ipsecNegotiationPolicy
description = Accetta la comunicazione non protetta, ma richiede sempre ai client di stabilire metodi di trust e di protezione. Non comunica con i client non attendibili.
name = ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000}
ipsecName = Richiedi protezione
ipsecID = {7238523f-70fa-11d1-864c-14a300000000}
ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000}
ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{95a82de9-f949-44e4-9862-4595eefb37ef} (7)
ClassName = ipsecNegotiationPolicy
name = ipsecNegotiationPolicy{95a82de9-f949-44e4-9862-4595eefb37ef}
ipsecID = {95a82de9-f949-44e4-9862-4595eefb37ef}
ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000}
ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000}
ipsecDataType = dword: 256
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{024c50b2-ebec-47fc-8850-c12345788297} (8)
ClassName = ipsecNFA
name = ipsecNFA{024c50b2-ebec-47fc-8850-c12345788297}
ipsecName = Richiedi protezione
description = Accetta la comunicazione non protetta, ma richiede sempre ai client di stabilire metodi di trust e di protezione. Non comunica con i client non attendibili.
ipsecID = {024c50b2-ebec-47fc-8850-c12345788297}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{3cff14ac-fd8c-44fb-b393-dadbd327c1c3} (6)
ClassName = ipsecNFA
name = ipsecNFA{3cff14ac-fd8c-44fb-b393-dadbd327c1c3}
ipsecID = {3cff14ac-fd8c-44fb-b393-dadbd327c1c3}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{95a82de9-f949-44e4-9862-4595eefb37ef}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{5186ad79-aeb9-4718-ad9d-cd93dd07b98e} (8)
ClassName = ipsecNFA
name = ipsecNFA{5186ad79-aeb9-4718-ad9d-cd93dd07b98e}
ipsecName = Autorizza il passaggio dei pacchetti ICMP non protetti.
description = Autorizza il passaggio dei pacchetti ICMP non protetti.
ipsecID = {5186ad79-aeb9-4718-ad9d-cd93dd07b98e}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{781b92cb-bd82-4508-9933-8cb0aeaa5bbc} (8)
ClassName = ipsecNFA
name = ipsecNFA{781b92cb-bd82-4508-9933-8cb0aeaa5bbc}
ipsecName = Regola Richiedi protezione (facoltativa)
description = Per tutto il traffico IP richiede sempre protezione con trust Kerberos. Consente la comunicazione non protetta con i client che non rispondono alla richiesta.
ipsecID = {781b92cb-bd82-4508-9933-8cb0aeaa5bbc}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{aa8afb16-4835-4c9e-896f-3c21c82ec3b5} (6)
ClassName = ipsecNFA
name = ipsecNFA{aa8afb16-4835-4c9e-896f-3c21c82ec3b5}
ipsecID = {aa8afb16-4835-4c9e-896f-3c21c82ec3b5}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{3cca0a87-89a9-4284-acc9-7ac0fd663575}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{e6d3dc79-38d6-4dba-be6a-1886acdc3a64} (6)
ClassName = ipsecNFA
name = ipsecNFA{e6d3dc79-38d6-4dba-be6a-1886acdc3a64}
ipsecID = {e6d3dc79-38d6-4dba-be6a-1886acdc3a64}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{03257f69-05b0-475d-9a7b-05926e321dad}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{e6d9f410-4081-44a9-934b-221420bd323d} (8)
ClassName = ipsecNFA
name = ipsecNFA{e6d9f410-4081-44a9-934b-221420bd323d}
ipsecName = Autorizza il passaggio dei pacchetti ICMP non protetti.
description = Autorizza il passaggio dei pacchetti ICMP non protetti.
ipsecID = {e6d9f410-4081-44a9-934b-221420bd323d}
ipsecDataType = dword: 256
ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385230-70fa-11d1-864c-14a300000000} (8)
ClassName = ipsecPolicy
description = Per tutto il traffico IP richiede sempre protezione con trust Kerberos. Consente la comunicazione non protetta con i client che non rispondono alla richiesta.
name = ipsecPolicy{72385230-70fa-11d1-864c-14a300000000}
ipsecName = Server (Richiedi protezione)
ipsecID = {72385230-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385236-70fa-11d1-864c-14a300000000} (8)
ClassName = ipsecPolicy
description = Comunica normalmente (in modalità non protetta). Utilizza la risposta predefinita per negoziare con i server che richiedono protezione. Solo il traffico su porta e protocollo richiesti viene protetto.
name = ipsecPolicy{72385236-70fa-11d1-864c-14a300000000}
ipsecName = Client (solo risposta)
ipsecID = {72385236-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000} (8)
ClassName = ipsecPolicy
description = Per tutto il traffico IP richiede sempre protezione con trust Kerberos. Non consente la comunicazione non protetta con i client non attendibili.
name = ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000}
ipsecName = Server protetto (Richiedi protezione)
ipsecID = {7238523c-70fa-11d1-864c-14a300000000}
ipsecDataType = dword: 256
ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}
whenChanged = dword: 1181292093
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers (4)
TransparentEnabled = dword: 1
DefaultLevel = dword: 262144
AuthenticodeEnabled = dword: 0
PolicyScope = dword: 0
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328} (4)
Description = Stop the download of this file
FriendlyName = Mdac11.cab
SaferFlags = dword: 0
HashAlg = dword: 32771
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91} (4)
Description = Stop the download of this file
FriendlyName = mdac20.cab
SaferFlags = dword: 0
HashAlg = dword: 32771
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f} (4)
Description = Stop the download of this file
FriendlyName = mdac20_a.cab
SaferFlags = dword: 0
HashAlg = dword: 32771
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d} (4)
Description = Stop the download of this file
FriendlyName = _msadc10.cab
SaferFlags = dword: 0
HashAlg = dword: 32771
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc} (4)
Description = Stop the download of this file
FriendlyName = msadc11.cab
SaferFlags = dword: 0
HashAlg = dword: 32771
- Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33} (2)
Description =
SaferFlags = dword: 0
* Alternate policies *
- Software\Microsoft\Windows\CurrentVersion\policies\NonEnum (3)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = dword: 1
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = dword: 1073741857
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = dword: 32
- Software\Microsoft\Windows\CurrentVersion\policies\system (5)
dontdisplaylastusername = dword: 0
legalnoticecaption =
legalnoticetext =
shutdownwithoutlogon = dword: 1
undockwithoutlogon = dword: 1
Browser Helper Objects (2):
AcroIEHlprObj Class = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programmi\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
DAPHelper Class = {0000CC75-ACF3-4cac-A0A9-DD3868E06852} = C:\Programmi\DAP\DAPBHO.dll
ActiveX objects (14):
BASEIE40_W2K - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
BRANDING.CAB - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
BRANDING.CAB - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
IE4Shell_NT - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
IEACCESS - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
IEUDINIT - {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
MailNews - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
Messenger - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
NetMeeting - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
OEACCESS - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
Theme Component - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
WAB - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
WMPACCESS - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
Internet Explorer toolbars:
[This user]
* ShellBrowser (1) *
andIndirizzo - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
* WebBrowser (2) *
andIndirizzo - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
Coandllegamenti - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll
Internet Explorer buttons/tools (3):
Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
Ricerche - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
Internet Explorer menu extensions:
[This user (3)]
andDownload with andDAP - C:\PROGRA~1\DAP\dapextie.htm
Download andall with DAP - C:\PROGRA~1\DAP\dapextie2.htm
Eandsporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Internet Explorer Bands (9):
Shell Search Band - {21569614-B795-46b1-85F4-E737A8DC09AD} - C:\WINDOWS\system32\browseui.dll
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\system32\ieframe.dll
andSuggerimenti - {4D5C8C25-D075-11d0-B416-00C04FB90376} - C:\WINDOWS\system32\shdocvw.dll
andDiscussione - {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - shdocvw.dll
Barra di Explorer per la ricerca file - {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - C:\WINDOWS\system32\SHELL32.dll
Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
History Band - {EFA24E62-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
andRicerche - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
Downloaded Program Files (1):
Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
URL search hooks:
[This user (1)]
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
Explorer clones:
C:\WINDOWS\explorer.exe
Image File Execution Options (1):
Your Image File Name Here without a path = ntsd -d
ContextMenuHandlers:
[* (10)]
AVG7 Shell Extension = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
Blocco menu Start = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8} = C:\WINDOWS\system32\SHELL32.dll
Cover Designer = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} = C:\Programmi\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
NBShellHook Class = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll
Open With = {09799AFB-AD67-11d1-ABCD-00C04FC30936} = C:\WINDOWS\system32\SHELL32.dll
Open With EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll
Trojan Remover = {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll
WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[Drive (6)]
Estensione copia dischi = {59099400-57FF-11CE-BD94-0020AF85B590} = diskcopy.dll
Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll
Portable Devices Menu = {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} = C:\WINDOWS\system32\wpdshext.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
ShellFolder per la masterizzazione CD = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll
Trojan Remover = {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll
[Folder (5)]
AVG7 Shell Extension = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
NBShellHook Class = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
Trojan Remover = {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll
WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[CompressedFolder (1)]
Compressed (zipped) Folder Context Menu = {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} = C:\WINDOWS\system32\zipfldr.dll
[Directory (5)]
EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll
Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll
Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[Directory\Background (1)]
New = {D969A300-E7FF-11d0-A93B-00A0C90F2719} = C:\WINDOWS\system32\SHELL32.dll
[InternetShortcut (1)]
Internet Shortcut = {FBF23B40-E3F0-101B-8488-00AA003E56F8} = C:\WINDOWS\system32\ieframe.dll
[AllFileSystemObjects (1)]
Send To = {7BA4C740-9E81-11CF-99D3-00AA004AE837} = C:\WINDOWS\system32\SHELL32.dll
ColumnHandlers (4):
(no name) - {0D2E74C4-3C34-11d2-A27E-00C04FC30871} - C:\WINDOWS\system32\SHELL32.dll
(no name) - {24F14F01-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll
(no name) - {24F14F02-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll
(no name) - {66742402-F9B9-11D1-A202-0000F81FEDEE} - C:\WINDOWS\system32\SHELL32.dll
ShellExecuteHooks (1):
Hook per l'esecuzione degli URL = {AEB6717E-7E19-11d0-97EE-00C04FD91972} = shell32.dll
Approved Shell Extensions:
[All users (205)]
%DESC_PublishDropTarget% - {60fd46de-f830-4894-a628-6fa81bc0190d} - C:\WINDOWS\system32\photowiz.dll
andContatti... - {32714800-2E5F-11d0-8B85-00AA0044F941} - C:\Programmi\Outlook Express\wabfind.dll
andIndirizzo - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
andLinks - {F2CF5485-4E02-4f68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll
.CAB file viewer - {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} - cabview.dll
Accessibile - {7e653215-fa25-46bd-a339-34a2790f3cb7} - C:\WINDOWS\system32\browseui.dll
Account utente - {7A9D77BD-5403-11d2-8785-2E0420524153} -
ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - C:\WINDOWS\system32\occache.dll
Address EditBox - {A08C11D2-A228-11d0-825B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
Assistenza utente - {DD313E04-FEFF-11d1-8ECD-0000F87A470C} - C:\WINDOWS\system32\browseui.dll
Audio Media Properties Handler - {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} - C:\WINDOWS\system32\shmedia.dll
Auto Update Property Sheet Extension - {5F327514-6C5E-4d60-8F16-D07FA08A78ED} - C:\WINDOWS\system32\wuaucpl.cpl
Autoplay for SlideShow - {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -
AVG7 Find Extension - {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - C:\Programmi\Grisoft\AVG7\avgse.dll
AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - C:\Programmi\Grisoft\AVG7\avgse.dll
Avi Properties Handler - {87D62D94-71B3-4b9a-9489-5FE6850DC73E} - C:\WINDOWS\system32\shmedia.dll
BandProxy - {F61FFEC1-754F-11d0-80CA-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
Barra degli strumenti Microsoft Internet - {5E6AB780-7743-11CF-A12B-00AA004AE837} - C:\WINDOWS\system32\browseui.dll
Barra delle applicazioni e menu di avvio - {0DF44EAA-FF21-4412-828E-260A8728E7F1} -
Cartella compressa - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - C:\WINDOWS\system32\zipfldr.dll
Cartella file non in linea - {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} - C:\WINDOWS\System32\cscui.dll
Cartelle Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
CDF Extension Copy Hook - {67EA19A0-CCEF-11d0-8024-00C04FD75D13} - C:\WINDOWS\system32\shdocvw.dll
Cerca - {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\WINDOWS\system32\webcheck.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - C:\WINDOWS\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - C:\WINDOWS\system32\zipfldr.dll
ConnectionAgent - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} - C:\WINDOWS\system32\webcheck.dll
Connessioni di rete - {7007ACC7-3202-11D1-AAD2-00805FC1270E} - C:\WINDOWS\system32\NETSHELL.dll
Connessioni di rete - {992CFFA0-F557-101A-88EC-00DD010CCC48} - C:\WINDOWS\system32\NETSHELL.dll
Contenitore dell'elenco di Completamento automatico multiplo Microsoft - {00BB2765-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll
Creazione guidata profilo Passport - {58f1f272-9240-4f51-b6d4-fd63d1618591} - C:\WINDOWS\system32\netplwiz.dll
Darwin App Publisher - {CFCCC7A0-A282-11D1-9082-006008059382} - C:\WINDOWS\system32\appwiz.cpl
DfsShell - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - C:\WINDOWS\system32\dfsshlex.dll
Directory Context Menu Verbs - {62AE1F9A-126A-11D0-A14B-0800361B1103} - C:\WINDOWS\system32\dsuiext.dll
Directory Object Find - {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll
Directory Property UI - {0D45D530-764B-11d0-A1CA-00AA00C16E65} - C:\WINDOWS\system32\dsuiext.dll
Directory Query UI - {8A23E65E-31C2-11d0-891C-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll
Directory Start/Search Find - {F020E586-5264-11d1-A532-0000F8757D7E} - C:\WINDOWS\system32\dsquery.dll
Disk Quota UI - {7988B573-EC89-11cf-9C00-00AA00A14F56} - dskquoui.dll
Display TroubleShoot CPL Extension - {f92e8c40-3d33-11d2-b1aa-080036a75b03} - deskperf.dll
Elenco di Completamento automatico della Cronologia di Microsoft - {00BB2764-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll
Elenco di Completamento automatico di Shell Folder di Microsoft - {03C036F1-A186-11D0-824A-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
Elenco di Completamento automatico MRU - {6756A641-DE71-11d0-831B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
Elenco di Completamento automatico MRU personalizzato - {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} - C:\WINDOWS\system32\browseui.dll
Enumeratore applicazioni installate - {0B124F8F-91F0-11D1-B8B5-006008059382} - C:\WINDOWS\system32\appwiz.cpl
Esegui... - {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
Estensione copia dischi - {59099400-57FF-11CE-BD94-0020AF85B590} - diskcopy.dll
Estensione Crypto PKO - {7444C717-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll
Estensione di icona di HyperTerminal - {88895560-9AA2-1069-930E-00AA0030EBC8} - C:\WINDOWS\system32\hticons.dll
Estensione firma crittografata - {7444C719-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll
Estensione monitor del Pannello di controllo - {42071713-76d4-11d1-8b24-00a0c9068ff3} - deskmon.dll
Estensione panoramica video del Pannello di controllo - {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll
Estensione scheda video del Pannello di controllo - {42071712-76d4-11d1-8b24-00a0c9068ff3} - deskadp.dll
Estensione shell per la stampante Web - {77597368-7b15-11d0-a0c2-080036af3f03} - printui.dll
Estensione shell per Windows Script Host - {60254CA5-953B-11CF-8C96-00AA00B8708C} - C:\WINDOWS\system32\wshext.dll
Estensioni shell per la compressione dei file - {764BF0E1-F219-11ce-972D-00AA00A14F56} -
Estensioni shell per la condivisione - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - ntshrui.dll
Estensioni shell per la condivisione - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - ntshrui.dll
Estensioni shell per oggetti Rete Microsoft Windows - {59be4990-f85c-11ce-aff7-00aa003ca9f6} - ntlanui2.dll
Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
Extensions Manager Folder - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - C:\WINDOWS\system32\extmgr.dll
Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
FTP Folders Webview - {63da6ec0-2e98-11cf-8d82-444553540000} - C:\WINDOWS\system32\msieftp.dll
GDI + programma di estrazione file in anteprima - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - C:\WINDOWS\system32\shimgvw.dll
Gestione applicazioni shell - {352EC2B7-8B9A-11D1-B8AE-006008059382} - C:\WINDOWS\system32\appwiz.cpl
Gestore dati dei ritagli di shell - {56117100-C0CD-101B-81E2-00AA004AE837} - shscrap.dll
Gestore monitor ICM - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - C:\WINDOWS\System32\icmui.dll
Gestore scanner ICM - {176d6597-26d3-11d1-b350-080036a75b03} - icmui.dll
Gestore stampante ICM - {675F097E-4C4D-11D0-B6C1-0800091AA605} - C:\WINDOWS\system32\icmui.dll
Guida in linea e supporto tecnico - {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
Guida in linea e supporto tecnico - {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
History - {FF393560-C2A7-11CF-BFF4-444553540000} - C:\WINDOWS\system32\ieframe.dll
History Band - {EFA24E62-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll
IE AutoComplete - {3028902F-6374-48b2-8DC6-9725E775B926} - C:\WINDOWS\system32\ieframe.dll
IE BandProxy - {73CFD649-CD48-4fd8-A272-2070EA56526B} - C:\WINDOWS\system32\ieframe.dll
IE Custom MRU AutoCompleted List - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} - C:\WINDOWS\system32\ieframe.dll
IE Fade Task - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} - C:\WINDOWS\system32\ieframe.dll
IE IShellFolderBand - {6CF48EF8-44CD-45d2-8832-A16EA016311B} - C:\WINDOWS\system32\ieframe.dll
IE Menu Band - {4B78D326-D922-44f9-AF2A-07805C2A3560} - C:\WINDOWS\system32\ieframe.dll
IE Menu Desk Bar - {205D7A97-F16D-4691-86EF-F3075DCCA57D} - C:\WINDOWS\system32\ieframe.dll
IE Menu Site - {44C76ECD-F7FA-411c-9929-1B77BA77F524} - C:\WINDOWS\system32\ieframe.dll
IE Microsoft BrowserBand - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} - C:\WINDOWS\system32\ieframe.dll
IE Microsoft History AutoComplete List - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} - C:\WINDOWS\system32\ieframe.dll
IE Microsoft Multiple AutoComplete List Container - {B31C5FAE-961F-415b-BAF0-E697A5178B94} - C:\WINDOWS\system32\ieframe.dll
IE Microsoft Shell Folder AutoComplete List - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} - C:\WINDOWS\system32\ieframe.dll
IE MRU AutoComplete List - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} - C:\WINDOWS\system32\ieframe.dll
IE Navigation Bar - {43886CD5-6529-41c4-A707-7B3C92C05E68} - C:\WINDOWS\system32\ieframe.dll
IE Registry Tree Options Utility - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} - C:\WINDOWS\system32\ieframe.dll
IE RSS Feeder Folder - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} - C:\WINDOWS\system32\ieframe.dll
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\system32\ieframe.dll
IE Shell Band Site Menu - {E6EE9AAC-F76B-4947-8260-A9F136138E11} - C:\WINDOWS\system32\ieframe.dll
IE Shell Rebar BandSite - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} - C:\WINDOWS\system32\ieframe.dll
IE Tracking Shell Menu - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} - C:\WINDOWS\system32\ieframe.dll
IE User Assist - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} - C:\WINDOWS\system32\ieframe.dll
Impostazioni cartella globale - {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} - C:\WINDOWS\system32\browseui.dll
Indicatore di avanzamento popup - {acf35015-526e-4230-9596-becbe19f0ac9} - C:\WINDOWS\system32\browseui.dll
Internet - {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
Internet Name Space - {871C5380-42A0-1069-A2EA-08002B30309D} - C:\WINDOWS\system32\ieframe.dll
InternetShortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\WINDOWS\system32\ieframe.dll
ISFBand OC - {131A6951-7F78-11D0-A979-00C04FD705A2} - C:\WINDOWS\system32\shdocvw.dll
Menu di scelta rapida di crittografia - {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} -
Microsoft Agent Character Property Sheet Handler - {143A62C8-C33B-11D1-84FE-00C04FA34A14} - C:\WINDOWS\msagent\agentpsh.dll
Microsoft Browser Architecture - {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} - C:\WINDOWS\system32\shdocvw.dll
Microsoft Browser Architecture - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} - C:\WINDOWS\system32\ieframe.dll
Microsoft BrowserBand - {7BA4C742-9E81-11CF-99D3-00AA004AE837} - C:\WINDOWS\system32\browseui.dll
Microsoft Data Link - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - C:\Programmi\File comuni\System\Ole DB\oledb32.dll
Microsoft DocProp Inplace Calendar Control - {6A205B57-2567-4A2C-B881-F787FAB579A3} - C:\WINDOWS\system32\docprop2.dll
Microsoft DocProp Inplace Droplist Combo Control - {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} - C:\WINDOWS\system32\docprop2.dll
Microsoft DocProp Inplace Edit Box Control - {A9CF0EAE-901A-4739-A481-E35B73E47F6D} - C:\WINDOWS\system32\docprop2.dll
Microsoft DocProp Inplace ML Edit Box Control - {8EE97210-FD1F-4B19-91DA-67914005F020} - C:\WINDOWS\system32\docprop2.dll
Microsoft DocProp Inplace Time Control - {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} - C:\WINDOWS\system32\docprop2.dll
Microsoft DocProp Shell Ext - {883373C3-BF89-11D1-BE35-080036B11A03} - C:\WINDOWS\system32\docprop2.dll
Microsoft Office HTML Icon Handler - {42042206-2D85-11D3-8CFF-005004838597} - C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
Microsoft Office Outlook Custom Icon Handler - {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
Microsoft Office Outlook Desktop Icon Handler - {00020D75-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - C:\WINDOWS\system32\ieframe.dll
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
Midi Properties Handler - {A6FD9E45-6E44-43f9-8644-08598F5A74D9} - C:\WINDOWS\system32\shmedia.dll
MMC Icon Handler - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - C:\WINDOWS\System32\mmcshext.dll
MyDocs Copy Hook - {ECF03A33-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll
MyDocs Drop Target - {ECF03A32-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll
MyDocs Properties - {4a7ded0a-ad25-11d0-98a8-0800361b1103} - C:\WINDOWS\system32\mydocs.dll
NeroCoverEd Live Icons - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - C:\Programmi\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
Offline Files Folder Options - {10CFC467-4392-11d2-8DB4-00C04FA31A66} - C:\WINDOWS\System32\cscui.dll
Offline Files Menu - {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll
Oggetto Pubblicazione guidata sul Web - {6b33163c-76a5-4b6c-bf21-45de9cd503a1} - C:\WINDOWS\system32\netplwiz.dll
Operazioni pianificate - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll
Ordinazione di stampe tramite Web - {add36aa8-751a-4579-a266-d66f5202ccbb} - C:\WINDOWS\system32\netplwiz.dll
Pagina compatibilità - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - SlayerXP.dll
Pagina di proprietà di Docfile OLE - {3EA48300-8CF6-101B-84FB-666CCB9BCD32} - docprop.dll
Pagina di protezione della stampante - {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} - rshx32.dll
Pagina di protezione DS - {4E40F770-369C-11d0-8922-00A024AB2DBB} - dssec.dll
Pagina di protezione NTFS - {1F2E5C40-9550-11CE-99D2-00AA006E086C} - rshx32.dll
Pagina proprietà versioni precedenti - {596AB062-B4D2-4215-9F74-E9109B0A8153} - C:\WINDOWS\system32\twext.dll
PlusPack CPL Extension - {41E300E0-78B6-11ce-849B-444553540000} - C:\WINDOWS\system32\themeui.dll
Portable Devices - {35786D3C-B075-49b9-88DD-029876E11C01} - C:\WINDOWS\system32\wpdshext.dll
Portable Devices Menu - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - C:\WINDOWS\system32\wpdshext.dll
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - C:\WINDOWS\system32\Audiodev.dll
Posta elettronica - {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
PostAgent - {D8BD2030-6FC9-11D0-864F-00AA006809D9} - C:\WINDOWS\system32\webcheck.dll
Profilo ICC - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - C:\WINDOWS\system32\icmui.dll
Programma di estrazione pagine HTML in anteprima - {EAB841A0-9550-11cf-8C16-00805F1408F3} - C:\WINDOWS\system32\shimgvw.dll
Proprietà dei file Multimedia - {00022613-0000-0000-C000-000000000046} - mmsys.cpl
Pubblicazione guidata sul Web - {CC6EEFFB-43F6-46c5-9619-51D571967F7D} - C:\WINDOWS\system32\netplwiz.dll
Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - C:\WINDOWS\system32\remotepg.dll
Ricerca all'interno - {169A0691-8DF9-11d1-A1C4-00C04FD75D13} - C:\WINDOWS\system32\browseui.dll
Ricerca Web - {07798131-AF23-11d1-9111-00A0C98BA67D} - C:\WINDOWS\system32\browseui.dll
Scanner e fotocamere digitali - {3F953603-1008-4f6e-A73A-04AAC7A992F1} - wiashext.dll
Scanner e fotocamere digitali - {83bbcbf3-b28a-4919-a5aa-73027445d672} - wiashext.dll
Scanner e fotocamere digitali - {905667aa-acd6-11d2-8080-00805f6596d2} - wiashext.dll
Scanner e fotocamere digitali - {E211B736-43FD-11D1-9EFB-0000F8757FCD} - wiashext.dll
Scanner e fotocamere digitali - {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} - wiashext.dll
Schermata iniziale applicazioni Internet Explorer 4 - {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\shdocvw.dll
Search Assistant OC - {9461b922-3c5a-11d2-bf8b-00c04fb93661} - C:\WINDOWS\system32\shdocvw.dll
Sendmail service - {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\system32\sendmail.dll
Sendmail service - {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\system32\sendmail.dll
Set Program Access and Defaults - {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll
Shell Automation Inproc Service - {0A89A860-D7B1-11CE-8350-444553540000} - C:\WINDOWS\system32\shdocvw.dll
Shell Band Site Menu - {ECD4FC4E-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
Shell DeskBar - {ECD4FC4C-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
Shell DeskBarApp - {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} - C:\WINDOWS\system32\browseui.dll
Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - C:\WINDOWS\system32\ieframe.dll
Shell Folder 2 accresciuto - {6413BA2C-B461-11d1-A18A-080036B11A03} - C:\WINDOWS\system32\browseui.dll
Shell Folder accresciuto - {91EA3F8B-C99B-11d0-9815-00C04FD91972} - C:\WINDOWS\system32\browseui.dll
Shell Image Data Factory - {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} - C:\WINDOWS\system32\shimgvw.dll
Shell Image Property Handler - {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} - C:\WINDOWS\system32\shimgvw.dll
Shell Image Verbs - {e84fda7c-1d6a-45f6-b725-cb260c236066} - C:\WINDOWS\system32\shimgvw.dll
Shell Microsoft AutoComplete - {00BB2763-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll
Shell properties for a DS object - {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} - C:\WINDOWS\system32\dsquery.dll
Shell Rebar BandSite - {ECD4FC4D-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
Shell Search Band - {21569614-B795-46b1-85F4-E737A8DC09AD} - C:\WINDOWS\system32\browseui.dll
Sincronia file - {85BBD920-42A0-1069-A2E4-08002B30309D} - syncui.dll
Stato del download - {22BF0C20-6DA7-11D0-B373-00A0C9034938} - C:\WINDOWS\system32\browseui.dll
Strumenti di amministrazione - {D20EA4E1-3957-11d2-A40B-0C5020524153} - C:\WINDOWS\system32\shdocvw.dll
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\WINDOWS\system32\webcheck.dll
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\WINDOWS\system32\webcheck.dll
Summary Info Thumbnail handler (DOCFILES) - {9DBD2C50-62AD-11d0-B806-00C04FD706EC} - C:\WINDOWS\system32\shimgvw.dll
Tasks Folder Icon Handler - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll
Tasks Folder Shell Extension - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll
Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\ieframe.dll
Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\ieframe.dll
The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - C:\WINDOWS\system32\ieframe.dll
Tipi di carattere - {BD84B380-8CA2-1069-AB1D-08000948F534} - fontext.dll
Tipi di carattere - {D20EA4E1-3957-11d2-A40B-0C5020524152} - C:\WINDOWS\system32\shdocvw.dll
TrayAgent - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} - C:\WINDOWS\system32\webcheck.dll
TridentImageExtractor - {7376D660-C583-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\browseui.dll
Trojan Remover Shell Extension - {52B87208-9CCF-42C9-B88E-069281105805} - C:\PROGRA~1\TROJAN~1\Trshlex.dll
Utilità opzioni della struttura del Registro di sistema - {AF4F6510-F982-11d0-8595-00AA004CD6D8} - C:\WINDOWS\system32\browseui.dll
Versioni precedenti - {9DB7A13C-F208-4981-8353-73CC61AE2783} - C:\WINDOWS\system32\twext.dll
Video Media Properties Handler - {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} - C:\WINDOWS\system32\shmedia.dll
Video Thumbnail Extractor - {c5a40261-cd64-4ccf-84cb-c394da41d590} - C:\WINDOWS\system32\shmedia.dll
Wav Properties Handler - {E4B29F9D-D390-480b-92FD-7DDB47101D71} - C:\WINDOWS\system32\shmedia.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\WINDOWS\system32\webcheck.dll
WebCheckChannelAgent - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} - C:\WINDOWS\system32\webcheck.dll
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
Windows Media Player Add to Playlist Context Menu Handler - {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} - C:\WINDOWS\system32\wmpshell.dll
Windows Media Player Burn Audio CD Context Menu Handler - {8DD448E6-C188-4aed-AF92-44956194EB1F} - C:\WINDOWS\system32\wmpshell.dll
Windows Media Player Play as Playlist Context Menu Handler - {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} - C:\WINDOWS\system32\wmpshell.dll
WinRAR shell extension - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Programmi\WinRAR\rarext.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[This user (1)]
Cartelle Web - {BDEADF00-C265-11d0-BCED-00A0C90AB50F} - C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Registry 'Run' keys:
[User Run]
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
[System Run]
ATIModeChange = Ati2mdxx.exe
ATIPTA = C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
AVG7_CC = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
LanguageShortcut = C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
MimBoot = C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
NeroFilterCheck = C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
PCTVOICE = pctspk.exe
RemoteControl = C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
SynTPEnh = C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
SynTPLpr = C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
TrojanScanner = C:\Programmi\Trojan Remover\Trjscan.exe
Protocols:
[Pluggable MIME filters (6)]
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} = C:\WINDOWS\system32\urlmon.dll
deflate = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll
gzip = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll
lzdhtml = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll
text/webviewhtml = {733AC4CB-F1A4-11d0-B951-00A0C90312E1} = C:\WINDOWS\system32\SHELL32.dll
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
[Protocol handlers (23)]
about = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\system32\mshtml.dll
cdl = {3dd53d40-7b8b-11D0-b013-00aa0059ce02} = C:\WINDOWS\system32\urlmon.dll
dvd = {12D51199-0DB5-46FE-A120-47A3D7D937CC} = C:\WINDOWS\system32\msvidctl.dll
file = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
ftp = {79eac9e3-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
gopher = {79eac9e4-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
http = {79eac9e2-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
https = {79eac9e5-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\system32\itss.dll
javascript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\system32\mshtml.dll
local = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
mailto = {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\system32\mshtml.dll
mhtml = {05300401-BCBC-11d0-85E3-00C04FD85AB4} = C:\WINDOWS\system32\inetcomm.dll
mk = {79eac9e6-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll
ms-its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\system32\itss.dll
ms-itss = {0A9007C0-4076-11D3-8789-0000F8105754} = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap = {3D9F03FA-7A94-11D3-BE81-0050048385D1} = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11 = {32505114-5902-49B2-880A-1F7738E5A384} = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
res = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\system32\mshtml.dll
sysimage = {76E67A63-06E9-11D2-A840-006008059382} = C:\WINDOWS\system32\mshtml.dll
tv = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} = C:\WINDOWS\system32\msvidctl.dll
vbscript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\system32\mshtml.dll
wia = {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} = C:\WINDOWS\system32\wiascr.dll
WOW compatibility:
cmdline = C:\WINDOWS\system32\ntvdm.exe
wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386
[KnownDlls (16-bit) (40)]
avicap.dll
avifile.dll
comm.drv
commdlg.dll
compobj.dll
ctl3dv2.dll
ddeml.dll
keyboard.drv
lanman.drv
mapi.dll
mciavi.drv
mciseq.drv
mciwave.drv
mmsystem.dll
mouse.drv
msacm.dll
msvideo.dll
netapi.dll
ole2.dll
ole2disp.dll
ole2nls.dll
olecli.dll
olesvr.dll
pmspl.dll
progman.exe
rasapi16.dll
shell.dll
sound.drv
storage.dll
system.drv
timer.drv
toolhelp.dll
typelib.dll
vga.drv
wfwnet.drv
win87em.dll
winoldap.mod
winsock.dll
winspool.exe
wowdeb.exe
[KnownDlls (32-bit) (20)]
advapi32.dll
comdlg32.dll
gdi32.dll
imagehlp.dll
kernel32.dll
lz32.dll
ole32.dll
oleaut32.dll
olecli32.dll
olecnv32.dll
olesvr32.dll
olethk32.dll
rpcrt4.dll
shell32.dll
url.dll
urlmon.dll
user32.dll
version.dll
wininet.dll
wldap32.dll
ShellServiceObjectDelayLoad:
[All users (5)]
CDBurn = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll
PostBootReminder = {7849596a-48ea-486e-8937-a2a3009f31a9} = C:\WINDOWS\system32\SHELL32.dll
SysTray = {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll
WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\system32\webcheck.dll
WPDShServiceObj = {AAA288BA-9A4C-45B0-95D7-94D524869DB5} = C:\WINDOWS\system32\WPDShServiceObj.dll
SharedTaskScheduler (2):
Daemon di cache delle categorie di componenti = {8C7461EF-2B13-11d2-BE35-3078302C2030} = C:\WINDOWS\system32\browseui.dll
Precaricatore Browseui = {438755C2-A8BA-11D1-B96B-00A0C90312E1} = C:\WINDOWS\system32\browseui.dll
Winsock LSP:
[Protocols (17)]
MSAFD Irda [IrDA] - {3972523D-2AF1-11D1-B655-00805F3642CC} - C:\WINDOWS\system32\mswsock.dll
MSAFD Tcpip [TCP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD Tcpip [UDP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
RSVP UDP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll
RSVP TCP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0A84144C-F58F-4002-A1A7-199448F88775}] SEQPACKET 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0A84144C-F58F-4002-A1A7-199448F88775}] DATAGRAM 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{39EEC3C1-7485-4392-8C96-35BA0FA92F0F}] SEQPACKET 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{39EEC3C1-7485-4392-8C96-35BA0FA92F0F}] DATAGRAM 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7D3D5F5B-DEA5-4E41-A902-0D9B1AB2C206}] SEQPACKET 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7D3D5F5B-DEA5-4E41-A902-0D9B1AB2C206}] DATAGRAM 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6974A2C7-3691-4ECB-8ABF-E22B15DD93AB}] SEQPACKET 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6974A2C7-3691-4ECB-8ABF-E22B15DD93AB}] DATAGRAM 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{25CDA3A8-E4E2-409F-89F5-E9AB15BF6A5A}] SEQPACKET 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{25CDA3A8-E4E2-409F-89F5-E9AB15BF6A5A}] DATAGRAM 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1D6F2866-6588-4CFA-AAAC-E0C85E928968}] SEQPACKET 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1D6F2866-6588-4CFA-AAAC-E0C85E928968}] DATAGRAM 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll
[Namespace Providers (3)]
Tcpip - {22059D40-7E9E-11CF-AE5A-00AA00A7112B} - C:\WINDOWS\System32\mswsock.dll
NTDS - {3B2637EE-E580-11CF-A555-00C04FD8D4AC} - C:\WINDOWS\System32\winrnr.dll
Spazio dei nomi NLA (Network Location Awareness) - {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} - C:\WINDOWS\System32\mswsock.dll
Hijack points:
[Reset web settings URLs]
SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
START_PAGE_URL =
http://www.microsoft.com/isapi/redir.dll?prd=ieandpver=6andar=msnhomeMS_START_PAGE_URL =
http://www.microsoft.com/isapi/redir.dll?prd=ieandpver=6andar=msnhomeSEARCH_PAGE_URL =
http://www.microsoft.com/isapi/redir.dll?prd=ieandar=iesearch[Internet Explorer URLs]
* This user *
- Internet Explorer\Main (3)
Local Page = C:\WINDOWS\system32\blank.htm
Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ieandar=iesearchStart Page =
http://www.google.it/- Internet Explorer\Desktop\General (2)
BackupWallpaper = %USERPROFILE%\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
Wallpaper = %USERPROFILE%\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
* All users *
- Internet Explorer\Main (6)
Default_Page_Url =
http://go.microsoft.com/fwlink/?LinkId=69157Default_Search_Url =
http://go.microsoft.com/fwlink/?LinkId=54896Local Page = %SystemRoot%\system32\blank.htm
Search Bar =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157- Internet Explorer\Search (2)
CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
- Internet Explorer\AboutURLs (6)
blank = res://mshtml.dll/blank.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
PostNotCached = res://ieframe.dll/repost.htm
[Default URL prefixes]
default = http://
ftp = ftp://
gopher = gopher://
home = http://
mosaic = http://
www = http://
[Hosts file location]
DatabasePath = C:\WINDOWS\System32\drivers\etc\hosts
Protection and disabled items:
[ActiveX killbits (196)]
andIndirizzo - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll
(no name) - {53C74826-AB99-4D33-ACA4-3117F51D3788} - C:\WINDOWS\system32\SHELL32.dll
(no name) - {98cb4060-d3e7-42a1-8d65-949d34ebfe14} - C:\Programmi\Microsoft Office\OFFICE11\SOA.DLL
(no name) - {b4b3aecb-dfd6-11d1-9daa-00805f85cfe3} - C:\WINDOWS\system32\CLBCatQ.DLL
(no name) - {e846f0a0-d367-11d1-8286-00a0c9231c29} - C:\WINDOWS\system32\clbcatex.dll
(no name) - {f5078f26-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
(no name) - {FEF10FA2-355E-4E06-9381-9B24D7F7CC88} - C:\WINDOWS\system32\SHELL32.dll
9x8Resize - {BC0D69A8-0923-4EEE-9375-9239F5A38B92} - C:\Programmi\Movie Maker\wmm2filt.dll
ACM Class Manager - {33d9a761-90c8-11d0-bd43-00a0c911ce86} - C:\WINDOWS\system32\devenum.dll
ActiveMovie Filter Class Manager - {083863F1-70DE-11d0-BD40-00A0C911CE86} - C:\WINDOWS\system32\devenum.dll
ADODB.Stream - {00000566-0000-0010-8000-00AA006D2EA4} - C:\Programmi\File comuni\System\ado\msado15.dll
AEPlugIn Class - {E8C31D11-6FD2-4659-AD75-155FA143F42B} - C:\PROGRA~1\MOVIEM~1\wmm2ae.dll
Allocator Fix - {C0D076C5-E4C6-4561-8BF4-80DA8DB819D7} - C:\Programmi\Movie Maker\wmm2filt.dll
Architettura Common Browser di Microsoft - {AF604EFE-8897-11D1-B944-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
AsyncMHandler Class - {3da2aa3e-3d96-11d2-9bd2-204c4f4f5020} - C:\WINDOWS\system32\msdxm.ocx
Barra della lingua - {540d8a8b-1c3f-4e32-8132-530f6a502090} - C:\WINDOWS\system32\msutb.dll
Bitmap - {4F3E50BD-A9D7-4721-B0E1-00CB42A0A747} - C:\Programmi\Movie Maker\wmm2filt.dll
BlnSetUser Proxy - {261F6572-578B-40A7-B72E-61B7261D9F0C} - C:\Programmi\Microsoft Office\OFFICE11\BLNMGR.DLL
BlnUser Proxy - {E56CCB42-598C-462D-9AD8-4FD5B4498C5D} - C:\Programmi\Microsoft Office\OFFICE11\BLNMGR.DLL
CEnroll Class - {43F8F289-7A20-11D0-8F06-00C04FC295E1} - C:\WINDOWS\system32\xenroll.dll
cfw Class - {ecabafc0-7f19-11d2-978e-0000f8757e2a} - C:\WINDOWS\system32\comsvcs.dll
CLicenseAgent Class - {acadf079-cbcd-4032-83f2-fa47c4db096f} - C:\WINDOWS\system32\licdll.dll
CLSID_ApprenticeICW - {8ee42293-c315-11d0-8d6f-00a0c9a06e1f} - C:\WINDOWS\system32\inetcfg.dll
CLSID_CCommAcctImport - {1aa06ba1-0e88-11d1-8391-00c04fbd7c09} - C:\WINDOWS\system32\msoeacct.dll
CLSID_CDIDeviceActionConfigPage - {18ab439e-fcf4-40d4-90da-f79baa3b0655} - C:\WINDOWS\system32\diactfrm.dll
CLSID_OENote - {cae80521-f685-11d1-af32-00c04fa31b90} - %ProgramFiles%\Outlook Express\msoe.dll
Codec installabili Microsoft NetMeeting - {8ed14cc0-7a1f-11d0-92f6-00a0c922e6b2} - "C:\Programmi\NetMeeting\nac.dll"
Collegamento - {00021401-0000-0000-c000-000000000046} - shell32.dll
CommunicationManager - {67dcc487-aa48-11d1-8f4f-00c04fb611c7} - C:\WINDOWS\system32\msdtctm.dll
Connessioni di rete - {7007acc7-3202-11d1-aad2-00805fc1270e} - C:\WINDOWS\system32\NETSHELL.dll
Connessioni di rete - {992cffa0-f557-101a-88ec-00dd010ccc48} - C:\WINDOWS\system32\NETSHELL.dll
Controllo HTML Inline Sound - {8422DAE3-9929-11CF-B8D3-004033373DA8} - C:\Programmi\Microsoft Office\OFFICE11\HTML\HTMLMM.OCX
Controllo Snapshot Viewer 11.0 - {F0E42D60-368C-11D0-AD81-00A0C90DC8D9} - C:\Programmi\File comuni\Microsoft Shared\Snapshot Viewer\SNAPVIEW.OCX
Controllo Testo scorrevole - {250770f3-6af2-11cf-a915-008029e31fcd} - C:\Programmi\Microsoft Office\OFFICE11\HTML\HTMLMARQ.OCX
DirectControl Class - {39a2c2a6-4778-11d2-9bdb-204c4f4f5020} - C:\WINDOWS\system32\msdxm.ocx
DirectMusic Script AutoImp Performance - {a861c6e2-fcfc-11d2-8bc9-00600893b1b6} - C:\WINDOWS\system32\dmscript.dll
DirectX Transform Wrapper Property Page - {1B544C24-FD0B-11CE-8C63-00AA0044B520} - C:\Programmi\Movie Maker\wmm2filt.dll
DiskManagement.Connection - {fd78d554-4c6e-11d0-970d-00a0c9191601} - C:\WINDOWS\System32\dmdskmgr.dll
Dutch_Dutch Stemmer - {860d28d0-8bf4-11ce-be59-00aa0051fe20} - infosoft.dll
E-Ink - {13de4a42-8d21-4c8e-bf9c-8f69cb068fca} - C:\Programmi\File comuni\Microsoft Shared\INK\INKOBJ.DLL
Elemento Richiamo messaggio di Outlook - {00061068-0000-0000-c000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\RECALL.DLL
English_UK Stemmer - {d99f7670-7f1a-11ce-be57-00aa0051fe20} - infosoft.dll
English_US Stemmer - {eeed4c20-7f1b-11ce-be57-00aa0051fe20} - infosoft.dll
Estensioni shell per la condivisione - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - ntshrui.dll
FoxOLEDB 1.0 Object - {3ff292b6-b204-11cf-8d23-00aa005ffe58} - C:\Programmi\File comuni\System\msadc\msadce.dll
FoxOLEDB 1.0 Object - {58ecee30-e715-11cf-b0e3-00aa003f000f} - C:\Programmi\File comuni\System\msadc\msadce.dll
Frame Eater - {6C68955E-F965-4249-8E18-F0977B1D2899} - C:\Programmi\Movie Maker\wmm2filt.dll
Free Threaded XML DOM Document 2.6 - {f5078f1c-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
French_French Stemmer - {2a6eb050-7f1c-11ce-be57-00aa0051fe20} - infosoft.dll
FTP Folder Web View Automation - {210DA8A2-7445-11D1-91F7-006097DF5BD4} - C:\WINDOWS\system32\msieftp.dll
German_German Stemmer - {510a4910-7f1c-11ce-be57-00aa0051fe20} - infosoft.dll
H323MSP Class - {0F1BE7F8-45CA-11D2-831F-00A0244D2298} - C:\WINDOWS\system32\h323msp.dll
HHCtrl Object - {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} - C:\WINDOWS\system32\hhctrl.ocx
HHCtrl Object - {ADB880A6-D8FF-11CF-9377-00AA003B7A11} - C:\WINDOWS\system32\hhctrl.ocx
HTML Inline Movie Control - {8422dae7-9929-11cf-b8d3-004033373da8} - C:\Programmi\Microsoft Office\OFFICE11\HTML\HTMLMM.OCX
IAVIStream and IAVIFile Proxy - {0002000D-0000-0000-C000-000000000046} - avifil32.dll
ICM Class Manager - {33d9a760-90c8-11d0-bd43-00a0c911ce86} - C:\WINDOWS\system32\devenum.dll
IndexServer Simple Command Creator - {c7b6c04a-cbb5-11d0-bb4c-00c04fc2f410} - C:\WINDOWS\system32\query.dll
InstallEngineCtl Object - {6E449683-C509-11CF-AAFA-00AA00B6015C} - C:\WINDOWS\system32\asctrls.ocx
Internet Location Services Object - {a4ad47c0-20ea-11d0-8796-444553540000} - C:\WINDOWS\system32\ils.dll
IPConfMSP Class - {0F1BE7F7-45CA-11D2-831F-00A0244D2298} - C:\WINDOWS\system32\confmsp.dll
Italian_Italian Stemmer - {6d36ce10-7f1c-11ce-be57-00aa0051fe20} - infosoft.dll
LexRefBilingualTextContext Class - {75C11604-5C51-48B2-B786-DF5E51D10EC9} - C:\Programmi\File comuni\Microsoft Shared\TRANSLAT\ITEN\MSB1ITEN.DLL
LexRefStFrObject Class - {B3E0E785-BD78-4366-9560-B7DABE2723BE} - C:\Programmi\File comuni\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL
LexRefStGeObject Class - {208DD6A3-E12B-4755-9607-2E39EF84CFC5} - C:\Programmi\File comuni\Microsoft Shared\TRANSLAT\GEEN\MSB1GEEN.DLL
Libreria di Microsoft Schedule+ 7.0 - {800dd100-db43-11ce-914e-00a004000162} - C:\Programmi\Microsoft Office\OFFICE11\1040\MSSPC32.DLL
MarshalableTI Class - {466d66fa-9616-11d2-9342-0000f875ae17} - C:\WINDOWS\system32\msconf.dll
Media Streaming Dynamic Terminal - {AED6483F-3304-11D2-86F1-006008B0E5D2} - C:\WINDOWS\system32\termmgr.dll
Menu Avvio - {4622ad11-ff23-11d0-8d34-00a0c90f2719} - C:\WINDOWS\system32\SHELL32.dll
MessageMover Class - {ecabb0bf-7f19-11d2-978e-0000f8757e2a} - C:\WINDOWS\system32\comsvcs.dll
Microsoft Active Setup Engine - {6e449686-c509-11cf-aafa-00aa00b6015c} - C:\WINDOWS\system32\inseng.dll
Microsoft Agent Control 1.5 - {F5BE8BD2-7DE6-11D0-91FE-00C04FD701A5} - C:\WINDOWS\msagent\agentctl.dll
Microsoft DDS Form 2.0 - {e205bece-692d-11d2-8d1c-006008319779} - C:\Programmi\File comuni\Microsoft Shared\MSDesigners7\MSDDSF.DLL
Microsoft DDS Generic Class - {4faab301-cef6-477c-9f58-f601039e9b78} - C:\Programmi\File comuni\Microsoft Shared\MSDesigners7\MSDDS.DLL
Microsoft DDS Library Shape Control - {ec444cb6-3e7e-4865-b1c3-0de72ef39b3f} - C:\Programmi\File comuni\Microsoft Shared\MSDesigners7\MSDDS.DLL
Microsoft DDS Picture Shape Control - {6cbe0382-a879-4d2a-8ec3-1f2a43611ba8} - C:\Programmi\File comuni\Microsoft Shared\MSDesigners7\MSDDS.DLL
Microsoft DocHost User Interface Handler - {7057e952-bd1b-11d1-8919-00c04fc2c836} - C:\WINDOWS\system32\ieframe.dll
Microsoft Forms 2.0 HTML Hidden - {5512d11c-5cc6-11cf-8d67-00aa00bdce1d} - C:\WINDOWS\system32\FM20.DLL
Microsoft Forms 2.0 HTML Password - {5512d11e-5cc6-11cf-8d67-00aa00bdce1d} - C:\WINDOWS\system32\FM20.DLL
Microsoft Forms 2.0 HTML SELECT - {5512d122-5cc6-11cf-8d67-00aa00bdce1d} - C:\WINDOWS\system32\FM20.DLL
Microsoft Forms 2.0 HTML TEXT - {5512d11a-5cc6-11cf-8d67-00aa00bdce1d} - C:\WINDOWS\system32\FM20.DLL
Microsoft Forms 2.0 HTML TextAREA - {5512d124-5cc6-11cf-8d67-00aa00bdce1d} - C:\WINDOWS\system32\FM20.DLL
Microsoft HTA Document 6.0 - {3050F5C8-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
Microsoft Html Document for Popup Window - {3050F67D-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
Microsoft Html Popup Window - {3050f667-98b5-11cf-bb82-00aa00bdce0b} - C:\WINDOWS\system32\mshtml.dll
Microsoft HTML Window Security Proxy - {3050F391-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
Microsoft Index Server Catalog Administration Object - {3bc4f3a3-652a-11d1-b4d4-00c04fc2db8d} - C:\WINDOWS\system32\ciodm.dll
Microsoft Index Server Scope Administration Object - {3bc4f3a7-652a-11d1-b4d4-00c04fc2db8d} - C:\WINDOWS\system32\ciodm.dll
Microsoft Movie Maker Age Filter - {ADEADEB8-E54B-11D1-9A72-0000F875EADE} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
Microsoft MovieMaker Fade In Fade Out - {EC85D8F1-1C4E-46E4-A748-7AA04E7C0496} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
Microsoft MPEG-4 Video Decompressor Property page - {598eba02-b49a-11d2-a1c1-00609778ea66} - C:\WINDOWS\system32\mpg4ds32.ax
Microsoft MS Audio Decompressor Control Property page - {8FE7E181-BB96-11D2-A1CB-00609778EA66} - C:\WINDOWS\system32\msadds32.ax
Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
Microsoft Office Free/Busy Registration - {f28d867a-ddb1-11d3-b8e8-00a0c981aeeb} - C:\PROGRA~1\MICROS~2\OFFICE11\MSOSVFBR.DLL
Microsoft Office List 11.0 - {65bcbee4-7728-41a0-97be-14e1cae36aae} - C:\Programmi\Microsoft Office\OFFICE11\STSLIST.DLL
Microsoft Visual Database Tools Database Designer V7.0 - {03cb9467-fd9d-42a8-82f9-8615b4223e6e} - C:\Programmi\File comuni\Microsoft Shared\Visual Database Tools\VDT70.DLL
Microsoft Visual Database Tools Query Designer V7.0 - {2c10a98f-d64f-43b4-bed6-dd0e1bf2074c} - C:\Programmi\File comuni\Microsoft Shared\Visual Database Tools\VDT70.DLL
Microsoft WBEM Event Subsystem - {5d08b586-343a-11d0-ad46-00c04fd8fdff} - C:\WINDOWS\system32\wbem\wbemess.dll
MidiOut Class Manager - {4efe2452-168a-11d1-bc76-00c04fb9453b} - C:\WINDOWS\system32\devenum.dll
MMStream Class - {49C47CE5-9BA4-11D0-8212-00C04FC32C45} - C:\WINDOWS\system32\amstream.dll
Movie Maker Special Effect 1 Input - {B4DC8DD9-2CC1-4081-9B2B-20D7030234EF} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
Movie Maker Special Effect 2 Inputs - {C63344D8-70D3-4032-9B32-7A3CAD5091A5} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
Movie Maker Special Effect Inplace 1 Input - {353359C1-39E1-491B-9951-464FD8AB071C} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
Movie Maker Video Adjustments - {5A20FD6F-F8FE-4A22-9EE7-307D72D09E6E} - C:\PROGRA~1\MOVIEM~1\wmm2fxa.dll
MSP Class - {4DDB6D36-3BC1-11D2-86F2-006008B0E5D2} - C:\WINDOWS\system32\wavemsp.dll
MSVDTDDGridCtrl7 Object - {6f9f3481-84dd-4b14-b09c-6b4288eccde8} - C:\Programmi\File comuni\Microsoft Shared\Visual Database Tools\VDT70.DLL
MTSEvents Class - {ecabb0ab-7f19-11d2-978e-0000f8757e2a} - C:\WINDOWS\system32\comsvcs.dll
NDFXArtEffects - {E673DCF2-C316-4C6F-AA96-4E4DC6DC291E} - C:\PROGRA~1\MOVIEM~1\wmm2fxb.dll
Network Connections Tray - {7007accf-3202-11d1-aad2-00805fc1270e} - C:\WINDOWS\system32\NETSHELL.dll
Oggetto PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll
Outlook Express Address Book - {233A9694-667E-11D1-9DFB-006097D50408} - %ProgramFiles%\Outlook Express\msoe.dll
Outlook Progress Ctl - {0006F071-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\OUTLLIB.DLL
Proprietà dei file Multimedia - {00022613-0000-0000-c000-000000000046} - mmsys.cpl
PSDispatch - {00020420-0000-0000-c000-000000000046} - oleaut32.dll
PSEnumVariant - {00020421-0000-0000-C000-000000000046} - oleaut32.dll
PSOAInterface - {00020424-0000-0000-c000-000000000046} - oleaut32.dll
PSSupportErrorInfo - {DF0B3D60-548F-101B-8E65-08002B2BD119} - oleaut32.dll
PSTypeComp - {00020425-0000-0000-C000-000000000046} - oleaut32.dll
PSTypeInfo - {00020422-0000-0000-C000-000000000046} - oleaut32.dll
PSTypeLib - {00020423-0000-0000-C000-000000000046} - oleaut32.dll
RadioServer Class - {8e71888a-423f-11d2-876e-00a0c9082467} - C:\WINDOWS\system32\msdxm.ocx
Record Queue - {5B4B05EB-1F63-446B-AAD1-E10A34D650E0} - C:\Programmi\Movie Maker\wmm2filt.dll
Redirect - {42B07B28-2280-4937-B035-0293FB812781} - C:\WINDOWS\system32\dxtmsft.dll
Registratore componenti in coda - {ecabafc2-7f19-11d2-978e-0000f8757e2a} - C:\WINDOWS\system32\comsvcs.dll
RegWizCtrl - {50E5E3D1-C07E-11D0-B9FD-00A0249F6B00} - C:\WINDOWS\system32\regwizc.dll
SafeWia Class - {0DAD5531-BF31-43AC-A513-1F8926BBF5EC} - C:\WINDOWS\system32\wiascr.dll
SCPTRANS Class - {5c140836-43de-11d3-847d-00c04f79dbc0} - C:\WINDOWS\system32\msscp.dll
Script Encoder Object - {32DA2B15-CFED-11D1-B747-00C04FC2B085} - C:\WINDOWS\system32\scrrun.dll
SdpConferenceBlob Class - {9B2719DD-B696-11D0-A489-00C04FD91AC0} - C:\WINDOWS\system32\sdpblb.dll
Search Assistant Control - {47c6c527-6204-4f91-849d-66e234dee015} - c:\windows\srchasst\srchui.dll
ShedListDSO Class - {b8e622fc-d912-4c4d-b0f9-616aa3b44eed} - C:\Programmi\Microsoft Office\OFFICE11\STSLIST.DLL
ShellFolder per la masterizzazione CD - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll
ShotDetect - {CFFB1FC7-270D-4986-B299-FECF3F0E42DB} - C:\Programmi\Movie Maker\wmm2filt.dll
Sincronia file - {85bbd920-42a0-1069-a2e4-08002b30309d} - syncui.dll
Sky Software FileView ActiveX Control 6.1 - {A09AE68F-B14D-43ED-B713-BA413F034904} - C:\PROGRA~1\WINZIP\wzfilvw.ocx
Sky Software FolderView ActiveX Control 6.1 - {F3834A2B-19CF-4A90-BE1D-ECC410D9DA09} - C:\PROGRA~1\WINZIP\wzfldvw.ocx
Spanish_Modern Stemmer - {b0516ff0-7f1c-11ce-be57-00aa0051fe20} - infosoft.dll
Stetch - {F44BB2D0-F070-463E-9433-B0CCF3CFD627} - C:\Programmi\Movie Maker\wmm2filt.dll
Swedish_Default Stemmer - {9478f640-7f1c-11ce-be57-00aa0051fe20} - infosoft.dll
System Monitor Source Properties - {0CF32AA1-7571-11D0-93C4-00AA00A3DDEA} - C:\WINDOWS\system32\sysmon.ocx
SysTray - {35cec8a3-2be6-11d2-8773-92e220524153} - C:\WINDOWS\system32\stobject.dll
SysTrayInvoker - {730f6cdc-2c86-11d2-8773-92e220524153} - C:\WINDOWS\system32\stobject.dll
TipConnectionMgr - {64fd16f3-b7a5-11d1-8f93-00600895e7d5} - C:\WINDOWS\system32\msdtctm.dll
TipGW Init - {F117831B-C052-11d1-B1C0-00C04FC2F3EF} - C:\WINDOWS\system32\msdtctm.dll
Trident HTMLEditor - {3050f4f5-98b5-11cf-bb82-00aa00bdce0b} - C:\WINDOWS\system32\mshtmled.dll
VFW Capture Class Manager - {860bb310-5d01-11d0-bd3b-00a0c911ce86} - C:\WINDOWS\system32\devenum.dll
Video Effect (1 input) Class Manager - {cc7bfb42-f175-11d1-a392-00e0291f3959} - C:\WINDOWS\system32\qedit.dll
Video Effect (2 input) Class Manager - {cc7bfb43-f175-11d1-a392-00e0291f3959} - C:\WINDOWS\system32\qedit.dll
Video Mixing Renderer 9 - {51b4abf3-748f-4e3b-a276-c828330e926a} - C:\WINDOWS\system32\quartz.dll
Video Render Dynamic Terminal - {AED6483E-3304-11D2-86F1-006008B0E5D2} - C:\WINDOWS\system32\termmgr.dll
VideoPort Object - {ce292861-fc88-11d0-9e69-00c04fd7c15b} - C:\WINDOWS\system32\qdvd.dll
VMR Allocator Presenter 9 - {2d2e24cb-0cd5-458f-86ea-3e6fa22c8e64} - C:\WINDOWS\system32\quartz.dll
VMR ImageSync 9 - {e4979309-7a32-495e-8a92-7b014aad4961} - C:\WINDOWS\system32\quartz.dll
VMR Mixer 9 - {a8dfb9a0-8a20-479f-b538-9387c5eeba2b} - C:\WINDOWS\system32\quartz.dll
WaveIn Class Manager - {33D9A762-90C8-11d0-BD43-00A0C911CE86} - C:\WINDOWS\system32\devenum.dll
WaveOut and DSound Class Manager - {e0f158e1-cb04-11d0-bd4e-00a0c911ce86} - C:\WINDOWS\system32\devenum.dll
Wbem Scripting Object Path - {172BDDF8-CEEA-11D1-8B05-00600806D9B6} - C:\WINDOWS\system32\wbem\wbemdisp.dll
WBEM WIN32_COMPUTERSYSTEMWINDOWSPRODUCTACTIVATIONSETTING Provider - {a2b6d807-ee1e-40f6-bdf4-b4d6f552783e} - C:\WINDOWS\system32\licwmi.dll
WBEM WIN32_PROXY Provider - {af134d0a-6706-4acd-ba76-d0a852474c99} - C:\WINDOWS\system32\licwmi.dll
WBEM WIN32_WINDOWSPRODUCTACTIVATION Provider - {ea231b91-099e-4d02-9ee7-73976d6a085f} - C:\WINDOWS\system32\licwmi.dll
WDM Instance Provider - {d2d588b5-d081-11d0-99e0-00c04fc2f8ec} - C:\WINDOWS\system32\wbem\wmiprov.dll
WIA FileSystem USD - {d2923b86-15f1-46ff-a19a-de825f919576} - C:\WINDOWS\system32\fsusd.dll
WIA Video Preview Class - {457A23DF-6F2A-4684-91D0-317FB768D87C} - C:\WINDOWS\system32\camocx.dll
Windows Media Video Decompressor Property page - {9AADA567-04E0-11D4-9148-00C04F610D24} - C:\WINDOWS\system32\wmv8ds32.ax
WM Color Converter Filter - {CC45B0B0-72D8-4652-AE5F-5E3E266BE7ED} - C:\Programmi\Movie Maker\wmm2filt.dll
WM TV Out Smooth Picture Filter - {41D2B841-7692-4C83-AFD3-F60E845341AF} - C:\Programmi\Movie Maker\wmm2filt.dll
WM VIH2 Fix - {586FB486-5560-4FF3-96DF-1118C96AF456} - C:\Programmi\Movie Maker\wmm2filt.dll
WMI ADSI Extension - {f0975afe-5c7f-11d2-8b74-00104b2afb41} - C:\WINDOWS\system32\wbem\wbemads.dll
WMT Audio Analyzer - {1CB1623E-BBEC-4E8D-B2DF-DC08C6F4627C} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Black Frame Generator - {2EA10031-0033-450E-8072-E27D9E768142} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT DeInterlace Filter - {C8F209F8-480E-454C-94A4-5392D88EBA0F} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT DeInterlace Prop Page - {A2EDA89A-0966-4B91-9C18-AB69F098187F} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT DirectX Transform Wrapper - {AECF5D2E-7A18-4DD2-BDCD-29B6F615B448} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT DV Extract Filter - {E476CBFF-E229-4524-B6B7-228A3129D1C7} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT FormatConversion - {2D20D4BB-B47E-4FB7-83BD-E3C2EE250D26} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT FormatConversion Prop Page - {E188F7A3-A04E-413E-99D1-D79A45F70305} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Import Filter - {4D4C9FEF-ED80-47EA-A3FA-3215FDBB33AB} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Interlacer - {C6CB1FE3-B05E-4F0E-818F-C83ED5A0332F} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Log Filter - {92883667-e95c-443d-ac96-4caca27beb6e} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT MuxDeMux Filter - {01002B17-5D93-4551-81E4-831FEF780A53} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Sample Info Filter - {7F1232EE-44D7-4494-AB8B-CC61B10E21A5} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Screen capture Filter - {31087270-d348-432c-899e-2d2f38ff29a0} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Screen Capture Filter Task Page - {679E132F-561B-42F8-846C-A70DBDC62999} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Switch Filter - {EF105BC3-C064-45F1-AD53-6D8A8578D01B} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Virtual Renderer - {930FD02C-BBE7-4EB9-91CF-FC45CC91E3E6} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Virtual Source - {C44C65C7-FDF1-453D-89A5-BCC28F5D69F9} - C:\Programmi\Movie Maker\wmm2filt.dll
WMT Volume - {EFEE43D6-BFE5-44B0-8063-AC3B2966AB2C} - C:\Programmi\Movie Maker\wmm2filt.dll
XML Data Source Object 2.6 - {f5078f1f-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML Document 2.6 - {f5078f22-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML Document 2.6 - {f5078f28-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML DOM Document 2.6 - {f5078f1b-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML HTTP 2.6 - {f5078f1e-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML Moniker 2.6 - {f5078f29-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML Parser 2.6 - {f5078f20-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XML Schema Cache 2.6 - {f5078f1d-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
XSL Template 2.6 - {f5078f21-c551-11d3-89b9-0000f81fe221} - C:\WINDOWS\system32\msxml2.dll
[Stopped/disabled NT Services]
* Stopped (41) *
Accesso rete = C:\WINDOWS\system32\lsass.exe
Acquisizione di immagini di Windows (WIA) = C:\WINDOWS\system32\svchost.exe -k imgsvc
Applicazione di sistema COM+ = C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Archivi rimovibili = C:\WINDOWS\system32\svchost.exe -k netsvcs
Auto Connection Manager di Accesso remoto = C:\WINDOWS\system32\svchost.exe -k netsvcs
Avvisi e registri di prestazioni = C:\WINDOWS\system32\smlogsvc.exe
Compatibilità di Cambio rapido utente = C:\WINDOWS\System32\svchost.exe -k netsvcs
Condivisione desktop remoto di NetMeeting = C:\WINDOWS\system32\mnmsrvc.exe
Connection Manager di Accesso remoto = C:\WINDOWS\system32\svchost.exe -k netsvcs
Connessioni di rete = C:\WINDOWS\System32\svchost.exe -k netsvcs
Copia replicata del volume = C:\WINDOWS\System32\vssvc.exe
Distributed Transaction Coordinator = C:\WINDOWS\system32\msdtc.exe
Gestione applicazione = C:\WINDOWS\system32\svchost.exe -k netsvcs
Gestione dischi logici = C:\WINDOWS\System32\svchost.exe -k netsvcs
Gestione sessione di assistenza mediante desktop remoto = C:\WINDOWS\system32\sessmgr.exe
Gruppo di continuità = C:\WINDOWS\System32\ups.exe
Host di periferiche Plug and Play universali = C:\WINDOWS\system32\svchost.exe -k LocalService
MS Software Shadow Copy Provider = C:\WINDOWS\system32\dllhost.exe /Processid:{7A6BAAC9-E88C-4C33-BFA0-8F2CEAC5E86B}
NBService = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
NLA (Network Location Awareness) = C:\WINDOWS\system32\svchost.exe -k netsvcs
NMIndexingService = "C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe"
Office Source Engine = "C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE"
Provider supporto protezione LM NT = C:\WINDOWS\system32\lsass.exe
QoS RSVP = C:\WINDOWS\system32\rsvp.exe
RPC Locator = C:\WINDOWS\system32\locator.exe
Scheda WMI Performance = C:\WINDOWS\system32\wbem\wmiapsrv.exe
Servizi terminal = C:\WINDOWS\System32\svchost -k DComLaunch
Servizio amministrativo di Gestione disco logico = C:\WINDOWS\System32\dmadmin.exe /com
Servizio COM di masterizzazione CD IMAPI = C:\WINDOWS\system32\imapi.exe
Servizio di condivisione in rete Windows Media Player = "C:\Programmi\Windows Media Player\WMPNetwk.exe"
Servizio di indicizzazione = C:\WINDOWS\system32\cisvc.exe
Servizio di rilevamento SSDP = C:\WINDOWS\system32\svchost.exe -k LocalService
Servizio Gateway di livello applicazione = C:\WINDOWS\System32\alg.exe
Servizio Numero di serie per dispositivi multimediali portatili = C:\WINDOWS\System32\svchost.exe -k netsvcs
Servizio Provisioning di rete = C:\WINDOWS\System32\svchost.exe -k netsvcs
Sistema di eventi COM+ = C:\WINDOWS\system32\svchost.exe -k netsvcs
smart card = C:\WINDOWS\System32\SCardSvr.exe
SSL HTTP = C:\WINDOWS\System32\svchost.exe -k HTTPFilter
Telefonia = C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework = C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
Windows Installer = C:\WINDOWS\system32\msiexec.exe /V
* Stopped and disabled (7) *
Accesso periferica Human Interface = C:\WINDOWS\System32\svchost.exe -k netsvcs
Avvisi = C:\WINDOWS\system32\svchost.exe -k LocalService
ClipBook = C:\WINDOWS\system32\clipsrv.exe
DDE di rete = C:\WINDOWS\system32\netdde.exe
DDE DSDM di rete = C:\WINDOWS\system32\netdde.exe
Messenger = C:\WINDOWS\system32\svchost.exe -k netsvcs
Routing e Accesso remoto = C:\WINDOWS\system32\svchost.exe -k netsvcs
[Windows XP Security]
* Security Center *
- This user
FirstRun = dword: 1
- All users
FirstRunDisabled = dword: 1
AntiVirusDisableNotify = dword: 1
FirewallDisableNotify = dword: 1
UpdatesDisableNotify = dword: 1
AntiVirusOverride = dword: 0
FirewallOverride = dword: 0
* System Restore *
- All users
DisableSR = dword: 0
CreateFirstRunRp = dword: 1
DSMin = dword: 200
DSMax = dword: 400
RPSessionInterval = dword: 0
RPGlobalInterval = dword: 86400
RPLifeInterval = dword: 7776000
CompressionBurst = dword: 60
TimerInterval = dword: 120
DiskPercent = dword: 12
ThawInterval = dword: 900
RestoreDiskSpaceError = dword: 0
==================================================
= Other users on this computer: Default user =
==================================================
Autostart folders:
[Startup]
desktop.ini
[User Startup]
desktop.ini
IniMapping values:
User screensaver = logon.scr
Policies:
[Alternate policies]
* Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) *
NoDriveTypeAutoRun = dword: 145
Internet Explorer menu extensions (2):
andDownload with andDAP - C:\PROGRA~1\DAP\dapextie.htm
Download andall with DAP - D:\PROGRA~1\DAP\dapextie2.htm
Registry 'Run' keys:
[User Run]
AVG7_Run = C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
CTFMON.EXE = C:\WINDOWS\system32\CTFMON.EXE
==================================================
= Other users on this computer: SERVIZIO DI RETE =
==================================================
Autostart folders:
[User Startup]
desktop.ini
IniMapping values:
User screensaver = C:\WINDOWS\System32\logon.scr
Policies:
[Alternate policies]
* Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) *
NoDriveTypeAutoRun = dword: 145
Registry 'Run' keys:
[User Run]
AVG7_Run = C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
CTFMON.EXE = C:\WINDOWS\system32\CTFMON.EXE
==================================================
= Other users on this computer: SYSTEM =
==================================================
Autostart folders:
[Startup]
desktop.ini
[User Startup]
desktop.ini
IniMapping values:
User screensaver = logon.scr
Policies:
[Alternate policies]
* Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) *
NoDriveTypeAutoRun = dword: 145
Internet Explorer menu extensions (2):
andDownload with andDAP - C:\PROGRA~1\DAP\dapextie.htm
Download andall with DAP - D:\PROGRA~1\DAP\dapextie2.htm
Registry 'Run' keys:
[User Run]
AVG7_Run = C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
CTFMON.EXE = C:\WINDOWS\system32\CTFMON.EXE
==================================================
= Other hardware configurations: Last known good =
==================================================
On-reboot actions:
BootExecute = autocheck autochk *
Services:
[NT Services (41)]
Accesso secondario = C:\WINDOWS\System32\svchost.exe -k netsvcs
Ad-Aware 2007 Service = "C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe"
Aggiornamenti automatici = C:\WINDOWS\system32\svchost.exe -k netsvcs
Archiviazione protetta = C:\WINDOWS\system32\lsass.exe
Ati HotKey Poller = C:\WINDOWS\system32\Ati2evxx.exe
Audio Windows = C:\WINDOWS\System32\svchost.exe -k netsvcs
AVG E-mail Scanner = C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
AVG7 Alert Manager Server = C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
AVG7 Update Service = C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
Browser di computer = C:\WINDOWS\system32\svchost.exe -k netsvcs
Centro sicurezza PC = C:\WINDOWS\System32\svchost.exe -k netsvcs
Client DHCP = C:\WINDOWS\system32\svchost.exe -k netsvcs
Client DNS = C:\WINDOWS\system32\svchost.exe -k NetworkService
Cyberlink RichVideo Service(CRVS) = "C:\Programmi\CyberLink\Shared files\RichVideo.exe"
Gestione account di protezione (SAM) = C:\WINDOWS\system32\lsass.exe
Guida in linea e supporto tecnico = C:\WINDOWS\System32\svchost.exe -k netsvcs
Helper NetBIOS di TCP/IP = C:\WINDOWS\system32\svchost.exe -k LocalService
Machine Debug Manager = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
Manutenzione collegamenti distribuiti client = C:\WINDOWS\system32\svchost.exe -k netsvcs
Monitor infrarossi = C:\WINDOWS\system32\svchost.exe -k netsvcs
Notifica eventi di sistema = C:\WINDOWS\system32\svchost.exe -k netsvcs
Ora di Windows = C:\WINDOWS\System32\svchost.exe -k netsvcs
Plug and Play = C:\WINDOWS\system32\services.exe
Registro eventi = C:\WINDOWS\system32\services.exe
Rilevamento hardware shell = C:\WINDOWS\System32\svchost.exe -k netsvcs
RPC (Remote Procedure Call) = C:\WINDOWS\system32\svchost -k rpcss
Server = C:\WINDOWS\system32\svchost.exe -k netsvcs
Servizi di crittografia = C:\WINDOWS\system32\svchost.exe -k netsvcs
Servizi IPSEC = C:\WINDOWS\system32\lsass.exe
Servizio di segnalazione errori = C:\WINDOWS\System32\svchost.exe -k netsvcs
Servizio Ripristino configurazione di sistema = C:\WINDOWS\system32\svchost.exe -k netsvcs
Servizio trasferimento intelligente in background = C:\WINDOWS\system32\svchost.exe -k netsvcs
Spooler di stampa = C:\WINDOWS\system32\spoolsv.exe
Strumentazione gestione Windows = C:\WINDOWS\system32\svchost.exe -k netsvcs
Temi = C:\WINDOWS\System32\svchost.exe -k netsvcs
Utilità di avvio processo server DCOM = C:\WINDOWS\system32\svchost -k DcomLaunch
Utilità di pianificazione = C:\WINDOWS\System32\svchost.exe -k netsvcs
WebClient = C:\WINDOWS\system32\svchost.exe -k LocalService
Windows Firewall / Condivisione connessione Internet (ICS) = C:\WINDOWS\system32\svchost.exe -k netsvcs
Workstation = C:\WINDOWS\system32\svchost.exe -k netsvcs
Zero Configuration reti senza fili = C:\WINDOWS\System32\svchost.exe -k netsvcs
[SafeBoot services (Minimal boot)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}
* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}
* Driver *
dmboot.sys
dmio.sys
dmload.sys
sermouse.sys
vga.sys
vgasave.sys
* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
PCI Configuration
PNP Filter
Primary disk
SCSI Class
System Bus Extender
* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}
* FSFilter System Recovery *
sr.sys
* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}
* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}
* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}
* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}
* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}
* Service *
aawservice
AppMgmt
CryptSvc
DcomLaunch
dmadmin
dmserver
EventLog
HelpSvc
Netlogon
PlugPlay
RpcSs
SRService
WinMgmt
* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}
* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}
* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}
* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}
[SafeBoot services (Minimal boot + network support)]
* CD-ROM Drive *
{4D36E965-E325-11CE-BFC1-08002BE10318}
* DiskDrive *
{4D36E967-E325-11CE-BFC1-08002BE10318}
* Driver *
dmboot.sys
dmio.sys
dmload.sys
ip6fw.sys
ipnat.sys
rdpcdd.sys
rdpdd.sys
rdpwd.sys
sermouse.sys
tdpipe.sys
tdtcp.sys
vga.sys
vgasave.sys
* Driver Group *
Base
Boot Bus Extender
Boot file system
File system
Filter
NDIS
NDIS Wrapper
NetBIOSGroup
NetDDEGroup
Network
NetworkProvider
PCI Configuration
PNP Filter
PNP_TDI
Primary disk
SCSI Class
Streams Drivers
System Bus Extender
TDI
* Floppy disk drive *
{4D36E980-E325-11CE-BFC1-08002BE10318}
* FSFilter System Recovery *
sr.sys
* Hdc *
{4D36E96A-E325-11CE-BFC1-08002BE10318}
* Human Interface Devices *
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
* Keyboard *
{4D36E96B-E325-11CE-BFC1-08002BE10318}
* Mouse *
{4D36E96F-E325-11CE-BFC1-08002BE10318}
* Net *
{4D36E972-E325-11CE-BFC1-08002BE10318}
* NetClient *
{4D36E973-E325-11CE-BFC1-08002BE10318}
* NetService *
{4D36E974-E325-11CE-BFC1-08002BE10318}
* NetTrans *
{4D36E975-E325-11CE-BFC1-08002BE10318}
* PCMCIA Adapters *
{4D36E977-E325-11CE-BFC1-08002BE10318}
* SCSIAdapter *
{4D36E97B-E325-11CE-BFC1-08002BE10318}
* Service *
aawservice
AFD
AppMgmt
Browser
CryptSvc
DcomLaunch
Dhcp
dmadmin
dmserver
DnsCache
EventLog
HelpSvc
LanmanServer
LanmanWorkstation
LmHosts
Messenger
Ndisuio
NetBIOS
NetBT
Netlogon
NetMan
NtLmSsp
PlugPlay
rdsessmgr
RpcSs
SharedAccess
SRService
Tcpip
termservice
WinMgmt
WZCSVC
* Standard floppy disk controller *
{4D36E969-E325-11CE-BFC1-08002BE10318}
* System *
{4D36E97D-E325-11CE-BFC1-08002BE10318}
* Universal Serial Bus controllers *
{36FC9E60-C465-11CF-8056-444553540000}
* Volume *
{71A27CDD-812A-11D0-BEC7-08002BE2092F}
[SafeBoot: Alternate shell]
cmd.exe (not enabled)
Driver filters:
[Class filters]
* Periferiche infrarossi *
- Upper filters
IRENUM.sys
* Volumi di archiviazione *
- Upper filters
VolSnap.sys
[Device filters]
* Direct Parallel *
- Lower filters
PtiLink.sys
* Driver mouse di Terminal Server *
- Upper filters
mouclass.sys
* Driver tastiera di Terminal Server *
- Upper filters
kbdclass.sys
* HSP56 MR *
- Lower filters
Ptserial.sys
* Miniport WAN (PPPOE) *
- Lower filters
NdisTapi.sys
* Porta di comunicazione *
- Upper filters
serenum.sys
* Processore Intel(r) 82845 per controller AGP - 1A31 *
- Upper filters
AGP440.sys
* Synaptics PS/2 Port TouchPad *
- Upper filters
SynTP.sys
* Unità CD-ROM *
- Upper filters
redbook.sys
- Lower filters
imapi.sys
* Unità CD-ROM *
- Upper filters
redbook.sys
* WAN Miniport (IP) *
- Lower filters
NdisTapi.sys
* WAN Miniport (PPTP) *
- Lower filters
NdisTapi.sys
Print monitors (7):
BJ Language Monitor - cnbjmon.dll
Local Port - localspl.dll
Microsoft Document Imaging Writer Monitor - mdimon.dll
PDF Port - C:\WINDOWS\system32\pdfports.dll
PJL Language Monitor - pjlmon.dll
Standard TCP/IP Port - tcpmon.dll
USB Monitor - usbmon.dll
WOW compatibility:
cmdline = C:\WINDOWS\system32\ntvdm.exe
wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386
[KnownDlls (16-bit) (40)]
avicap.dll
avifile.dll
comm.drv
commdlg.dll
compobj.dll
ctl3dv2.dll
ddeml.dll
keyboard.drv
lanman.drv
mapi.dll
mciavi.drv
mciseq.drv
mciwave.drv
mmsystem.dll
mouse.drv
msacm.dll
msvideo.dll
netapi.dll
ole2.dll
ole2disp.dll
ole2nls.dll
olecli.dll
olesvr.dll
pmspl.dll
progman.exe
rasapi16.dll
shell.dll
sound.drv
storage.dll
system.drv
timer.drv
toolhelp.dll
typelib.dll
vga.drv
wfwnet.drv
win87em.dll
winoldap.mod
winsock.dll
winspool.exe
wowdeb.exe
[KnownDlls (32-bit) (20)]
advapi32.dll
comdlg32.dll
gdi32.dll
imagehlp.dll
kernel32.dll
lz32.dll
ole32.dll
oleaut32.dll
olecli32.dll
olecnv32.dll
olesvr32.dll
olethk32.dll
rpcrt4.dll
shell32.dll
url.dll
urlmon.dll
user32.dll
version.dll
wininet.dll
wldap32.dll
End of report, 107.743 bytes
Commandline options:
/showempty - Show empty sections
/showcmts - Show comments in .bat files
/noshowclsids - Hide class IDs
/noshowprivate - Hide usernames and computer name
/noshowusers - Hide entries from other users
/noshowhardware - Hide entries from other hardware configurations
/autosave - Run hidden, automatically save a report and quit
.................................
Grazie, e Buon Fine Settimana! ;-)))