Scan saved at 14.19.10, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Symantec AntiVirus\DefWatch.exe
C:\Programmi\OneStepSearch\onestep.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Symantec AntiVirus\Rtvscan.exe
E:\Programmi\VMware\VMware Workstation\vmware-authd.exe
C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\OneStepSearch\onestep.exe
C:\WINDOWS\system32\tp4mon.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
E:\Programmi\RocketDock\RocketDock.exe
C:\Programmi\TGTSoft\StyleXP\StyleXP.exe
C:\Programmi\RALINK\Common\RaUI.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.leeman-au....nl/startpagina
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyintra.inps:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;10.*;192.168.*;*.inps;*.inps.it;172.16.16.*
;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: 66.212.225.28 www.pokerstars.com
O1 - Hosts: 213.212.82.181 www.globetscore.com
O1 - Hosts: 212.62.21.228 poker.betfair.com
O1 - Hosts: 205.205.29.114 everestpoker.com
O1 - Hosts: 195.72.134.51 payments.bwin.com
O1 - Hosts: 195.244.207.20 www.betway.com
O1 - Hosts: 84.20.193.56 www5.betfair.com
O1 - Hosts: 213.212.72.122 enigma.globet.co.uk
O1 - Hosts: 195.244.216.2 WWW.GAMEBOOKERS.CO.UK
O1 - Hosts: 213.212.82.184 www.globet.tv
O1 - Hosts: 193.203.227.90 www.bwin.com
O1 - Hosts: 212.12.47.72 www.pg24.it
O1 - Hosts: 83.138.175.137 www.betshop.com
O1 - Hosts: 213.52.217.63 www.sportingbet.com
O1 - Hosts: 213.52.217.49 it.sportingbet.com
O1 - Hosts: 62.99.138.61 www.expekt.com
O1 - Hosts: 193.203.227.71 www.betandwin.com
O1 - Hosts: 216.152.164.80 www.pinnaclesports.com
O1 - Hosts: www.swapbets.com www.swapbets.com
O1 - Hosts: 89.187.70.53 www.jokerbets.com
O1 - Hosts: 64.69.65.80 www.casinopokerlasvegas.com
O1 - Hosts: 62.7.228.141 www.eurobet.com
O1 - Hosts: 213.212.82.185 www.globet.com
O1 - Hosts: 203.115.210.212 www.007bets.com
O1 - Hosts: 207.210.235.29 www.007sportsbetting.com
O1 - Hosts: 207.210.235.29 www.07sports.com
O1 - Hosts: 65.36.221.8 www.1001casino.com
O1 - Hosts: 66.199.173.138 www.100kcasino.com
O1 - Hosts: www.101-casino.com www.101-casino.com
O1 - Hosts: 89.234.62.2 www.10bet.com
O1 - Hosts: 216.73.118.234 www.10handpokercasino.com
O1 - Hosts: 69.57.144.67 www.1luckygambler.com
O1 - Hosts: 64.202.189.170 www.1on1footballsportsbetting.com
O1 - Hosts: 64.158.29.134 www.1sportbook.com
O1 - Hosts: 205.234.139.66 www.1st-free-casino-online.com
O1 - Hosts: 64.70.249.150 www.1stlines.com
O1 - Hosts: www.1stonlineinternetcasino.com www.1stonlineinternetcasino.com
O1 - Hosts: 209.5.113.67 www.24caratcasino.com
O1 - Hosts: 213.48.117.162 www.24dogs.com
O1 - Hosts: 217.168.174.80 www.24hbet.com
O1 - Hosts: 217.168.174.32 www.24hpoker.com
O1 - Hosts: 190.7.195.3 www.2betdsi.com
O1 - Hosts: 64.40.109.33 www.4platinumsportsbook.com
O1 - Hosts: 83.138.185.248 www.4sportsbetting.com
O1 - Hosts: 200.122.156.227 www.4sportspicks.com
O1 - Hosts: 205.134.188.249 www.52bet.com
O1 - Hosts: 216.194.167.160 www.5dimes.com
O1 - Hosts: 66.226.75.118 www.7-11-casino.com
O1 - Hosts: 205.234.137.214 www.7onlinecasino.com
O1 - Hosts: 190.7.195.4 www.7palms.com
O1 - Hosts: 213.52.230.222 www.888.com
O1 - Hosts: 217.72.240.204 www.888casino.com
O1 - Hosts: 69.57.144.67 www.888casinoonnet.com
O1 - Hosts: www.888-free-casino-games.com www.888-free-casino-games.com
O1 - Hosts: www.888-online-casino.com www.888-online-casino.com
O1 - Hosts: 82.165.163.231 www.88sportsbetting.com
O1 - Hosts: 67.131.69.123 www.abcislands.com
O1 - Hosts: 205.134.188.247 www.acescasino.net
O1 - Hosts: 66.212.230.179 www.acropoliscasinos.com
O1 - Hosts: 80.120.174.220 www.admiralbet.com
O1 - Hosts: 207.139.91.25 www.advantagesportsbetting.com
O1 - Hosts: 217.15.106.34 www.aldocoppolacasino.com
O1 - Hosts: 207.210.235.29 www.allbetsrus.com
O1 - Hosts: 69.90.108.200 www.allprosportsbook.com
O1 - Hosts: 209.51.142.30 www.allsportscasino.com
O1 - Hosts: 64.69.65.202 www.AllSportsMarket.com
O1 - Hosts: 205.134.188.249 www.allstarsportsbook.com
O1 - Hosts: 74.200.198.186 www.allytab.com
O1 - Hosts: 64.202.189.170 www.americancasinoonline.com
O1 - Hosts: 64.37.97.67 www.americas-onlinecasino.com
O1 - Hosts: 204.13.160.129 www.anguilla-casino.com
O1 - Hosts: 69.90.47.118 www.anytimewager.com
O1 - Hosts: 66.235.220.191 www.apexsportsbook.com
O1 - Hosts: 212.56.159.148 www.astrabet.com
O1 - Hosts: 204.174.223.205 www.athomesportsbook.com
O1 - Hosts: 213.146.146.67 www.attheraces.co.uk
O1 - Hosts: 195.173.72.90 www.attheraces.com
O1 - Hosts: 209.51.142.16 www.aztecgaming.com
O1 - Hosts: 66.199.173.138 www.baccaratcasino.com
O1 - Hosts: 217.160.95.49 www.backandlay.com
O1 - Hosts: 204.13.160.129 www.bcbets.com
O1 - Hosts: 205.134.188.249 www.belmontcasino.com
O1 - Hosts: 205.134.188.244 www.bestecasino.com
O1 - Hosts: 201.224.248.37 www.bestlinesports.com
O1 - Hosts: 65.36.221.8 www.best-online-casinos.1001casino.com
O1 - Hosts: 217.168.164.75 www.bestpoker.com
O1 - Hosts: 87.248.209.102 www.bet19.com
O1 - Hosts: 217.168.162.99 www.bet24.com
O1 - Hosts: 62.44.67.152 www.bet247.co.uk
O1 - Hosts: 83.245.54.203 www.Bet365.com
O1 - Hosts: 216.40.33.252 www.betabet.com
O1 - Hosts: 89.151.99.34 www.betandgame.com
O1 - Hosts: 80.243.162.175 www.bet-at-home.com
O1 - Hosts: 64.15.78.40 www.betaustralia.com
O1 - Hosts: 66.230.192.118 www.betbet.com
O1 - Hosts: 216.194.173.58 www.betbuckeyesports.com
O1 - Hosts: 83.138.185.129 www.betbug.com
O1 - Hosts: 212.100.224.208 www.betbutler.com
O1 - Hosts: 217.168.161.19 www.betchance.com
O1 - Hosts: 212.56.134.11 www.betclass.co.uk
O1 - Hosts: 212.56.134.11 www.betclass.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {477E65AA-ED90-5062-7EEA-0411C162621F} - C:\Programmi\xpwffpwp\spxawffw.dll
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkmxl.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: The optnet - {B02534D7-8D91-49BE-A864-97DFB8E0BAB4} - C:\WINDOWS\optnet.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "E:\Programmi\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Programmi\RALINK\Common\RaUI.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.c...pport/acpir.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cicciput89198...ad/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cicciput89198...ad/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{562036B0-5CC9-4485-AC6C-6600C57B0C35}: NameServer = 213.156.54.80,213.156.54.81
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O21 - SSODL: hostctrl - {18EE8EDC-4609-47D9-A76B-6F0967B30063} - C:\WINDOWS\hostctrl.dll
O21 - SSODL: hstsys - {E6285CED-3C00-43B0-8ED8-9A1B3A11663F} - C:\WINDOWS\hstsys.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programmi\Symantec AntiVirus\DefWatch.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Programmi\OneStepSearch\onestep.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programmi\OpenVPN\bin\openvpnserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programmi\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - E:\alessio\Programmi\SPYWAREfighter\spfprc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programmi\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programmi\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 16437 bytes
and this log
SmitFraudFix v2.240
Scan done at 14.28.33,74, 21/10/2007
Run from C:\Documents and Settings\Mbenaroyo\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Versione 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Symantec AntiVirus\DefWatch.exe
C:\Programmi\OneStepSearch\onestep.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Symantec AntiVirus\Rtvscan.exe
E:\Programmi\VMware\VMware Workstation\vmware-authd.exe
C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\OneStepSearch\onestep.exe
C:\WINDOWS\system32\tp4mon.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
E:\alessio\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
E:\Programmi\RocketDock\RocketDock.exe
C:\Programmi\TGTSoft\StyleXP\StyleXP.exe
C:\Programmi\RALINK\Common\RaUI.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
hosts file corrupted !
127.0.0.1 mpa.one.microsoft.com
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\privacy_danger FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Mbenaroyo
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Mbenaroyo\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\MBENAR~1\PREFER~1
C:\DOCUME~1\MBENAR~1\PREFER~1\Error Cleaner.url FOUND !
C:\DOCUME~1\MBENAR~1\PREFER~1\Privacy Protector.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Programmi
C:\Programmi\VideoAccessCodec\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Pagina iniziale corrente"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Ralink Turbo Wireless LAN Card - Miniport dell'Utilità di pianificazione pacchetti
DNS Server Search Order: 213.156.54.80
DNS Server Search Order: 213.156.54.81
HKLM\SYSTEM\CCS\Services\Tcpip\..\{562036B0-5CC9-4485-AC6C-6600C57B0C35}: NameServer=213.156.54.80,213.156.54.81
HKLM\SYSTEM\CS1\Services\Tcpip\..\{562036B0-5CC9-4485-AC6C-6600C57B0C35}: NameServer=213.156.54.80,213.156.54.81
HKLM\SYSTEM\CS3\Services\Tcpip\..\{562036B0-5CC9-4485-AC6C-6600C57B0C35}: NameServer=213.156.54.80,213.156.54.81
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
please help me