Hello boss
first solution is not available because 2 files not existed !!
this is a report of second solution
Bye

L2MFIX find log 010406
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogonNotifyMedia Center]
"Asynchronous"=dword:00000000
"DllName"="C:\WINNT\system32\t28u0cl9efq.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsUser AgentPost Platform]
"{FAF8EA84-F1F0-C1DB-32C3-BB6BE47B8037}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShell ExtensionsApproved]
"{00022613-0000-0000-C000-000000000046}"="Propriet… dei file Multimedia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestore scanner ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Pagina di protezione NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Pagina di propriet… di Docfile OLE"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Estensioni shell per la condivisione"
"{41E300E0-78B6-11ce-849B-444553540000}"="Estensione CPL PlusPack"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Estensione scheda video del Pannello di controllo"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Estensione monitor del Pannello di controllo"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Estensione panoramica video del Pannello di controllo"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Pagina di protezione DS"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestore dati dei ritagli di shell"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Estensione copia dischi"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Estensioni shell per oggetti Rete Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestore monitor ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestore stampante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Estensioni shell per la compressione dei file"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Estensione shell per la stampante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu di scelta rapida di crittografia"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Sincronia file"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Estensione di icona di HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profilo ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Pagina di protezione della stampante"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Estensioni shell per la condivisione"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Estensioni di shell per Windows Script Host"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Estensione Crypto PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Estensione firma crittografata"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Rete e connessioni remote"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Estensione finestra propriet… di aggiornamento automatico"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Servizio Cronologia Url Microsoft"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Cronologia"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="File temporanei Internet"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Hook per la ricerca di URL Microsoft"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Schermata iniziale applicazioni Internet Explorer 4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Operazioni pianificate"
"{1A9BA3A0-143A-11CF-8350-444553540000}"="Cartella Preferiti"
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"="Risorse del computer"
"{86747AC0-42A0-1069-A2E6-08002B30309D}"="Cartella Sincronia file"
"{0AFACED1-E828-11D1-9187-B532F1E9575D}"="Collegamento alla cartella"
"{12518493-00B2-11d2-9FA5-9E3420524153}"="Volume installato"
"{21B22460-3AEA-1069-A2DC-08002B30309D}"="Estensione pagina propriet… file"
"{B091E540-83E3-11CF-A713-0020AFD79762}"="Pagina tipi di file"
"{FBF23B41-E3F0-101B-8488-00AA003E56F8}"="Hook di tipi di file MIME"
"{C2FBB630-2971-11d1-A18C-00C04FD75D13}"="Servizio CopyTo Microsoft"
"{C2FBB631-2971-11d1-A18C-00C04FD75D13}"="Microsoft MoveTo Service"
"{13709620-C279-11CE-A49E-444553540000}"="Servizio automazione della shell"
"{62112AA1-EBE4-11cf-A5FB-0020AFE7292D}"="Shell Automation Folder View"
"{4622AD11-FF23-11d0-8D34-00A0C90F2719}"="Menu Avvio"
"{7BA4C740-9E81-11CF-99D3-00AA004AE837}"="Microsoft SendTo Service"
"{D969A300-E7FF-11d0-A93B-00A0C90F2719}"="Microsoft New Object Service"
"{09799AFB-AD67-11d1-ABCD-00C04FC30936}"="Apri con gestore menu di scelta rapida"
"{3FC0B520-68A9-11D0-8D77-00C04FD70822}"="Mostra estensioni HTML del Pannello di controllo"
"{75048700-EF1F-11D0-9888-006097DEACF9}"="ActiveDesktop"
"{6D5313C0-8C62-11D1-B2CD-006097DF8C11}"="Estensione pagina propriet… Opzioni cartella"
"{57651662-CE3E-11D0-8D77-00C04FC99D61}"="CmdFileIcon"
"{4657278A-411B-11d2-839A-00C04FD918D0}"="Helper trascinamento selezione Shell"
"{A470F8CF-A1E8-4f65-8335-227475AA5C46}"="Aggiungere l'elemento di crittografia al menu di scelta rapida in Esplora risorse"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status"
"{568804CA-CBD7-11d0-9816-00C04FD91972}"="Menu Shell Folder"
"{5b4dae26-b807-11d0-9815-00c04fd91972}"="Menu Band"
"{8278F931-2A3E-11d2-838F-00C04FD918D0}"="Tracking Shell Menu"
"{E13EF4E4-D2F2-11d0-9816-00C04FD91972}"="Menu Site"
"{ECD4FC4F-521C-11D0-B792-00A0C90312E1}"="Menu Desk Bar"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Merge Shell Folder"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{D82BE2B0-5764-11D0-A96E-00C04FD705A2}"="IShellFolderBand"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Microsoft SearchBand"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{0E5CBF21-D15F-11d0-8301-00AA005B4383}"="&Collegamenti"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Indirizzo"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7487cd30-f71a-11d0-9ea7-00805f714772}"="Thumbnail Image"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{8BEBB290-52D0-11D0-B7F4-00C04FD706EC}"="Anteprima"
"{EAB841A0-9550-11CF-8C16-00805F1408F3}"="Programma di estrazione pagine HTML in anteprima"
"{1AEB1360-5AFC-11D0-B806-00C04FD706EC}"="Programma di estrazione filtri grafici di Office in anteprima"
"{9DBD2C50-62AD-11D0-B806-00C04FD706EC}"="Summary Info Thumbnail handler (DOCFILES)"
"{500202A0-731E-11D0-B829-00C04FD706EC}"="LNK file thumbnail interface delegator"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestione applicazioni shell"
"{0B124F8C-91F0-11D1-B8B5-006008059382}"="Enumeratore applicazioni installate"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{fe1290f0-cfbd-11cf-a330-00aa00c16e65}"="Directory Namespace"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"="MyDocs Folder"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Menu file non in linea"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Opzioni cartella File non in linea"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Cartella file non in linea"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{4A741382-48B4-11d2-AD84-00A024D24BF3}"="Matrox PowerDesk Properties"
"{acb4a560-3606-11d3-aef4-00104bd0f92d}"="KodakShellExtension"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{990a81a0-b289-11cf-a800-00a0c903a2a6}"="Cryptext"
"{0A082D00-EC93-11D0-B1E6-80580BC10627}"="Corel Media Folder Root Menu Handler"
"{0FBF99C1-4127-11D1-B1E6-C17E96D9180A}"="Folder To Corel Media Folder Menu Handler"
"{854AF161-1AE1-11D1-AB9B-00C0F00683EB}"="Corel Media Folder"
"{E856F161-1AE5-11d1-AB9B-00C0F00683EB}"="Corel Media Folder"
"{CDB89701-262F-11D1-AB9C-00C0F00683EB}"="Corel Media Find Folder"
"{F8152501-455F-11D1-B1E6-444553540000}"="Corel Media Folder Copy Hook Handler"
"{8E524B0D-04F0-11D1-B74A-00A0C90646A4}"="IconFactTemp.NSIconHandlerFactory"
"{A2AC368A-F883-11D0-B745-00A0C90646A4}"="NSFiltManDll.FiltManCom"
"{B63FCD5A-2396-11D1-B762-00A0C90646A4}"="NSFiltManDll.FiltManCom"
"{FED7043D-346A-414D-ACD7-550D052499A7}"="dBpowerAMP Music Converter 1"
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}"="dBpowerAMP Music Converter"
"{65756541-C65C-11CD-0000-4B656E696100}"="Panda Antivirus"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="File del canale"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Collegamento al canale"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Cartella Subscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Cartella cache ActiveX"
"{4A80F243-9EA7-450E-84F3-2222CBE3B8F5}"=""
"{B9433D1B-7FCD-4C47-8752-DA2E7F79CA62}"=""
"{3A46714B-9258-4C05-B375-0970C3599025}"=""
"{765489FF-C32C-211A-DFEE-00FD217F8C87}"="ABView"
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="aý Context Menu Shell Extension"
"{5B928B93-6C54-46C9-BA0B-F6E32FB5108B}"=""
"{17421275-4F1F-44D2-A686-7A7ACA19C7A5}"=""
"{9BF0E7DF-1A29-403B-9436-205CCE0662AF}"=""
"{685F953B-11E3-4EEE-AB87-6333F39D6E7C}"=""
"{707144A7-32DD-4175-B64C-0ED6DF71990E}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{4A80F243-9EA7-450E-84F3-2222CBE3B8F5}]
@=""

[HKEY_CLASSES_ROOTCLSID{4A80F243-9EA7-450E-84F3-2222CBE3B8F5}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{4A80F243-9EA7-450E-84F3-2222CBE3B8F5}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{4A80F243-9EA7-450E-84F3-2222CBE3B8F5}InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{B9433D1B-7FCD-4C47-8752-DA2E7F79CA62}]
@=""

[HKEY_CLASSES_ROOTCLSID{B9433D1B-7FCD-4C47-8752-DA2E7F79CA62}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{B9433D1B-7FCD-4C47-8752-DA2E7F79CA62}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{B9433D1B-7FCD-4C47-8752-DA2E7F79CA62}InprocServer32]
@="C:\WINNT\system32\rYrv1032.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{3A46714B-9258-4C05-B375-0970C3599025}]
@=""

[HKEY_CLASSES_ROOTCLSID{3A46714B-9258-4C05-B375-0970C3599025}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{3A46714B-9258-4C05-B375-0970C3599025}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{3A46714B-9258-4C05-B375-0970C3599025}InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{5B928B93-6C54-46C9-BA0B-F6E32FB5108B}]
@=""

[HKEY_CLASSES_ROOTCLSID{5B928B93-6C54-46C9-BA0B-F6E32FB5108B}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{5B928B93-6C54-46C9-BA0B-F6E32FB5108B}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{5B928B93-6C54-46C9-BA0B-F6E32FB5108B}InprocServer32]
@="C:\WINNT\system32\knuser.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{17421275-4F1F-44D2-A686-7A7ACA19C7A5}]
@=""

[HKEY_CLASSES_ROOTCLSID{17421275-4F1F-44D2-A686-7A7ACA19C7A5}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{17421275-4F1F-44D2-A686-7A7ACA19C7A5}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{17421275-4F1F-44D2-A686-7A7ACA19C7A5}InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{9BF0E7DF-1A29-403B-9436-205CCE0662AF}]
@=""

[HKEY_CLASSES_ROOTCLSID{9BF0E7DF-1A29-403B-9436-205CCE0662AF}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{9BF0E7DF-1A29-403B-9436-205CCE0662AF}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{9BF0E7DF-1A29-403B-9436-205CCE0662AF}InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{685F953B-11E3-4EEE-AB87-6333F39D6E7C}]
@=""

[HKEY_CLASSES_ROOTCLSID{685F953B-11E3-4EEE-AB87-6333F39D6E7C}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{685F953B-11E3-4EEE-AB87-6333F39D6E7C}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{685F953B-11E3-4EEE-AB87-6333F39D6E7C}InprocServer32]
@="C:\WINNT\system32\duvenum.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOTCLSID{707144A7-32DD-4175-B64C-0ED6DF71990E}]
@=""

[HKEY_CLASSES_ROOTCLSID{707144A7-32DD-4175-B64C-0ED6DF71990E}Implemented Categories]
@=""

[HKEY_CLASSES_ROOTCLSID{707144A7-32DD-4175-B64C-0ED6DF71990E}Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOTCLSID{707144A7-32DD-4175-B64C-0ED6DF71990E}InprocServer32]
@="C:\WINNT\system32\guard.tmp"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:WINNTSYSTEM32
stns.dll Mon 6 Feb 2006 12.55.02 ..S.R 235.945 230,41 K
pnustab.dll Mon 6 Feb 2006 21.36.54 ..S.R 235.945 230,41 K
sqlfx.dll Fri 10 Feb 2006 22.39.38 ..S.R 235.172 229,66 K
awtsp.dll Tue 24 Jan 2006 12.23.54 A.... 38.925 38,01 K
wfn87em.dll Mon 6 Feb 2006 23.03.18 ..S.R 236.931 231,38 K
gebyv.dll Thu 19 Jan 2006 23.01.36 ..SH. 38.925 38,01 K
mrvidc32.dll Mon 6 Feb 2006 12.45.16 ..S.R 236.148 230,61 K
fktlib.dll Tue 7 Feb 2006 0.15.14 ..S.R 237.205 231,64 K
pdrfnw.dll Mon 6 Feb 2006 12.34.00 ..S.R 235.945 230,41 K
pmkhe.dll Tue 24 Jan 2006 12.23.54 ..... 38.925 38,01 K
awvtq.dll Tue 10 Jan 2006 2.30.38 A.... 36.877 36,01 K
wvi.dll Tue 21 Feb 2006 12.36.16 ..S.R 234.996 229,49 K
pmkhg.dll Tue 24 Jan 2006 12.23.54 A.... 38.925 38,01 K
iexsap.dll Wed 8 Feb 2006 22.13.36 ..S.R 237.205 231,64 K
mddex.dll Thu 9 Feb 2006 20.43.46 ..S.R 233.656 228,18 K
vtsts.dll Tue 24 Jan 2006 12.23.54 A.... 38.925 38,01 K
awvvs.dll Tue 10 Jan 2006 2.30.38 A.... 36.877 36,01 K
ijetmib1.dll Tue 7 Feb 2006 0.34.24 ..S.R 237.205 231,64 K
gdi32.dll Fri 30 Dec 2005 17.16.30 A.... 233.744 228,27 K
knuser.dll Tue 14 Feb 2006 19.16.12 ..S.R 236.314 230,77 K
tmnlib20.dll Mon 6 Feb 2006 23.41.34 ..S.R 235.945 230,41 K
mzastmib.dll Thu 16 Feb 2006 23.21.52 ..S.R 234.031 228,54 K
ose32.dll Sun 12 Feb 2006 8.29.48 ..S.R 234.605 229,11 K
uol.dll Tue 7 Feb 2006 12.31.34 ..S.R 237.205 231,64 K
mrdrv.dll Fri 10 Feb 2006 23.11.40 ..S.R 233.656 228,18 K
vtstt.dll Tue 24 Jan 2006 12.23.54 A.... 38.925 38,01 K
kcdgr.dll Sun 12 Feb 2006 8.56.12 ..S.R 233.656 228,18 K
ddayv.dll Tue 10 Jan 2006 2.30.38 A.... 36.877 36,01 K
ktj6l7~1.dll Tue 7 Feb 2006 0.11.36 ..S.R 235.945 230,41 K
jkklm.dll Tue 24 Jan 2006 12.23.54 A.... 38.925 38,01 K
dxmv2clt.dll Wed 8 Feb 2006 12.56.18 ..S.R 233.656 228,18 K
toaffic.dll Fri 10 Feb 2006 12.40.52 ..S.R 235.095 229,58 K
mvlml9~1.dll Sun 12 Feb 2006 13.56.22 ..S.R 233.656 228,18 K
kt62l7~1.dll Sun 12 Feb 2006 14.15.08 ..S.R 235.323 229,80 K
pkustab.dll Sun 12 Feb 2006 10.56.56 ..S.R 233.656 228,18 K
mxawt.dll Sun 12 Feb 2006 12.21.56 ..S.R 233.656 228,18 K
ckcdll.dll Sun 12 Feb 2006 14.15.08 ..S.R 234.056 228,57 K
icdicdll.dll Sun 12 Feb 2006 18.36.32 ..S.R 234.056 228,57 K
myastmib.dll Sun 12 Feb 2006 19.42.44 ..S.R 234.804 229,30 K
hhpertrm.dll Sun 12 Feb 2006 22.31.38 ..S.R 236.314 230,77 K
hrp805~1.dll Tue 7 Feb 2006 12.31.34 ..S.R 233.685 228,21 K
ennsl1~1.dll Tue 7 Feb 2006 19.24.54 ..S.R 234.123 228,63 K
dnnu01~1.dll Fri 10 Feb 2006 13.19.56 ..S.R 235.095 229,58 K
mvp8l9~1.dll Tue 14 Feb 2006 19.33.14 ..S.R 236.314 230,77 K
duvenum.dll Fri 17 Feb 2006 12.41.08 ..S.R 234.996 229,49 K
ryrv1032.dll Tue 7 Feb 2006 19.35.30 ..S.R 237.205 231,64 K
lvr609~1.dll Sun 12 Feb 2006 8.56.12 ..S.R 234.355 228,86 K
dpskadp.dll Sat 18 Feb 2006 19.33.06 ..S.R 234.996 229,49 K
hrr205~1.dll Sun 12 Feb 2006 10.56.56 ..S.R 233.951 228,46 K
kkdmac.dll Tue 21 Feb 2006 13.11.28 ..S.R 236.907 231,35 K
nudsxds.dll Wed 22 Feb 2006 21.01.36 ..S.R 234.249 228,76 K
t28u0c~1.dll Wed 22 Feb 2006 22.58.56 ..S.R 234.249 228,76 K
n42u0e~1.dll Wed 22 Feb 2006 23.09.06 ..S.R 234.015 228,53 K
clrds.dll Thu 23 Feb 2006 19.18.16 ..S.R 234.249 228,76 K
ipagxpr5.dll Sun 12 Feb 2006 14.00.02 ..S.R 234.056 228,57 K
mvpol9~1.dll Thu 16 Feb 2006 12.50.24 ..S.R 235.153 229,64 K
lvp009~1.dll Thu 16 Feb 2006 19.40.24 ..S.R 234.031 228,54 K
mv42l9~1.dll Sun 12 Feb 2006 22.27.34 ..S.R 234.804 229,30 K
p46sle~1.dll Mon 13 Feb 2006 21.40.02 ..S.R 234.130 228,64 K
o2rolc~1.dll Sun 12 Feb 2006 22.43.24 ..S.R 233.944 228,46 K
legitc~1.dll Thu 12 Jan 2006 11.32.12 A.... 543.496 530,76 K

61 items found: 61 files (50 H/S), 0 directories.
Total of file sizes: 12.676.835 bytes 12,09 M
Locate .tmp files:

C:WINNTSYSTEM32
guard.tmp Thu 23 Feb 2006 21.49.28 ..S.R 234.249 228,76 K

1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 234.249 bytes 228,76 K
**********************************************************************************
Directory Listing of system files:
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 38B0-D0BF

Directory di C:WINNTSystem32

23/02/2006 21.49 234.249 guard.tmp
23/02/2006 19.18 234.249 cLrds.dll
22/02/2006 23.09 234.015 n42u0ef9eh2.dll
22/02/2006 22.58 234.249 t28u0cl9efq.dll
22/02/2006 21.01 234.249 nudsxds.dll
21/02/2006 13.11 236.907 kkdmac.dll
21/02/2006 12.36 234.996 wvi.dll
18/02/2006 19.33 234.996 dpskadp.dll
17/02/2006 12.41 234.996 duvenum.dll
16/02/2006 23.21 234.031 mzastmib.dll
16/02/2006 19.40 234.031 lvp0097me.dll
16/02/2006 12.50 235.153 mvpol9731.dll
14/02/2006 19.33 236.314 mvp8l97u1.dll
14/02/2006 19.16 236.314 knuser.dll
13/02/2006 21.40 234.130 p46slej71ho.dll
12/02/2006 22.43 233.944 o2rolc931f.dll
12/02/2006 22.31 236.314 hhpertrm.dll
12/02/2006 22.27 234.804 mv42l9ho1.dll
12/02/2006 19.42 234.804 myastmib.dll
12/02/2006 18.36 234.056 icdicdll.dll
12/02/2006 14.15 235.323 kt62l7jo1.dll
12/02/2006 14.15 234.056 ckcdll.dll
12/02/2006 14.00 234.056 IpagXpr5.dll
12/02/2006 13.56 233.656 mvlml9311.dll
12/02/2006 12.21 233.656 mxawt.dll
12/02/2006 10.56 233.951 hrr2059oe.dll
12/02/2006 10.56 233.656 pkustab.dll
12/02/2006 08.56 234.355 lvr6099se.dll
12/02/2006 08.56 233.656 kcdgr.dll
12/02/2006 08.29 234.605 OSE32.DLL
10/02/2006 23.11 233.656 mrdrv.dll
10/02/2006 22.39 235.172 sqlfx.dll
10/02/2006 13.19 235.095 dnnu0159e.dll
10/02/2006 12.40 235.095 toaffic.dll
09/02/2006 20.43 233.656 mddex.dll
08/02/2006 22.13 237.205 iexsap.dll
08/02/2006 12.56 233.656 dxmv2clt.dll
07/02/2006 19.35 237.205 rYrv1032.dll
07/02/2006 19.24 234.123 ennsl1571.dll
07/02/2006 12.31 233.685 hrp8057ue.dll
07/02/2006 12.31 237.205 uol.dll
07/02/2006 00.34 237.205 IJETMIB1.DLL
07/02/2006 00.15 237.205 fktlib.dll
07/02/2006 00.11 235.945 ktj6l71s1.dll
06/02/2006 23.41 235.945 TmnLib20.dll
06/02/2006 23.03 236.931 wfn87em.dll
06/02/2006 21.36 235.945 pnustab.dll
06/02/2006 12.55 235.945 stns.dll
06/02/2006 12.45 236.148 mrvidc32.dll
06/02/2006 12.34 235.945 pdrfnw.dll
19/01/2006 23.01 38.925 gebyv.dll
08/02/2005 18.10 <DIR> dllcache
51 File 11.789.663 byte
1 Directory 1.071.824.896 byte disponibili

First:
Close any programs you have open since this step requires a reboot.

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter, then press any key to reboot your computer. After a reboot, your desktop and icons will appear, then disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, notepad will open with a log. Copy the contents of that log and paste it back into this thread, along with a new hijackthis log.


IMPORTANT: Do NOT run any other files in the l2mfix folder until you are asked to do so!



Second:
Run HiJackThis again and post a new log in this thread.

We are not finished. I still need a new HiJackThis log and would also appreciate a startup list per the instructions below.


Would you please use HiJackThis to produce a startup list and post it here:
1. From HJT main screen, click 'Config' button
2. Click 'Misc Tools' button
3. Check both boxes to the right of 'Generate StartupList Log' button
4. Click 'Generate StartupList Log' button
5. Click 'Yes' in the next dialog
6. Save the log and post a copy in this thread.