OTListIt logfile created on: 17/05/2009 10.59.13 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Charly\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 125,04 Mb Available Physical Memory | 24,45% Memory free
1,22 Gb Paging File | 0,83 Gb Available in Paging File | 67,88% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 97,65 Gb Total Space | 61,31 Gb Free Space | 62,79% Space Free | Partition Type: NTFS
Drive D: | 149,01 Gb Total Space | 101,49 Gb Free Space | 68,11% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 200,43 Gb Total Space | 23,44 Gb Free Space | 11,70% Space Free | Partition Type: NTFS
Computer Name: CHARLIEHAMMONDS
Current User Name: Charly
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programmi\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\WINDOWS\System32\GEARSec.exe (GEAR Software)
PRC - C:\Programmi\File comuni\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Programmi\Norton Ghost\Agent\GhostTray.exe (Symantec Corporation)
PRC - C:\Programmi\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Programmi\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programmi\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Programmi\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
PRC - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Programmi\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe ()
PRC - C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe (Nokia Corporation)
PRC - C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe ()
PRC - C:\Programmi\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programmi\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Charly\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Programmi\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc [On_Demand | Stopped]) -- C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (GEARSecurity [Auto | Running]) -- C:\WINDOWS\System32\GEARSec.exe (GEAR Software)
SRV - (gupdate1c9b5c88ba90e6e [Auto | Stopped]) -- C:\Programmi\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Programmi\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Programmi\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Norton Ghost [Auto | Running]) -- C:\Programmi\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ServiceLayer [On_Demand | Running]) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Symantec Core LC [Auto | Running]) -- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Programmi\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (ALCXSENS [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\eamon.sys (ESET)
DRV - (ehdrv [System | Running]) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET)
DRV - (GearAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (gmer [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (PRISM_USB [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\PRISMUSB.sys (Intersil Americas Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys ()
DRV - (SiSide [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex [Boot | Running]) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows ® 2000 DDK provider)
DRV - (SISNIC [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisnic.sys (SiS Corporation)
DRV - (SISNICXP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\sisnicxp.sys (SiS Corporation)
DRV - (sisperf [Boot | Running]) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (SymSnap [Boot | Running]) -- C:\WINDOWS\System32\drivers\SymSnap.sys (StorageCraft)
DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser.sys (Microsoft Corporation)
DRV - (USB_RNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys (Microsoft Corporation)
DRV - (V2IMount [System | Running]) -- C:\WINDOWS\System32\drivers\V2iMount.sys (Symantec Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/02/06 19.07.55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAMMI\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2009/05/15 12.12.38 | 00,000,000 | ---D | M]
O1 HOSTS File: (768 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Norton Ghost 10.0] "C:\Programmi\Norton Ghost\Agent\GhostTray.exe" (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog (Time Information Services Ltd.)
O4 - HKCU..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (Nokia)
O4 - HKCU..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] "C:\Programmi\uTorrent\uTorrent.exe" (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Charly\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{2C200C90-532D-4678-A3DB-1F81A4127325}\\NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{EEF4A304-DAD1-4E8B-872C-8F81EF10F3C0}\\NameServer = 85.255.112.170,85.255.112.235
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programmi\File comuni\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/08 12.50.05 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/02/04 09.04.28 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/02/04 08.04.30 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2003/01/01 02.32.58 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/02/04 09.04.28 | 00,000,000 | RHSD | M] - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{c50c6be3-1b9b-11de-a2d7-00115b8015dd}\Shell - "" = AutoRun
O33 - MountPoints2\{c50c6be3-1b9b-11de-a2d7-00115b8015dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c50c6be4-1b9b-11de-a2d7-00115b8015dd}\Shell - "" = AutoRun
O33 - MountPoints2\{c50c6be4-1b9b-11de-a2d7-00115b8015dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c50c6be9-1b9b-11de-a2d7-00115b8015dd}\Shell - "" = AutoRun
O33 - MountPoints2\{c50c6be9-1b9b-11de-a2d7-00115b8015dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/17 10.58.22 | 00,000,000 | ---D | M]
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/17 10.58.22 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Charly\Desktop\OTListIt2.exe
[2009/05/17 10.55.34 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/17 10.55.13 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Charly\Desktop\Rooter.exe
[2009/05/17 10.43.12 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/05/15 15.19.30 | 00,000,000 | ---D | C] -- C:\Programmi\HDQuality
[2009/05/15 12.25.16 | 94,395,5968 | ---- | C] () -- C:\DOCUME~1\Charly\Desktop\Transformers[2007]DvDrip[Eng]-aXXo.avi
[2009/05/15 12.12.30 | 00,000,000 | ---D | C] -- C:\Programmi\ESET
[2009/04/20 15.15.40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Charly\Dati applicazioni\Yahoo!
[2009/04/20 15.15.40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Yahoo! Companion
[2009/04/20 15.14.42 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/20 15.14.42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/04/20 15.14.29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/04/17 14.10.20 | 00,000,888 | ---- | C] () -- C:\DOCUME~1\Charly\Desktop\101 Dino Pets.lnk
[2009/04/17 14.10.00 | 00,000,000 | ---D | C] -- C:\Programmi\101 Dino Pets
[2009/01/28 00.03.33 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2009/01/28 00.03.31 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/10/15 10.54.04 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/09/14 09.56.05 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/12 18.11.42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\wunilog.ini
[2008/09/12 01.57.51 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/09/12 01.57.51 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008/09/08 17.47.42 | 00,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/08 15.19.09 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2008/09/08 15.17.29 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/08/28 14.06.52 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/08/28 14.06.52 | 00,585,728 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/03/29 23.00.40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005/06/15 17.20.00 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004/08/19 15.39.16 | 00,169,532 | RHS- | C] () -- C:\WINDOWS\System32\cqqrt.dll
[2004/07/17 11.36.38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/31 17.00.00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/31 17.00.00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/17 10.58.22 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Charly\Desktop\OTListIt2.exe
[2009/05/17 10.55.23 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Charly\Desktop\Rooter.exe
[2009/05/17 10.43.38 | 00,026,682 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/17 10.43.33 | 00,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/17 10.43.30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/17 10.43.29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Charly\Impostazioni locali\desktop.ini
[2009/05/17 10.43.26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/16 23.06.46 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/16 05.53.09 | 94,395,5968 | ---- | M] () -- C:\DOCUME~1\Charly\Desktop\Transformers[2007]DvDrip[Eng]-aXXo.avi
[2009/05/14 23.54.13 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/05 22.25.02 | 00,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/20 15.17.59 | 00,000,074 | -HS- | M] () -- C:\DOCUME~1\Charly\Documenti\desktop.ini
[2009/04/17 14.10.20 | 00,000,888 | ---- | M] () -- C:\DOCUME~1\Charly\Desktop\101 Dino Pets.lnk
< End of report >
OTListIt Extras logfile created on: 17/05/2009 10.59.13 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Charly\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 125,04 Mb Available Physical Memory | 24,45% Memory free
1,22 Gb Paging File | 0,83 Gb Available in Paging File | 67,88% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 97,65 Gb Total Space | 61,31 Gb Free Space | 62,79% Space Free | Partition Type: NTFS
Drive D: | 149,01 Gb Total Space | 101,49 Gb Free Space | 68,11% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 200,43 Gb Total Space | 23,44 Gb Free Space | 11,70% Space Free | Partition Type: NTFS
Computer Name: CHARLIEHAMMONDS
Current User Name: Charly
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Programmi\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"2110:TCP" = 2110:TCP:*:Enabled:dzvyby
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater (Nokia Corporation)
C:\Programmi\File comuni\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process (Nokia Corporation)
C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Programmi\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 13
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}" = Norton Ghost 10.0
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4C309A0F-B84F-4766-ADF5-DF07EF303D4B}" = USB Remote NDIS Network Device
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90280410-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional con FrontPage
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1040-7B44-A91000000001}" = Adobe Reader 9.1 - Italiano
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus
"{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver
"{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"101 Dino Pets" = 101 Dino Pets 1.0
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Pacchetto driver Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Pacchetto driver Windows - Nokia Modem (05/22/2008 3.8)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.1
"Google Chrome" = Google Chrome
"HDQuality" = HDQuality
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"VLC media player" = VLC media player 0.9.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR gestione archivi
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22/02/2009 9.36.27 | Computer Name = CHARLIEHAMMONDS | Source = nview_info | ID = 11141121
Description =
Error - 22/02/2009 9.36.27 | Computer Name = CHARLIEHAMMONDS | Source = nview_info | ID = 11141121
Description =
Error - 23/02/2009 5.37.22 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore drwtsn32.exe, versione 5.1.2600.0,
modulo che ha provocato l'errore dbghelp.dll, versione 5.1.2600.2180, indirizzo
errore 0x0001295d.
Error - 24/02/2009 5.22.33 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.2180,
modulo che ha provocato l'errore , versione 0.0.0.0, indirizzo errore 0x00000000.
Error - 24/02/2009 6.36.42 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.2180,
modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo errore 0x05611468.
Error - 25/02/2009 5.57.03 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wmplayer.exe, versione 11.0.5721.5145,
modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo errore 0x063f1468.
Error - 27/02/2009 14.18.44 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wmplayer.exe, versione 11.0.5721.5145,
modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo errore 0x094d1468.
Error - 27/02/2009 14.19.20 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.2180,
modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo errore 0x06f71468.
Error - 27/02/2009 14.19.22 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wmplayer.exe, versione 11.0.5721.5145,
modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo errore 0x06da1468.
Error - 27/02/2009 14.20.46 | Computer Name = CHARLIEHAMMONDS | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.2180,
modulo che ha provocato l'errore divx.dll, versione 6.8.5.5, indirizzo errore 0x00131468.
[ System Events ]
Error - 17/05/2009 3.29.05 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 3.29.05 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.13.03 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.30.18 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio wuauserv con gli argomenti "" per eseguire il server {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 17/05/2009 4.32.02 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.43.35 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.43.36 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.43.37 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.43.37 | Computer Name = CHARLIEHAMMONDS | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio BITS con gli argomenti "" per eseguire il server {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 17/05/2009 4.44.57 | Computer Name = CHARLIEHAMMONDS | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: PCIIde
< End of report >
Microsoft Windows XP Professional (5.1.2600) Service Pack 2
C:\ [Fixed] - NTFS - (Total:99998 Mo/Free:1345 Mo)
D:\ [Fixed] - FAT32 - (Total:152588 Mo/Free:1528 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)
K:\ [Fixed] - NTFS - (Total:205244 Mo/Free:3523 Mo)
L:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
17/05/2009|10.55
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
---------- C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Programmi\Bonjour\mDNSResponder.exe
---------- C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\WINDOWS\SOUNDMAN.EXE
---------- C:\WINDOWS\AGRSMMSG.exe
---------- C:\WINDOWS\System32\GEARSec.exe
---------- C:\Programmi\File comuni\Symantec Shared\ccApp.exe
---------- C:\Programmi\Norton Ghost\Agent\GhostTray.exe
---------- C:\Programmi\iTunes\iTunesHelper.exe
---------- C:\Programmi\Java\jre6\bin\jusched.exe
---------- C:\Programmi\Google\Update\GoogleUpdate.exe
---------- C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\Programmi\Java\jre6\bin\jqs.exe
---------- C:\Programmi\DAEMON Tools Lite\daemon.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Programmi\Norton Ghost\Agent\VProSvc.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
---------- C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
---------- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
---------- C:\Programmi\iPod\bin\iPodService.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
---------- C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
---------- C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
---------- C:\Programmi\Internet Explorer\iexplore.exe
---------- C:\Programmi\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
DhcpNameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{EEF4A304-DAD1-4E8B-872C-8F81EF10F3C0}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
DhcpNameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\..\{EEF4A304-DAD1-4E8B-872C-8F81EF10F3C0}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{2C200C90-532D-4678-A3DB-1F81A4127325}]
DhcpNameServer REG_SZ 85.255.112.170,85.255.112.235
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{EEF4A304-DAD1-4E8B-872C-8F81EF10F3C0}]
NameServer REG_SZ 85.255.112.170,85.255.112.235
==> WAREOUT <==
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - 17/05/2009|10.56
----------------------\\ Scan completed at 10.56
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
Hidden driver "gxvxcserv.sys" found!
ImagePath: \systemroot\system32\drivers\gxvxclkyfuxfmlwvtbwgbopdtrnopyrgikhac.sys
Start Type: 1 (System)
Rootkit scan completed.
Completed script processing.
*******************
Finished! Terminate.
Logfile of random's system information tool 1.05 (written by random/random)
Run by Charly at 2009-05-17 09:54:18
Microsoft Windows XP Professional Service Pack 2
System drive C: has 63 GB (63%) free of 100 GB
Total RAM: 511 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9.54.24, on 17/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Norton Ghost\Agent\GhostTray.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Charly\Desktop\VIRUS STUFF\RSIT.exe
C:\Programmi\Trend Micro\HijackThis\Charly.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programmi\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Programmi\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C200C90-532D-4678-A3DB-1F81A4127325}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{EEF4A304-DAD1-4E8B-872C-8F81EF10F3C0}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS1\Services\Tcpip\..\{2C200C90-532D-4678-A3DB-1F81A4127325}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C200C90-532D-4678-A3DB-1F81A4127325}: NameServer = 85.255.112.170,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.170,85.255.112.235
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Servizio di Google Update (gupdate1c9b5c88ba90e6e) (gupdate1c9b5c88ba90e6e) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Programmi\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 11449 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll [2008-11-20 911600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programmi\google\googletoolbar1.dll [2008-09-08 2423872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-17 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Programmi\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-11-20 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programmi\google\googletoolbar1.dll [2008-09-08 2423872]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll [2008-11-20 911600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-06-15 6803456]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-06-15 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-01-09 65536]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Programmi\File comuni\Symantec Shared\ccApp.exe [2005-01-20 58992]
"Norton Ghost 10.0"=C:\Programmi\Norton Ghost\Agent\GhostTray.exe [2005-09-09 1537648]
"QuickTime Task"=C:\Programmi\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Programmi\iTunes\iTunesHelper.exe [2008-11-20 290088]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Programmi\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"egui"=C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"swg"=C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-17 68856]
"uTorrent"=C:\Programmi\uTorrent\uTorrent.exe [2009-04-10 281904]
"Nokia.PCSync"=C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]
"PC Suite Tray"=C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-08-11 1124352]
"MSMSGS"=C:\Programmi\Messenger\msmsgs.exe [2004-08-19 1667584]
"Messenger (Yahoo!)"=C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe [2008-09-19 4347120]
"DAEMON Tools Lite"=C:\Programmi\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\Charly\Menu Avvio\Programmi\Esecuzione automatica
Adobe Gamma.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programmi\uTorrent\uTorrent.exe"="C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programmi\File comuni\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programmi\File comuni\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Programmi\Messenger\msmsgs.exe"="C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe"="C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Programmi\Skype\Phone\Skype.exe"="C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Programmi\iTunes\iTunes.exe"="C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programmi\Bonjour\mDNSResponder.exe"="C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programmi\Java\jre6\bin\java.exe"="C:\Programmi\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c50c6be3-1b9b-11de-a2d7-00115b8015dd}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c50c6be4-1b9b-11de-a2d7-00115b8015dd}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c50c6be9-1b9b-11de-a2d7-00115b8015dd}]
shell\AutoRun\command - F:\AutoRun.exe
======List of files/folders created in the last 1 months======
2009-05-15 15:19:30 ----D---- C:\Programmi\HDQuality
2009-05-15 12:12:30 ----D---- C:\Programmi\ESET
2009-04-20 15:15:40 ----D---- C:\Documents and Settings\Charly\Dati applicazioni\Yahoo!
2009-04-20 15:15:40 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Yahoo! Companion
2009-04-20 15:14:42 ----HDC---- C:\WINDOWS\ie8
2009-04-20 15:14:42 ----D---- C:\WINDOWS\system32\en-US
2009-04-20 15:14:29 ----HD---- C:\WINDOWS\msdownld.tmp
======List of files/folders modified in the last 1 months======
2009-05-17 09:29:52 ----D---- C:\WINDOWS\Temp
2009-05-17 09:29:32 ----D---- C:\Documents and Settings\Charly\Dati applicazioni\uTorrent
2009-05-17 01:37:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-16 23:21:51 ----D---- C:\WINDOWS\Prefetch
2009-05-16 23:10:50 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-16 23:07:12 ----D---- C:\WINDOWS
2009-05-15 15:19:30 ----RD---- C:\Programmi
2009-05-15 15:15:29 ----D---- C:\WINDOWS\system32\drivers
2009-05-15 15:15:29 ----D---- C:\WINDOWS\system32
2009-05-15 12:13:40 ----SHD---- C:\WINDOWS\Installer
2009-05-15 12:13:26 ----HD---- C:\WINDOWS\inf
2009-05-14 23:54:13 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-02 00:35:11 ----SD---- C:\WINDOWS\Tasks
2009-04-25 13:17:25 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Adobe
2009-04-25 13:17:12 ----D---- C:\Programmi\Adobe
2009-04-20 16:34:47 ----D---- C:\WINDOWS\network diagnostic
2009-04-20 15:17:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-20 15:17:50 ----D---- C:\WINDOWS\Media
2009-04-20 15:17:50 ----D---- C:\WINDOWS\Help
2009-04-20 15:17:50 ----D---- C:\Programmi\Internet Explorer
2009-04-20 15:15:43 ----D---- C:\Programmi\Yahoo!
2009-04-20 15:15:43 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Yahoo!
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 V2IMount;V2IMount; C:\WINDOWS\system32\drivers\V2IMount.sys [2005-09-09 56192]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-01-09 601100]
R3 Arp1394;Protocollo client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-19 60800]
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-31 9600]
R3 MODEMCSA;Periferica filtro flusso Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-31 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-19 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-06-15 3200256]
R3 PRISM_USB;D-Link Air DWL-122 Wireless USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\PRISMUSB.sys [2003-04-10 636502]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2006-02-14 32768]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Driver miniport per controller open host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 a57d5nz1;a57d5nz1; C:\WINDOWS\system32\drivers\a57d5nz1.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-01-28 85969]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 sermouse;Driver del mouse seriale; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-30 18176]
S3 SISNIC;Driver per scheda Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 USB_RNDIS;DSL Router; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-03 12672]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WINFLASH;WINFLASH; \??\C:\Documents and Settings\Charly\Desktop\winflash174\WinFlash.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-31 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Programmi\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe [2005-01-20 198256]
R2 ccSetMgr;Symantec Settings Manager; C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe [2005-01-20 165488]
R2 ekrn;ESET Service; C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2005-09-09 53248]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programmi\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Norton Ghost;Norton Ghost; C:\Programmi\Norton Ghost\Agent\VProSvc.exe [2008-09-08 2066024]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-06-15 127043]
R2 Symantec Core LC;Symantec Core LC; C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-09-08 822424]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 YahooAUService;Yahoo! Updater; C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 iPod Service;Servizio iPod; C:\Programmi\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 ServiceLayer;ServiceLayer; C:\Programmi\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S2 gupdate1c9b5c88ba90e6e;Servizio di Google Update (gupdate1c9b5c88ba90e6e); C:\Programmi\Google\Update\GoogleUpdate.exe [2009-04-05 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-08 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccPwdSvc;Symantec Password Validation; C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe [2005-01-20 79472]
S3 EhttpSrv;ESET HTTP Server; C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 gusvc;Google Updater Service; C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-08 138168]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; C:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-02 918528]
-----------------EOF-----------------