it's some months I'm experiencing a very annoying malfunction. In detatil, it happens that when I click on the + symbol in the left panel of the Windows Explorer to browse through folders, it stays hanging for nearly 20 seconds before reacting. Besides, when I click on a folder, it takes a lot of time to show in the right panel the files in it. Finally, sometimes the system looks jammed for dozens of seconds: I switch from the browser to Explorer and I got on the screen a mix of the two windows till it turns ok.
My PC is part of a corporate LAN.
Corporate antivirus sw (Symantec) didn't show malware at the scan.
I installed AVG too (I can't switch off Symantec) and it prompted to me two malwares:
A028911.EXE <> Trojan Generic18.AFDX
A028910.EXE <> Trojan BackDoor.Generic12.CHFE
Here is the OTL log:
OTL logfile created on: 16/11/2010 14:25:05 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\_Utility\OS-Antivirus & Repair
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italy | Language: ITA | Date Format: dd/MM/yyyy
1.007,00 Mb Total Physical Memory | 152,00 Mb Available Physical Memory | 15,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 78,96 Gb Free Space | 52,97% Space Free | Partition Type: NTFS
Computer Name: WKNT2006137201 | User Name: 37341395 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/11 11:57:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\_Utility\OS-Antivirus & Repair\OTL.exe
PRC - [2010/11/01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/10/25 07:16:12 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/10/25 07:16:04 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/10/25 07:16:04 | 001,459,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/10/25 07:16:03 | 000,349,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
PRC - [2010/10/25 07:16:02 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 12:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 17:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 17:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 17:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 17:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/07 03:50:52 | 001,675,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcmgr.exe
PRC - [2010/09/07 03:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
PRC - [2004/12/01 09:07:20 | 000,139,264 | ---- | M] (OTi) -- C:\WINDOWS\system32\UStorSrv.exe
PRC - [2004/05/21 18:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [1999/11/30 11:06:00 | 000,042,256 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\37341395\Start Menu\Programs\Startup\CLOCK.EXE
PRC - [1999/03/24 15:57:10 | 000,043,520 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
========== Modules (SafeList) ==========
MOD - [2010/11/11 11:57:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\_Utility\OS-Antivirus & Repair\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/10/25 07:16:04 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/10/25 07:16:03 | 000,349,512 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/10/25 07:16:02 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/02/17 09:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/12/01 09:07:20 | 000,139,264 | ---- | M] (OTi) [Auto | Running] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/10/25 07:21:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/10/25 07:16:15 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/10/25 07:16:15 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/10/25 07:16:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/10/25 07:15:58 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/09/28 09:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101115.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 09:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101115.048\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/30 09:51:32 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/30 09:51:32 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/05/12 23:40:04 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/12/10 15:40:16 | 000,142,992 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/13 12:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2007/04/13 02:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007/01/13 10:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/12/06 11:12:56 | 000,044,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2006/11/07 03:32:00 | 000,046,976 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPKBCCID.sys -- (HPKBCCID)
DRV - [2006/10/12 08:52:04 | 004,387,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/27 17:09:24 | 000,140,800 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004/12/16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/11/19 17:46:46 | 000,367,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2004/10/24 23:04:00 | 000,007,796 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Stc2Dfu.sys -- (STC2DFU)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/05/27 14:47:18 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/05/21 18:16:50 | 000,245,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL20.sys -- (PhilCam8116_XP) Logitech QuickCam Pro 3000(PID_08B1)
DRV - [1999/02/19 13:14:18 | 000,018,432 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CxUSB.sys -- (CxUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [String data over 1000 bytes]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = grfpra001rm001.griffon.local:8080
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..network.proxy.backup.ftp: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "10.*,*.local,*.pv.telecomitalia.it,*.rete.telecomitalia.it,*.dre,*.dg.telecomitalia.it,*.cww.*,*.legacy.telecomitalia.it,151.10.*,*.pirelli.telecomitalia.it,*.wifiarea.it,*.cb.telecomitalia.it,im.telecomitalia.it,it-fo*,noiportal.*,*.noiportal.*,documentale.telecomitalia.it,betadocumentale.telecomitalia.it,webmail.telecomitalia.it,home.tessweb.it,soa404.telecomitalia.it,*tils.*,*.cnd.it,griffon.*,*.intranet.tim.it,kpitrattative.telecomitalia.it,*.pd.tim.it,*.privati.telecomitalia.it,portale.crmbusiness.telecomitalia.it,*open.telecomitalia.it,incasna.*,incasnd.*,163.162.*,*.cselt.it,*.tilab.com,ditimese01.rm.tim.it,*.tim.it*,ssc*,mail.telecomitalia.it,sans-cs.telecomitalia.it,localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/11/09 10:13:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/17 13:46:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/08 07:18:58 | 000,000,000 | ---D | M]
[2009/07/15 15:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\37341395\Application Data\Mozilla\Extensions
[2009/09/14 13:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\37341395\Application Data\Mozilla\Firefox\Profiles\rg5urqu6.default\extensions
[2009/08/17 16:55:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\37341395\Application Data\Mozilla\Firefox\Profiles\rg5urqu6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/04/20 12:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/20 12:08:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/20 12:08:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/06/24 12:57:45 | 000,001,412 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\demauro.xml
[2009/06/24 12:57:45 | 000,000,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-it.xml
[2009/06/24 12:57:45 | 000,001,182 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-it.xml
[2009/06/24 12:57:45 | 000,000,649 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: ([2010/11/10 12:45:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\CLOCK.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk = C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Windows Explorer.lnk = C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Ranges: Range1 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range11 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range12 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range13 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range14 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range14 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range15 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range16 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range17 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range6 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range7 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range8 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range9 ([http] in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1185452941359 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} http://f008.mail.lyc...ileUploader.cab (Lycos File Upload Component)
O16 - DPF: {CAFECAFE-0013-0001-0013-ABCDEFABCDEF} http://checksuite.re...iator/jinit.exe (JInitiator 1.3.1.13)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = telecomitalia.local
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\_Documenti\Immagini\Moto\Kawa.bmp
O24 - Desktop BackupWallPaper: C:\_Documenti\Immagini\Moto\Kawa.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/24 23:02:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/11/11 11:18:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/11/10 12:29:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/10 12:29:59 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/10 12:29:59 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/10 12:29:59 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/10 12:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/10 12:27:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/09 13:29:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/11/09 13:27:25 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010/11/09 13:20:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010/11/09 11:28:20 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/11/09 10:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\37341395\Application Data\AVG10
[2010/11/09 10:15:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/11/09 10:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/11/09 10:13:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/11/09 10:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/11/09 10:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/11/09 09:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\37341395\Application Data\QuickScan
[2010/10/25 07:16:15 | 000,320,944 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspl.sys
[2010/10/25 07:16:15 | 000,107,848 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\SymVPN.dll
[2010/10/25 07:16:15 | 000,087,368 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\FwsVpn.dll
[2010/10/25 07:16:15 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspx.sys
[2010/10/25 07:16:14 | 000,283,184 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtsp.sys
[2007/07/25 22:36:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007/07/25 22:36:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007/07/25 22:36:45 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/16 13:33:01 | 000,001,240 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1801674531-682003330-215219UA.job
[2010/11/16 10:54:11 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C09FFEE6-D4BF-4C02-AE5F-DBEB334FDAC9}.job
[2010/11/16 08:46:09 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
[2010/11/16 08:34:12 | 099,259,165 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/16 08:30:09 | 000,000,467 | ---- | M] () -- C:\WINDOWS\SMSCFG.ini
[2010/11/16 08:28:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/15 14:33:03 | 000,001,188 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1801674531-682003330-215219Core.job
[2010/11/15 11:54:05 | 000,290,816 | ---- | M] () -- C:\Daily Monitor MACRO.xls
[2010/11/15 08:35:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/10 12:51:06 | 000,443,386 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/10 12:51:06 | 000,072,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/10 12:45:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/09 14:21:07 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\37341395\Application Data\Microsoft\Internet Explorer\Quick Launch\Avvia Microsoft Office Outlook.lnk
[2010/11/09 13:28:39 | 000,001,809 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/09 09:48:38 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\housecall.guid.cache
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/10/29 13:33:54 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\37341395\Desktop\New Microsoft Word Document.doc
[2010/10/29 08:30:14 | 000,290,816 | ---- | M] () -- C:\Daily Monitor MACRO old.xls
[2010/10/25 07:21:18 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/10/25 07:21:18 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/10/25 07:21:18 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/10/25 07:21:18 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/10/25 07:16:15 | 000,320,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspl.sys
[2010/10/25 07:16:15 | 000,107,848 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\SymVPN.dll
[2010/10/25 07:16:15 | 000,087,368 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\FwsVpn.dll
[2010/10/25 07:16:15 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspx.sys
[2010/10/25 07:16:15 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspx.cat
[2010/10/25 07:16:15 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspl.cat
[2010/10/25 07:16:15 | 000,001,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspl.inf
[2010/10/25 07:16:15 | 000,001,421 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspx.inf
[2010/10/25 07:16:14 | 000,283,184 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtsp.sys
[2010/10/25 07:16:14 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtsp.cat
[2010/10/25 07:16:14 | 000,001,415 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtsp.inf
[2010/10/18 07:08:27 | 000,000,014 | ---- | M] () -- C:\WINDOWS\hpmssnpjt.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/16 08:34:12 | 099,259,165 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/10 12:29:59 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/10 12:29:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/10 12:29:59 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/10 12:29:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/10 12:29:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/09 13:19:32 | 000,001,809 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/11/09 09:48:38 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\housecall.guid.cache
[2010/10/25 07:16:15 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspx.cat
[2010/10/25 07:16:15 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspl.cat
[2010/10/25 07:16:15 | 000,001,430 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspl.inf
[2010/10/25 07:16:15 | 000,001,421 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspx.inf
[2010/10/25 07:16:14 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtsp.cat
[2010/10/25 07:16:14 | 000,001,415 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtsp.inf
[2010/03/04 09:32:40 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/08/27 13:15:40 | 000,000,014 | ---- | C] () -- C:\WINDOWS\hpmssnpjt.ini
[2009/08/26 16:16:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/08/26 16:16:56 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PdfPorts.dll
[2009/07/14 12:50:22 | 000,000,321 | ---- | C] () -- C:\WINDOWS\httpweazel.ini
[2008/12/17 17:23:48 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2008/12/17 17:23:48 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2008/12/11 15:29:05 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/12/11 15:29:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/12/11 14:53:02 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/20 16:58:03 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2008/11/20 16:57:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2008/11/04 13:35:31 | 003,203,072 | ---- | C] () -- C:\WINDOWS\System32\lcppn201.dll
[2008/11/04 13:35:31 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\nlsxdsgn.dll
[2008/11/04 13:33:49 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2008/11/04 13:33:49 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2008/11/04 13:33:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2008/11/04 13:33:49 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2008/11/04 13:33:49 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2008/11/03 09:32:03 | 000,017,016 | ---- | C] () -- C:\WINDOWS\System32\SS32DVR.DLL
[2007/07/26 14:19:17 | 000,160,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/07/26 13:34:18 | 000,013,735 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2007/07/25 22:39:19 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2007/07/25 22:39:19 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/07/25 22:39:13 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007/07/25 22:36:49 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007/07/25 22:36:49 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007/07/25 22:36:47 | 000,367,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007/07/25 21:12:06 | 000,650,608 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/07/25 21:12:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2007/07/25 00:54:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/07/24 23:42:47 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550u.dll
[2007/07/24 23:42:47 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550o.dll
[2007/07/24 23:42:47 | 000,003,646 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550u.ini
[2007/07/24 23:27:47 | 000,000,467 | ---- | C] () -- C:\WINDOWS\SMSCFG.ini
[2007/07/24 23:25:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/24 23:22:15 | 000,019,838 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2007/07/24 23:21:05 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2007/07/24 23:15:16 | 000,002,004 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
< End of report >
While waiting for any suggestion, I thank you so much for your help.