Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

problems after infection Worm.Win32.Brontok.q


  • This topic is locked This topic is locked
4 replies to this topic

#1 moricand85

moricand85

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 24 November 2008 - 05:07 PM

Hi,
enyone could tell me if my computer is ok?
I've some problems with this: F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\sembako-dfzjlli.exe"



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.45.47, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programmi\File comuni\Maxtor\Schedule2\schedul2.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
C:\Programmi\ASUS\ATK Hotkey\HControl.exe
C:\Programmi\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\ASUS\ATK Hotkey\ATKOSD.exe
C:\Programmi\ASUS\ATK Hotkey\KBFiltr.exe
C:\Programmi\ASUS\ATK Hotkey\WDC.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\sembako-dfzjlli.exe"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Programmi\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Programmi\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programmi\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Programmi\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1225797417524
O17 - HKLM\System\CCS\Services\Tcpip\..\{395A9EC7-A035-4D91-8F30-614EC79C49E6}: NameServer = 85.37.17.7 85.38.28.95
O17 - HKLM\System\CS1\Services\Tcpip\..\{395A9EC7-A035-4D91-8F30-614EC79C49E6}: NameServer = 85.37.17.7 85.38.28.95
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Maxtor\Schedule2\schedul2.exe
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programmi\Maxtor\Sync\SyncServices.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

BC AdBot (Login to Remove)

 


#2 moricand85

moricand85
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 24 November 2008 - 05:24 PM

Logfile of random's system information tool 1.04 (written by random/random)
Run by PC-USER at 2008-11-24 23:23:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 217 GB (95%) free of 228 GB
Total RAM: 3071 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.23.08, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programmi\File comuni\Maxtor\Schedule2\schedul2.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
C:\Programmi\ASUS\ATK Hotkey\HControl.exe
C:\Programmi\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\ASUS\ATK Hotkey\ATKOSD.exe
C:\Programmi\ASUS\ATK Hotkey\KBFiltr.exe
C:\Programmi\ASUS\ATK Hotkey\WDC.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\PC-USER\Desktop\RSIT.exe
C:\Programmi\Trend Micro\HijackThis\PC-USER.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\sembako-dfzjlli.exe"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Programmi\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Programmi\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programmi\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Programmi\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1225797417524
O17 - HKLM\System\CCS\Services\Tcpip\..\{395A9EC7-A035-4D91-8F30-614EC79C49E6}: NameServer = 85.37.17.7 85.38.28.95
O17 - HKLM\System\CS1\Services\Tcpip\..\{395A9EC7-A035-4D91-8F30-614EC79C49E6}: NameServer = 85.37.17.7 85.38.28.95
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Maxtor\Schedule2\schedul2.exe
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programmi\Maxtor\Sync\SyncServices.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 8578 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-04 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Programmi\Java\jre6\bin\ssv.dll [2008-11-07 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programmi\Java\jre6\bin\jp2ssv.dll [2008-11-07 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-07 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"=C:\Programmi\ASUS\ATK Hotkey\MsgTranAgt.exe [2007-11-04 106496]
"HControlUser"=C:\Programmi\ASUS\ATK Hotkey\HControlUser.exe [2008-01-11 98304]
"ATKHOTKEY"=C:\Programmi\ASUS\ATK Hotkey\HControl.exe [2008-06-26 217088]
"ATKOSD2"=C:\Programmi\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"StartCCC"=C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-20 16872448]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"SynTPEnh"=C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [2007-11-15 1024000]
"ATKMEDIA"=C:\Programmi\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"AVP"=C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-04-25 201992]
"RemoteControl"=C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NWEReboot"= []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Wireless Console 2"=C:\Programmi\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Programmi\Atheros\ACU.exe [2007-10-23 376921]
"SunJavaUpdateSched"=C:\Programmi\Java\jre6\bin\jusched.exe [2008-11-07 136600]
""= []
"RoxWatchTray"=C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
"Bron-Spizaetus"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Programmi\Messenger\msmsgs.exe [2008-04-14 1695232]
"Tok-Cirrhatus"= []

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Windows Search.lnk - C:\Programmi\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\PC-USER\Menu Avvio\Programmi\Esecuzione automatica
CCC.lnk - C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-04-22 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programmi\Windows Live\Messenger\livecall.exe"="C:\Programmi\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programmi\Windows Live\Messenger\livecall.exe"="C:\Programmi\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-11-24 23:09:54 ----D---- C:\rsit
2008-11-24 22:32:11 ----D---- C:\!KillBox
2008-11-24 22:15:33 ----D---- C:\Programmi\Trend Micro
2008-11-24 22:01:30 ----D---- C:\Programmi\HD Tune
2008-11-24 18:53:38 ----D---- C:\Programmi\CCleaner
2008-11-24 18:51:41 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-24 17:34:58 ----D---- C:\WINDOWS\Minidump
2008-11-22 16:45:45 ----A---- C:\WINDOWS\ModemLog_Modem standard.txt
2008-11-22 02:36:36 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\vlc
2008-11-22 02:34:09 ----D---- C:\Programmi\VideoLAN
2008-11-19 10:24:39 ----A---- C:\WINDOWS\system32\RC98E140.DLL
2008-11-19 10:24:39 ----A---- C:\WINDOWS\system32\Ne30Cdat.dll
2008-11-19 10:24:39 ----A---- C:\WINDOWS\ricdb.ini
2008-11-17 11:27:00 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Roxio
2008-11-17 11:24:38 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Blackberry Desktop
2008-11-17 09:51:57 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-11-17 09:51:56 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-11-14 20:26:27 ----D---- C:\WINDOWS\Downloaded Installations
2008-11-14 20:26:02 ----D---- C:\Maxtor temp
2008-11-14 20:23:58 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-14 20:09:10 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Maxtor
2008-11-14 20:06:05 ----D---- C:\Programmi\Maxtor
2008-11-14 20:06:05 ----D---- C:\Programmi\File comuni\Maxtor
2008-11-14 14:56:41 ----A---- C:\WINDOWS\uninst.exe
2008-11-14 08:37:31 ----D---- C:\Programmi\MSXML 4.0
2008-11-12 11:19:07 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Research In Motion
2008-11-12 11:18:26 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-11-12 10:45:19 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\InstallShield
2008-11-12 10:45:16 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Sonic
2008-11-12 10:42:04 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Roxio
2008-11-12 10:42:03 ----D---- C:\Programmi\File comuni\Sonic Shared
2008-11-12 10:42:02 ----D---- C:\Programmi\Roxio
2008-11-12 10:41:57 ----D---- C:\Programmi\File comuni\Roxio Shared
2008-11-12 10:35:56 ----D---- C:\Programmi\File comuni\Research In Motion
2008-11-12 10:35:48 ----D---- C:\Programmi\Research In Motion
2008-11-12 10:24:20 ----SHD---- C:\WINDOWS\ftpcache
2008-11-12 08:34:40 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 08:34:35 ----HD---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 08:34:29 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-08 20:09:22 ----D---- C:\WINDOWS\Sun
2008-11-08 13:06:45 ----D---- C:\Programmi\SpeedFan
2008-11-08 12:19:21 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-07 17:01:21 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-07 17:01:21 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-07 17:01:21 ----A---- C:\WINDOWS\system32\java.exe
2008-11-07 17:01:21 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-07 17:01:14 ----D---- C:\Programmi\Java
2008-11-07 16:59:31 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Sun
2008-11-07 11:50:13 ----D---- C:\Programmi\7-Zip
2008-11-07 09:21:22 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2008-11-07 09:21:20 ----A---- C:\WINDOWS\system32\VB6IT.DLL
2008-11-07 09:21:20 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2008-11-07 09:21:20 ----A---- C:\WINDOWS\system32\MSCMCIT.DLL
2008-11-07 09:21:20 ----A---- C:\WINDOWS\system32\MSCC2IT.DLL
2008-11-06 14:41:16 ----SHD---- C:\FOUND.001
2008-11-06 14:36:54 ----A---- C:\ctapi_out_gr.txt
2008-11-06 11:42:15 ----A---- C:\WINDOWS\system32\muweb.dll
2008-11-06 11:42:15 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-06 11:42:15 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-06 09:46:22 ----D---- C:\lcaresrv
2008-11-06 01:36:26 ----HD---- C:\WINDOWS\PIF
2008-11-05 16:34:41 ----D---- C:\WINDOWS\system32\DRVSTORE
2008-11-05 16:21:30 ----SHD---- C:\Programmi\File comuni\WindowsLiveInstaller
2008-11-05 16:21:23 ----D---- C:\Programmi\Windows Live
2008-11-05 16:21:14 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-11-05 16:10:54 ----SHD---- C:\FOUND.000
2008-11-05 16:07:02 ----D---- C:\Programmi\PDFCreator
2008-11-05 14:37:32 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Windows Search
2008-11-05 14:06:12 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Windows Desktop Search
2008-11-05 14:05:35 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-11-05 14:05:35 ----D---- C:\Programmi\Windows Desktop Search
2008-11-05 14:05:17 ----HD---- C:\WINDOWS\$NtUninstallKB940157$
2008-11-05 14:05:06 ----HD---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-11-05 10:37:06 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Mozilla
2008-11-05 10:37:01 ----D---- C:\Programmi\Mozilla Firefox
2008-11-05 09:44:22 ----A---- C:\WINDOWS\system32\acs.exe
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wsimd.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wgapiloc.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wgapi.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wcapiU.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\wcapi.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\dsaNac.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\dsa.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\athcfg20U.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\athcfg20resU.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\athcfg20res.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\athcfg20.dll
2008-11-05 09:44:13 ----A---- C:\WINDOWS\system32\athcfg11resloc.dll
2008-11-05 09:44:08 ----D---- C:\Programmi\Atheros
2008-11-05 09:42:46 ----D---- C:\Programmi\Wireless Console 2
2008-11-05 09:23:09 ----HD---- C:\_rpcs
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\TrackID.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\TIFmtA.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\TIBase64.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\SPC42dat.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\rpcsecl.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RPCS.ini
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RICJC32.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RICDB32.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\rdrvlog.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\rdrvinf.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RCPRINT.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RCINST.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RCB2E140.DLL
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\rc4mon.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\Rc4manNT.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\RC00C140.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\MFRICRES.dll
2008-11-05 09:23:09 ----A---- C:\WINDOWS\system32\JCUI.exe
2008-11-04 19:01:21 ----D---- C:\Programmi\Kaspersky Lab
2008-11-04 19:01:21 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
2008-11-04 18:57:25 ----D---- C:\Program Files
2008-11-04 18:50:25 ----ASH---- C:\Documents and Settings\PC-USER\Dati applicazioni\desktop.ini
2008-11-04 18:50:24 ----SD---- C:\Documents and Settings\PC-USER\Dati applicazioni\Microsoft
2008-11-04 18:50:24 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\InstallShield
2008-11-04 18:50:24 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Identities
2008-11-04 18:50:24 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\ATI
2008-11-04 18:16:32 ----D---- C:\temp
2008-11-04 18:16:31 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Atheros
2008-11-04 18:16:29 ----SHD---- C:\Recycled
2008-11-04 18:16:23 ----A---- C:\WINDOWS\smscfg.ini
2008-11-04 18:15:51 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\ATI
2008-11-04 18:15:46 ----D---- C:\WINDOWS\system32\Lang
2008-11-04 18:14:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-04 18:14:07 ----D---- C:\Programmi\Synaptics
2008-11-04 18:14:07 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2008-11-04 18:14:07 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2008-11-04 18:14:07 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2008-11-04 18:14:07 ----A---- C:\WINDOWS\system32\SynCOM.dll
2008-11-04 18:13:04 ----D---- C:\WINDOWS\Motorola
2008-11-04 18:10:45 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-11-04 18:10:33 ----D---- C:\WINDOWS\system32\RTCOM
2008-11-04 18:10:28 ----A---- C:\WINDOWS\SoundMan.exe
2008-11-04 18:10:28 ----A---- C:\WINDOWS\SkyTel.exe
2008-11-04 18:10:28 ----A---- C:\WINDOWS\RtlUpd.exe
2008-11-04 18:10:27 ----A---- C:\WINDOWS\RTLCPL.exe
2008-11-04 18:10:25 ----A---- C:\WINDOWS\RTHDCPL.exe
2008-11-04 18:10:25 ----A---- C:\WINDOWS\MicCal.exe
2008-11-04 18:10:23 ----D---- C:\Programmi\Realtek
2008-11-04 18:10:23 ----A---- C:\WINDOWS\alcwzrd.exe
2008-11-04 18:10:23 ----A---- C:\WINDOWS\Alcmtr.exe
2008-11-04 18:10:20 ----A---- C:\WINDOWS\RtlExUpd.dll
2008-11-04 18:10:20 ----A---- C:\WINDOWS\HideWin.exe
2008-11-04 18:05:36 ----HD---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-11-04 18:05:18 ----D---- C:\Programmi\ATI Technologies
2008-11-04 18:05:09 ----D---- C:\Programmi\File comuni\InstallShield
2008-11-04 18:05:06 ----HD---- C:\Programmi\InstallShield Installation Information
2008-11-04 18:05:06 ----D---- C:\Programmi\ATKOSD2
2008-11-04 18:05:01 ----D---- C:\Programmi\ASUS
2008-11-04 18:04:34 ----HD---- C:\WINDOWS\$NtUninstallKB918005$
2008-11-04 18:04:26 ----HD---- C:\WINDOWS\$NtUninstallKB923232$
2008-11-04 18:04:07 ----HD---- C:\Programmi\Uninstall Information
2008-11-04 18:02:39 ----RSD---- C:\WINDOWS\assembly
2008-11-04 18:02:39 ----D---- C:\WINDOWS\system32\URTTemp
2008-11-04 18:02:39 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-04 18:00:41 ----D---- C:\WINDOWS\RegisteredPackages
2008-11-04 17:59:28 ----HD---- C:\WINDOWS\$NtUninstallKB911164$
2008-11-04 17:58:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-11-04 17:56:31 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\SBSI
2008-11-04 17:55:20 ----A---- C:\WINDOWS\orun32.ini
2008-11-04 17:55:19 ----A---- C:\WINDOWS\IsUn0410.exe
2008-11-04 17:55:09 ----SHD---- C:\System Volume Information
2008-11-04 17:55:09 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-04 17:55:07 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-04 17:55:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-04 17:51:50 ----D---- C:\WINDOWS\system32\xircom
2008-11-04 17:51:50 ----D---- C:\Programmi\xerox
2008-11-04 17:51:50 ----D---- C:\Programmi\microsoft frontpage
2008-11-04 17:51:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-04 17:51:36 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-04 17:51:28 ----SH---- C:\AUTOEXEC.BAT
2008-11-04 17:51:28 ----A---- C:\WINDOWS\control.ini
2008-11-04 17:51:21 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-04 17:51:18 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-11-04 17:50:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-04 17:50:40 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-04 17:50:40 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-11-04 17:50:36 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-11-04 17:50:33 ----HD---- C:\Programmi\WindowsUpdate
2008-11-04 17:50:30 ----D---- C:\Programmi\Servizi in linea
2008-11-04 17:50:23 ----D---- C:\WINDOWS\system32\DirectX
2008-11-04 17:50:21 ----A---- C:\WINDOWS\system32\desktop.ini
2008-11-04 17:50:21 ----A---- C:\WINDOWS\system32\atrace.dll
2008-11-04 17:50:21 ----A---- C:\WINDOWS\desktop.ini
2008-11-04 17:50:20 ----D---- C:\Programmi\File comuni\Services
2008-11-04 17:50:20 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-11-04 17:50:20 ----A---- C:\WINDOWS\system32\acctres.dll
2008-11-04 17:50:19 ----SD---- C:\WINDOWS\Tasks
2008-11-04 17:50:19 ----D---- C:\Programmi\File comuni\MSSoap
2008-11-04 17:50:19 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-11-04 17:50:18 ----D---- C:\WINDOWS\system32\Macromed
2008-11-04 17:50:18 ----D---- C:\WINDOWS\srchasst
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-04 17:50:18 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-11-04 17:50:17 ----D---- C:\Programmi\Movie Maker
2008-11-04 17:50:17 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-04 17:50:17 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-04 17:50:17 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-04 17:50:17 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-04 17:50:17 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-04 17:50:16 ----D---- C:\WINDOWS\system32\Restore
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-11-04 17:50:16 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-04 17:50:15 ----D---- C:\Programmi\NetMeeting
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-04 17:50:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-04 17:50:14 ----D---- C:\Programmi\Outlook Express
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-04 17:50:14 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-04 17:50:13 ----D---- C:\Programmi\Internet Explorer
2008-11-04 17:50:13 ----D---- C:\Programmi\File comuni\System
2008-11-04 17:49:41 ----D---- C:\Programmi\ComPlus Applications
2008-11-04 17:49:39 ----A---- C:\WINDOWS\vbaddin.ini
2008-11-04 17:49:39 ----A---- C:\WINDOWS\vb.ini
2008-11-04 17:49:35 ----D---- C:\WINDOWS\Registration
2008-11-04 17:49:30 ----D---- C:\Programmi\Windows Media Player
2008-11-04 17:49:24 ----D---- C:\Programmi\MSN Gaming Zone
2008-11-04 17:49:24 ----D---- C:\Programmi\Messenger
2008-11-04 17:49:24 ----A---- C:\WINDOWS\system32\write.exe
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\winchat.exe
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\hticons.dll
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\avwav.dll
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-11-04 17:49:23 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-11-04 17:49:22 ----A---- C:\WINDOWS\system32\getuname.dll
2008-11-04 17:49:22 ----A---- C:\WINDOWS\system32\charmap.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\winmine.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\tskill.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\tscon.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\sol.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\shadow.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\reset.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\regini.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\msg.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\logoff.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\freecell.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-11-04 17:49:21 ----A---- C:\WINDOWS\system32\calc.exe
2008-11-04 17:49:20 ----D---- C:\Programmi\Windows NT
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-04 17:49:20 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-04 17:49:19 ----D---- C:\WINDOWS\system32\MsDtc
2008-11-04 17:49:19 ----D---- C:\WINDOWS\system32\Com
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-04 17:49:19 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-04 17:49:18 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-04 17:49:18 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-04 17:49:18 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-04 17:49:18 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-04 17:49:18 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-04 17:49:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-04 17:49:17 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-04 17:49:17 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-04 17:49:17 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-04 17:48:19 ----A---- C:\WINDOWS\system32\h323log.txt
2008-11-04 17:47:45 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-11-04 17:47:45 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-04 17:46:42 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-04 17:45:54 ----A---- C:\WINDOWS\imsins.BAK
2008-11-04 17:45:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-04 17:45:51 ----SHD---- C:\WINDOWS\Installer
2008-11-04 17:45:51 ----D---- C:\Programmi\File comuni\ODBC
2008-11-04 17:45:51 ----A---- C:\WINDOWS\ODBCINST.INI
2008-11-04 17:45:50 ----RD---- C:\Programmi
2008-11-04 17:45:50 ----D---- C:\Programmi\File comuni\SpeechEngines
2008-11-04 17:45:50 ----D---- C:\Programmi\File comuni\Microsoft Shared
2008-11-04 17:45:50 ----D---- C:\Programmi\File comuni
2008-11-04 17:45:46 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-11-04 17:45:46 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\irclass.dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-04 17:45:46 ----A---- C:\WINDOWS\notepad.exe
2008-11-04 17:45:45 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-04 17:45:39 ----ASH---- C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
2008-11-04 17:45:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-04 17:45:31 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-04 17:45:26 ----SD---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft
2008-11-04 17:45:19 ----A---- C:\WINDOWS\setuplog.txt
2008-11-04 17:45:17 ----D---- C:\Documents and Settings
2008-11-04 17:44:38 ----D---- C:\VALUEADD
2008-11-04 17:44:36 ----D---- C:\WINDOWS\ABLKSR
2008-11-04 17:44:36 ----D---- C:\SUPPORT
2008-11-04 17:41:30 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-04 17:41:30 ----RSD---- C:\WINDOWS\Fonts
2008-11-04 17:41:30 ----RD---- C:\WINDOWS\Web
2008-11-04 17:41:30 ----HD---- C:\WINDOWS\inf
2008-11-04 17:41:30 ----D---- C:\WINDOWS\WinSxS
2008-11-04 17:41:30 ----D---- C:\WINDOWS\twain_32
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Temp
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\wins
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\wbem
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\usmt
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\spool
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\ShellExt
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\Setup
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\ras
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\oobe
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\npp
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\mui
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\IME
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\icsxml
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\ias
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\export
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\drivers
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\dhcp
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\config
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\3com_dmi
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\3076
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\2052
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1054
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1042
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1041
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1040
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1037
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1033
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1031
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1028
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32\1025
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system32
2008-11-04 17:41:30 ----D---- C:\WINDOWS\system
2008-11-04 17:41:30 ----D---- C:\WINDOWS\security
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Resources
2008-11-04 17:41:30 ----D---- C:\WINDOWS\repair
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Provisioning
2008-11-04 17:41:30 ----D---- C:\WINDOWS\PeerNet
2008-11-04 17:41:30 ----D---- C:\WINDOWS\pchealth
2008-11-04 17:41:30 ----D---- C:\WINDOWS\mui
2008-11-04 17:41:30 ----D---- C:\WINDOWS\msapps
2008-11-04 17:41:30 ----D---- C:\WINDOWS\msagent
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Media
2008-11-04 17:41:30 ----D---- C:\WINDOWS\java
2008-11-04 17:41:30 ----D---- C:\WINDOWS\ime
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Help
2008-11-04 17:41:30 ----D---- C:\WINDOWS\ehome
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Driver Cache
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Debug
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Cursors
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Connection Wizard
2008-11-04 17:41:30 ----D---- C:\WINDOWS\Config
2008-11-04 17:41:30 ----D---- C:\WINDOWS\AppPatch
2008-11-04 17:41:30 ----D---- C:\WINDOWS\addins
2008-11-04 17:41:30 ----D---- C:\WINDOWS
2008-11-04 17:39:22 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2008-11-04 17:39:22 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-11-04 17:39:20 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2008-11-04 17:39:20 ----A---- C:\WINDOWS\system32\atitvo32.dll
2008-11-04 17:39:20 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2008-11-04 17:39:20 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2008-11-04 17:39:19 ----A---- C:\WINDOWS\system32\atioglxx.dll
2008-11-04 17:39:17 ----A---- C:\WINDOWS\system32\atioglx2.dll
2008-11-04 17:39:17 ----A---- C:\WINDOWS\system32\atikvmag.dll
2008-11-04 17:39:17 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-11-04 17:39:17 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2008-11-04 17:39:17 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2008-11-04 17:39:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-11-04 17:39:15 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\system32\sm56co.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56kor.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56jpn.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56ita.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56hlpr.exe
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56ger.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56fra.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56esp.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56eng.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56dnk.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56cht.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56chs.dll
2008-11-04 17:35:01 ----A---- C:\WINDOWS\sm56brz.dll
2008-11-04 17:33:07 ----A---- C:\WINDOWS\Uninstvga.bat
2008-11-04 17:33:07 ----A---- C:\WINDOWS\Uninstsxga.bat
2008-11-04 17:33:07 ----A---- C:\WINDOWS\system32\vsnp2uvc.dll
2008-11-04 17:33:07 ----A---- C:\WINDOWS\DrvInst.exe
2008-11-04 17:32:15 ----A---- C:\WINDOWS\system32\ABLKSR.INI
2008-11-04 17:21:42 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-04 14:46:44 ----D---- C:\Programmi\Microsoft Works
2008-11-04 14:46:34 ----D---- C:\Programmi\Microsoft Visual Studio
2008-11-04 14:46:34 ----D---- C:\Programmi\File comuni\DESIGNER
2008-11-04 14:46:14 ----D---- C:\Programmi\Microsoft.NET
2008-11-04 14:43:22 ----D---- C:\WINDOWS\SHELLNEW
2008-11-04 14:43:10 ----D---- C:\Programmi\Microsoft Office
2008-11-04 14:43:10 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-11-04 14:42:41 ----RHD---- C:\MSOCache
2008-11-04 14:35:40 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Adobe
2008-11-04 14:35:36 ----D---- C:\Programmi\File comuni\Adobe
2008-11-04 14:35:36 ----D---- C:\Programmi\Adobe
2008-11-04 14:30:09 ----D---- C:\Programmi\NOS
2008-11-04 14:30:09 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\NOS
2008-11-04 14:23:32 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Ahead
2008-11-04 14:20:43 ----D---- C:\Programmi\Nero
2008-11-04 14:20:43 ----D---- C:\Programmi\File comuni\Ahead
2008-11-04 14:14:07 ----D---- C:\WINDOWS\Prefetch
2008-11-04 14:11:25 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-04 14:11:19 ----HD---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-04 14:11:08 ----HD---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-04 14:11:02 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-04 14:10:54 ----HD---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-04 14:10:50 ----HD---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-04 14:10:43 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-04 14:10:37 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-04 14:10:31 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-04 14:10:24 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-04 14:10:18 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-04 14:10:09 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-04 14:10:02 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-04 14:09:55 ----HD---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-04 14:07:40 ----D---- C:\WINDOWS\system32\it
2008-11-04 14:07:40 ----D---- C:\WINDOWS\system32\bits
2008-11-04 14:07:40 ----D---- C:\WINDOWS\l2schemas
2008-11-04 14:05:48 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-04 14:00:58 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-04 13:32:23 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
2008-11-04 13:32:16 ----D---- C:\Programmi\CyberLink
2008-11-04 13:20:41 ----HD---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-11-04 13:19:30 ----HD---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-04 13:18:59 ----HD---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-11-04 13:17:58 ----HD---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-11-04 13:17:26 ----HD---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-11-04 13:17:07 ----HD---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-04 13:16:37 ----HD---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-11-04 13:00:42 ----HD---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-11-04 13:00:14 ----HD---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-11-04 12:59:50 ----HD---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-04 12:59:22 ----HD---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-11-04 12:58:54 ----HD---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-11-04 12:58:29 ----HD---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-11-04 12:58:01 ----HD---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-11-04 12:57:47 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-11-04 12:57:24 ----HD---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-04 12:56:59 ----HD---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-11-04 12:56:34 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-11-04 12:56:24 ----HD---- C:\WINDOWS\$NtUninstallKB923689$
2008-11-04 12:55:52 ----HD---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-11-04 12:48:41 ----D---- C:\WINDOWS\ie7updates
2008-11-04 12:46:11 ----D---- C:\WINDOWS\WBEM
2008-11-04 12:45:55 ----D---- C:\WINDOWS\system32\it-it
2008-11-04 12:43:21 ----HD---- C:\WINDOWS\ie7
2008-11-04 12:43:07 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-04 12:42:48 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-04 12:42:28 ----HD---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-04 12:42:27 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-11-04 12:41:47 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-04 12:41:40 ----D---- C:\WINDOWS\network diagnostic
2008-11-04 12:41:37 ----HD---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-04 12:41:26 ----HD---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-04 12:36:33 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-04 12:36:24 ----HD---- C:\WINDOWS\$NtUninstallKB923723$
2008-11-04 12:36:18 ----HD---- C:\WINDOWS\$NtUninstallKB935448$
2008-11-04 12:22:12 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
2008-11-04 12:22:03 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-04 12:22:01 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-04 12:17:50 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-04 12:17:50 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-04 12:17:50 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-04 12:17:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-11-04 12:17:49 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-04 12:11:02 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Macromedia
2008-11-04 12:11:02 ----D---- C:\Documents and Settings\PC-USER\Dati applicazioni\Adobe

======List of files/folders modified in the last 1 months======

2008-11-21 15:21:46 ----A---- C:\WINDOWS\win.ini
2008-11-04 18:50:10 ----RASH---- C:\boot.ini
2008-11-04 17:56:44 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2008-11-04 17:45:50 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-11-04 213008]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-10-26 549184]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-22 2880000]
R3 CmBatt;Driver batteria a metodo di controllo ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Driver bus UAA Microsoft per High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-20 4741120]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 24592]
R3 MODEMCSA;Periferica filtro flusso Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Storage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-10-25 46976]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-02 43392]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-09-30 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-11-15 219136]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Driver miniport per controller open host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-07-03 57344]
S1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RimUsb;Smartphone BlackBerry; C:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Driver scanner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Periferica video USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programmi\File comuni\Maxtor\Schedule2\schedul2.exe [2007-08-30 410904]
R2 ACS;Servizio di configurazione Atheros; C:\WINDOWS\system32\acs.exe [2007-10-23 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-04-22 536576]
R2 AVP;Kaspersky Anti-Virus; C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-04-25 201992]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programmi\Java\jre6\bin\jqs.exe [2008-11-07 152984]
R2 Maxtor Sync Service;Maxtor Service; C:\Programmi\Maxtor\Sync\SyncServices.exe [2008-07-21 193888]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 usnjsvc;Servizio Messenger Sharing Folders USN Journal Reader; C:\Programmi\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

#3 moricand85

moricand85
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 24 November 2008 - 05:26 PM

info.txt logfile of random's system information tool 1.04 2008-11-24 23:09:58

======Uninstall list======

-->C:\WINDOWS\IsUn0410.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{2BE0C605-9BEC-434D-9FAE-931194E72414}
-->MsiExec.exe /I{48A669A9-76FA-4CA8-BFD5-00C125AC4166}
-->MsiExec.exe /I{726A362E-EBFD-4C3F-8664-6593C2B08386}
-->MsiExec.exe /I{943CB81D-11B9-401E-8305-752528D00AA1}
-->MsiExec.exe /I{E75F019D-98A0-4B39-B1A8-3A01400D2A18}
-->MsiExec.exe /X{F664EDB9-59DF-452A-A3D7-085ED1B8D374}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office system-->"C:\Programmi\File comuni\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
7-Zip 4.57-->"C:\Programmi\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A90000000001}
Aggiornamento della protezione per Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Atheros Client Installation Program-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x10 -removeonly
ATI - Programma di disinstallazione-->C:\Programmi\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x6d65
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\setup.exe" -l0x9
ATKOSD2-->C:\Programmi\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe -runfromtemp -l0x0009 -removeonly
BlackBerry Desktop Software 4.3-->MsiExec.exe /i{D793A12F-E362-48BB-B332-1DA5E936B52D}
BlackBerry Desktop Software 4.3-->MsiExec.exe /I{D793A12F-E362-48BB-B332-1DA5E936B52D}
ccc-Branding-->MsiExec.exe /I{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}
CCleaner (remove only)-->"C:\Programmi\CCleaner\uninst.exe"
HD Tune 2.55-->"C:\Programmi\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Programmi\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Java™ 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Maxtor Manager-->"C:\Programmi\InstallShield Installation Information\{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}\setup.exe" -runfromtemp -l0x0410 -removeonly
Maxtor Manager-->MsiExec.exe /I{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co.dll,SM56UnInstaller
Mozilla Firefox (3.0.4)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Premium-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
PDFCreator-->C:\Programmi\PDFCreator\unins000.exe
Power4 Gear-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.EXE" -l0x9
PowerDVD-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x10 -removeonly
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Roxio Media Manager-->MsiExec.exe /X{303379C9-8610-4CCF-AF37-C4BF8998C591}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
SpeedFan (remove only)-->"C:\Programmi\SpeedFan\uninstall.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programmi\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
USB 2.0 1.3M UVC WebCam-->C:\WINDOWS\Uninstsxga.bat
VLC media player 0.9.6-->C:\Programmi\VideoLAN\VLC\uninstall.exe
Windows Live installer-->MsiExec.exe /X{CD199CDB-00AE-42BB-B6E9-64C69D8730EF}
Windows Live Messenger-->MsiExec.exe /X{518B3E76-4C05-4F30-A802-D87FB2086B67}
Windows Media Format Runtime-->"C:\Programmi\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Programmi\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless Console 2-->C:\Programmi\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.EXE -runfromtemp -l0x0010 -removeonly

======Security center information======

AV: Kaspersky Anti-Virus

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\ATI Technologies\ATI.ACE\Core-Static;C:\Programmi\File comuni\Roxio Shared\DLLShared\;C:\Programmi\File comuni\Roxio Shared\DLLShared\;C:\Programmi\File comuni\Roxio Shared\9.0\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Programmi\File comuni\Roxio Shared\9.0\Roxio Central33\

-----------------EOF-----------------

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:15 PM

Posted 13 December 2008 - 09:56 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:15 PM

Posted 20 December 2008 - 12:57 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please Start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users