Hello, aommaster.
Thank for your time and support.
Note that my hard disk is partitioned in this way:
C:\ with OS Win2k, that I never use and I did not include in GMER Scan (please confirm it is OK);
E:\ with OS WinXP, the one I always work with and where I am experiencing all the issues;
F:\ just for data, not included in GMER Scan
Now the logs:
Logfile of random's system information tool 1.07 (written by random/random)
Run by Flu at 2010-05-11 08:37:43
Microsoft Windows XP Professional Service Pack 3
System drive E: has 2 GB (15%) free of 15 GB
Total RAM: 1023 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8.37.58, on 11/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
F:\Nero\InCD\InCDsrv.exe
F:\Sygate Firewall\smc.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Programmi\Avira\AntiVir Desktop\sched.exe
E:\Programmi\a-squared Free\a2service.exe
E:\Programmi\Avira\AntiVir Desktop\avguard.exe
F:\Downloads\Cobian Backup\cbVSCService.exe
E:\Programmi\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\drivers\KodakCCS.exe
E:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\system32\svchost.exe
E:\Programmi\Canon\CAL\CALMAIN.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Programmi\Analog Devices\SoundMAX\SMTray.exe
E:\Programmi\Labtec\Mouse\2.1\moffice.exe
F:\Daemon Tools\daemon.exe
F:\Nero\NeroNET\NNServiceCtrl.exe
E:\Programmi\Labtec\Mouse\2.1\MOUSE32A.EXE
F:\Nero\InCD\InCD.exe
E:\Programmi\Lexmark 3400 Series\ezprint.exe
E:\Programmi\File comuni\Java\Java Update\jusched.exe
E:\Programmi\Avira\AntiVir Desktop\avgnt.exe
E:\Programmi\iTunes\iTunesHelper.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\lxcycoms.exe
E:\Programmi\iPod\bin\iPodService.exe
E:\Programmi\Internet Explorer\iexplore.exe
E:\Programmi\Internet Explorer\iexplore.exe
E:\Programmi\Internet Explorer\iexplore.exe
E:\Documents and Settings\Flu\Desktop\Safety\RSIT.exe
E:\Programmi\trend micro\Flu.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.fastweb.it/portale/?benvenuto=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - E:\Programmi\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - E:\Programmi\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Smapp] E:\Programmi\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] E:\Programmi\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [CloneCDTray] "E:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools] "F:\Daemon Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroNETTrayIcon] F:\Nero\NeroNET\NNServiceCtrl.exe
O4 - HKLM\..\Run: [InCD] F:\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [lxcymon.exe] "E:\Programmi\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "E:\Programmi\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "E:\Programmi\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "E:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "E:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] F:\SYGATE~1\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = E:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.americanexpress.comO15 - Trusted Zone:
http://www.unicreditbanca.itO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
http://download.eset.com/special/eos/OnlineScanner.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Programmi\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - E:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - F:\Downloads\Cobian Backup\cbVSCService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - E:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - E:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - F:\Nero\InCD\InCDsrv.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - E:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - E:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: lxcy_device - - E:\WINDOWS\system32\lxcycoms.exe
O23 - Service: NeroNET - Ahead Software AG - F:\Nero\NeroNET\NeroNET.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - F:\Sygate Firewall\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 9661 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\AppleSoftwareUpdate.job
E:\WINDOWS\tasks\Google Software Updater.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac9d83ea8b766.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - E:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Barra degli strumenti - E:\Programmi\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-16 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - E:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - E:\Programmi\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barra degli strumenti - E:\Programmi\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2004-09-30 4603904]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=E:\WINDOWS\system32\NvMcTray.dll [2004-09-30 86016]
"Smapp"=E:\Programmi\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"QuickTime Task"=E:\Programmi\QuickTime\qttask.exe [2009-11-11 417792]
"FLMOFFICE4DMOUSE"=E:\Programmi\Labtec\Mouse\2.1\moffice.exe [2005-09-04 958464]
"CloneCDTray"=E:\Programmi\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"DAEMON Tools"=F:\Daemon Tools\daemon.exe [2005-11-09 128920]
"NeroFilterCheck"=E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NeroNETTrayIcon"=F:\Nero\NeroNET\NNServiceCtrl.exe [2004-11-30 266240]
"InCD"=F:\Nero\InCD\InCD.exe [2005-04-12 1383936]
"lxcymon.exe"=E:\Programmi\Lexmark 3400 Series\lxcymon.exe [2006-03-06 286720]
"EzPrint"=E:\Programmi\Lexmark 3400 Series\ezprint.exe [2006-02-07 98304]
"FaxCenterServer"=E:\Programmi\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]
"LXCYCATS"=rundll32 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16 []
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"AdobeCS4ServiceManager"=E:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=E:\Programmi\File comuni\Java\Java Update\jusched.exe [2010-02-18 248040]
"avgnt"=E:\Programmi\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"iTunesHelper"=E:\Programmi\iTunes\iTunesHelper.exe [2009-11-12 141600]
"SmcService"=F:\SYGATE~1\smc.exe [2004-06-30 2376928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=E:\Programmi\Messenger\msmsgs.exe [2008-04-14 1695232]
"AdobeBridge"= []
E:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Avvio veloce di Adobe Reader.lnk - E:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - E:\Programmi\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
E:\WINDOWS\system32\WgaLogon.dll [2009-03-26 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"F:\Downloads\TVUPlayer\TVUPlayer.exe"="F:\Downloads\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Downloads\Sopcast\SopCast.exe"="F:\Downloads\Sopcast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Documents and Settings\Flu\Dati applicazioni\SopCast\adv\SopAdver.exe"="E:\Documents and Settings\Flu\Dati applicazioni\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"F:\CivilizationIV\Civilization4.exe"="F:\CivilizationIV\Civilization4.exe:*:Disabled:Sid Meier's Civilization 4"
"F:\Downloads\TVAnts\Tvants.exe"="F:\Downloads\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\WINDOWS\system32\rundll32.exe"="E:\WINDOWS\system32\rundll32.exe:*:Enabled:Modulo di esecuzione DLL come applicazioni"
"F:\Downloads\Sopcast\adv\SopAdver.exe"="F:\Downloads\Sopcast\adv\SopAdver.exe:*:Disabled:SopCast Adver"
"E:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"E:\Programmi\Skype\Phone\Skype.exe"="E:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Programmi\Internet Explorer\iexplore.exe"="E:\Programmi\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"E:\Programmi\iTunes\iTunes.exe"="E:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe"="E:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil"
"E:\Programmi\Bonjour\mDNSResponder.exe"="E:\Programmi\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"E:\WINDOWS\system32\LEXPPS.EXE"="E:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8dc2518-2203-11de-8d32-0011d82216ae}]
shell\AutoRun\command - J:\Launch.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c16072cc-e732-11dd-8cbd-0011d82216ae}]
shell\AutoRun\command - I:\start.exe
======List of files/folders created in the last 1 months======
2010-05-11 08:37:43 ----D---- E:\rsit
2010-05-11 08:37:43 ----D---- E:\Programmi\trend micro
2010-04-28 01:25:41 ----D---- E:\Documents and Settings\All Users\Dati applicazioni\Sun
2010-04-28 01:25:40 ----D---- E:\Programmi\File comuni\Java
2010-04-28 01:25:24 ----N---- E:\WINDOWS\system32\javaws.exe
2010-04-28 01:25:24 ----N---- E:\WINDOWS\system32\javaw.exe
2010-04-28 01:25:24 ----N---- E:\WINDOWS\system32\java.exe
2010-04-28 01:25:24 ----N---- E:\WINDOWS\system32\deployJava1.dll
2010-04-28 01:23:45 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-04-28 01:23:40 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-04-28 01:23:31 ----HDC---- E:\WINDOWS\$NtUninstallKB979683$
2010-04-28 01:23:19 ----HDC---- E:\WINDOWS\$NtUninstallKB980232$
2010-04-28 01:23:15 ----HDC---- E:\WINDOWS\$NtUninstallKB955759$
2010-04-28 01:21:05 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-04-28 01:21:01 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-04-28 01:20:57 ----HDC---- E:\WINDOWS\$NtUninstallKB978338$
2010-04-28 01:20:53 ----HDC---- E:\WINDOWS\$NtUninstallKB972270$
2010-04-28 01:20:46 ----HDC---- E:\WINDOWS\$NtUninstallKB975561$
2010-04-28 01:20:41 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-04-28 01:20:34 ----HDC---- E:\WINDOWS\$NtUninstallKB977816$
2010-04-28 01:20:30 ----HDC---- E:\WINDOWS\$NtUninstallKB978601$
2010-04-28 01:20:20 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-04-28 01:19:55 ----HDC---- E:\WINDOWS\$NtUninstallKB979309$
2010-04-28 01:19:51 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-04-28 01:19:37 ----HDC---- E:\WINDOWS\$NtUninstallKB979306$
2010-04-28 01:16:05 ----N---- E:\WINDOWS\system32\browserchoice.exe
2010-04-28 00:14:39 ----N---- E:\WINDOWS\swreg.exe
2010-04-28 00:14:39 ----N---- E:\WINDOWS\sed.exe
2010-04-28 00:14:39 ----N---- E:\WINDOWS\mbr.exe
======List of files/folders modified in the last 1 months======
2010-05-11 08:37:46 ----D---- E:\WINDOWS\Prefetch
2010-05-11 08:37:43 ----RD---- E:\Programmi
2010-05-11 08:32:39 ----D---- E:\WINDOWS\Temp
2010-05-11 08:32:29 ----D---- E:\Documents and Settings
2010-05-11 08:30:47 ----D---- E:\WINDOWS\system32\CatRoot2
2010-05-10 22:45:22 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-05-10 20:46:22 ----D---- E:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2010-05-08 14:19:18 ----D---- E:\WINDOWS\system32\config
2010-05-08 14:19:17 ----D---- E:\WINDOWS\Registration
2010-05-03 12:19:24 ----D---- E:\MyVideos
2010-04-28 01:28:06 ----D---- E:\WINDOWS
2010-04-28 01:27:27 ----D---- E:\WINDOWS\system32
2010-04-28 01:27:27 ----D---- E:\WINDOWS\AppPatch
2010-04-28 01:27:27 ----D---- E:\Programmi\Internet Explorer
2010-04-28 01:25:40 ----SHD---- E:\WINDOWS\Installer
2010-04-28 01:25:40 ----D---- E:\Programmi\File comuni
2010-04-28 01:25:15 ----D---- E:\Programmi\Java
2010-04-28 01:23:47 ----HD---- E:\WINDOWS\inf
2010-04-28 01:23:44 ----HD---- E:\WINDOWS\$hf_mig$
2010-04-28 01:23:43 ----N---- E:\WINDOWS\imsins.BAK
2010-04-28 01:23:42 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-04-28 01:23:42 ----D---- E:\WINDOWS\system32\drivers
2010-04-28 01:23:24 ----D---- E:\WINDOWS\ie8updates
2010-04-28 01:20:47 ----D---- E:\Programmi\Movie Maker
2010-04-27 20:04:54 ----D---- E:\WINDOWS\Minidump
2010-04-20 18:38:59 ----N---- E:\WINDOWS\NeroDigital.ini
2010-04-18 21:59:52 ----D---- E:\Programmi\a-squared Free
2010-04-18 14:22:54 ----SD---- E:\WINDOWS\Downloaded Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\E:\Programmi\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; E:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 DcCam;Kodak Camera Proxy; E:\WINDOWS\system32\DRIVERS\DcCam.sys [2004-05-20 36918]
R1 InCDPass;InCDPass; E:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-04-12 29056]
R1 incdrm;InCD Reader; E:\WINDOWS\system32\drivers\incdrm.sys [2005-04-12 28160]
R1 ssmdrv;ssmdrv; E:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 wpsdrvnt;wpsdrvnt; \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; E:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R2 DCFS2K;Kodak DCFS2K Driver; E:\WINDOWS\system32\drivers\dcfs2k.sys [2004-06-02 38705]
R2 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 wg3n;SyGate for NT, wg3n; E:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-06-30 14320]
R2 wg4n;SyGate for NT, wg4n; E:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [2004-06-30 14320]
R2 wg5n;SyGate for NT, wg5n; E:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [2004-06-30 14320]
R2 wg6n;SyGate for NT, wg6n; E:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [2004-06-30 14320]
R3 aeaudio;aeaudio; E:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; E:\WINDOWS\System32\Drivers\AnyDVD.sys [2005-10-27 19200]
R3 Arp1394;Protocollo client ARP 1394; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2006-05-13 223128]
R3 ElbyCDFL;ElbyCDFL; E:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 ElbyDelay;ElbyDelay; E:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Driver di classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-30 2743840]
R3 smwdm;smwdm; E:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbccgp;Driver principale generico USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Driver hub USB standard Microsoft; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe stampanti USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Driver scanner USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Driver archiviazione di massa USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Driver Miniport Controller Universal Host USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; E:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-12-11 299008]
R4 InCDfs;InCD File System; E:\WINDOWS\system32\drivers\InCDfs.sys [2005-04-12 99456]
S1 Exportit;Exportit; E:\WINDOWS\system32\DRIVERS\exportit.sys [2004-07-07 152049]
S3 BlueletAudio;Bluetooth Audio Service; E:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; E:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; E:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; E:\WINDOWS\System32\Drivers\btcusb.sys []
S3 CCDECODE;Decoder sottotitoli codificati; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DcFpoint;DcFpoint; E:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2004-05-20 61564]
S3 DcLps;Legacy Polling Service; E:\WINDOWS\system32\DRIVERS\DcLps.sys [2004-05-20 8022]
S3 DcPTP;dcptp; E:\WINDOWS\system32\DRIVERS\DcPTP.sys [2004-07-07 70070]
S3 mouhid;Driver di mouse HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-30 12160]
S3 MPE;BDA MPE Filter; E:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connesione TV/Video Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-31 5888]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USB28xxBGA;WinTV HVR-900; E:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-06-06 281600]
S3 USB28xxOEM;WinTV OEM Filter; E:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-06-02 21376]
S3 VComm;Virtual Serial port driver; E:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; E:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Codec World Standard Teletext; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; E:\Programmi\a-squared Free\a2service.exe [2010-04-18 1872320]
R2 AntiVirScheduler;Avira AntiVir Scheduler; E:\Programmi\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; E:\Programmi\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; F:\Downloads\Cobian Backup\cbVSCService.exe [2010-04-28 67584]
R2 CCALib8;Canon Camera Access Library 8; E:\Programmi\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 InCDsrv;InCD Helper; F:\Nero\InCD\InCDsrv.exe [2005-04-12 869376]
R2 JavaQuickStarterService;Java Quick Starter; E:\Programmi\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 KodakCCS;Kodak Camera Connection Software; E:\WINDOWS\system32\drivers\KodakCCS.exe [2004-05-24 322104]
R2 MDM;Machine Debug Manager; E:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2004-09-30 127043]
R2 SmcService;Sygate Personal Firewall; F:\Sygate Firewall\smc.exe [2004-06-30 2376928]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; E:\Programmi\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 iPod Service;Servizio iPod; E:\Programmi\iPod\bin\iPodService.exe [2009-11-12 545568]
R3 lxcy_device;lxcy_device; E:\WINDOWS\system32\lxcycoms.exe [2006-02-20 495616]
S2 gupdate;Servizio di Google Update (gupdate); E:\Programmi\Google\Update\GoogleUpdate.exe [2010-01-09 135664]
S2 gusvc;Google Software Updater; E:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 Apple Mobile Device;Apple Mobile Device; E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Bonjour Service;Bonjour Service; E:\Programmi\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-21 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NeroNET;NeroNET; F:\Nero\NeroNET\NeroNET.exe [2004-11-30 1122304]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; E:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-02 918528]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-05-11 08:38:00
======Uninstall list======
-->E:\Programmi\File comuni\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe AIR-->E:\Programmi\File comuni\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop Album 2.0 Starter Edition-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->E:\Programmi\File comuni\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 7.1.0 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A71000000002}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Shockwave Player 11.5-->"E:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Aggiornamento critico per Windows Media Player 11 (KB959772)-->"E:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB928090)-->"E:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB929969)-->"E:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB931768)-->"E:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB933566)-->"E:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)-->"E:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653)-->"E:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)-->"E:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)-->"E:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)-->"E:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)-->"E:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)-->"E:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)-->"E:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)-->"E:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)-->"E:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB969897)-->"E:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB969897)-->"E:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)-->"E:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB972260)-->"E:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB974455)-->"E:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)-->"E:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332)-->"E:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB952069)-->"E:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB954155)-->"E:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB968816)-->"E:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB973540)-->"E:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB936782)-->"E:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB954154)-->"E:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 9 (KB911565)-->"E:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 9 (KB917734)-->"E:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923561)-->"E:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB938464)-->"E:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB938464-v2)-->"E:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB941569)-->"E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB946648)-->"E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950760)-->"E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950762)-->"E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951376-v2)-->"E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951698)-->"E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951748)-->"E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952004)-->"E:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB953839)-->"E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954211)-->"E:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"E:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954600)-->"E:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"E:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956391)-->"E:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956572)-->"E:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956744)-->"E:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956802)-->"E:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"E:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956841)-->"E:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956844)-->"E:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957095)-->"E:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"E:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"E:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958687)-->"E:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958690)-->"E:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958869)-->"E:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB959426)-->"E:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960225)-->"E:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960715)-->"E:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960803)-->"E:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960859)-->"E:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961371)-->"E:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961373)-->"E:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961501)-->"E:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB968537)-->"E:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969059)-->"E:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969898)-->"E:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB969947)-->"E:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970238)-->"E:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970430)-->"E:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971468)-->"E:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971486)-->"E:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971557)-->"E:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971633)-->"E:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971657)-->"E:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB972270)-->"E:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973346)-->"E:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973354)-->"E:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973507)-->"E:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973525)-->"E:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973869)-->"E:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973904)-->"E:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974112)-->"E:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974318)-->"E:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974392)-->"E:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB974571)-->"E:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975025)-->"E:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975467)-->"E:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975560)-->"E:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975561)-->"E:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB975713)-->"E:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB977816)-->"E:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB977914)-->"E:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978037)-->"E:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978262)-->"E:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978338)-->"E:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978601)-->"E:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB978706)-->"E:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB979309)-->"E:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB979683)-->"E:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB980232)-->"E:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB971930)-->"E:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB976662)-->"E:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB976749)-->"E:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows Internet Explorer 8 (KB980182)-->"E:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951072-v2)-->"E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951978)-->"E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955759)-->"E:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955839)-->"E:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB967715)-->"E:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB968389)-->"E:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB971737)-->"E:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973687)-->"E:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973815)-->"E:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)-->"E:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Aggiornamento rapido per Windows Media Player 11 (KB939683)-->"E:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB952287)-->"E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB961118)-->"E:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB970653-v3)-->"E:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB976098-v2)-->"E:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB979306)-->"E:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
AnyDVD-->"E:\Programmi\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="E:\Programmi\SlySoft\AnyDVD"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Free 4.5-->"E:\Programmi\a-squared Free\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->E:\Programmi\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon Camera Access Library-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "E:\Programmi\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "E:\Programmi\Canon\CSCLIB\Uninst.ini"
Canon EOS 5D WIA Driver-->E:\Programmi\File comuni\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} /l1033
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon RAW Image Task for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Digital Photo Professional 3.4-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities Original Data Security Tools-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\Original Data Security Tools\Uninst.ini"
Canon Utilities PhotoStitch-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\PhotoStitch\Uninst.ini"
Canon Utilities Picture Style Editor-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\Picture Style Editor\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities WFT-E1/E2/E3 Utility-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\WFT Utility\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"E:\Programmi\File comuni\Canon\UIW\1.4.0.0\Uninst.exe" "F:\Canon\ZoomBrowser EX MCU\Uninst.ini"
CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CloneCD-->"E:\Programmi\SlySoft\CloneCD\ccd-uninst.exe" /D="E:\Programmi\SlySoft\CloneCD"
CloneDVD2-->"E:\Programmi\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="E:\Programmi\Elaborate Bytes\CloneDVD2"
Cobian Backup 10-->F:\Downloads\Cobian Backup\cbUninstall.exe
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Creative DVD Audio Plugin for Audigy Series-->"E:\Programmi\Creative\CTDPlugin\CTUIDVD.exe " -u
Danea Family Manager 4.0-->F:\DANEAF~1\UNWISE.EXE F:\DANEAF~1\INSTALL.LOG
Duke Nukem - Manhattan Project-->E:\PROGRA~1\FILECO~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1} /l1040
eMule AdunanzA-->F:\Adunanza\AdunanzA_Uninstaller.exe
ERUNT 1.1j-->E:\Programmi\ERUNT\unins000.exe
ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSEMAIL-->MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"E:\Programmi\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hauppauge Italian Help Files and Resources-->E:\PROGRA~1\WinTV\UNHLPita.EXE E:\PROGRA~1\WinTV\WTV2Kita.LOG
Hauppauge TvTv Sync-->E:\PROGRA~1\WinTV\SCHEDU~1\EPG\TvTv\uniTvTv.exe E:\PROGRA~1\WinTV\SCHEDU~1\EPG\TvTv\uniTvTv.log
Hauppauge WinTV Scheduler-->E:\PROGRA~1\WinTV\SCHEDU~1\uniSCHED.exe E:\PROGRA~1\WinTV\SCHEDU~1\uniSCHED.log
Hauppauge WinTV Soft PVR-->E:\PROGRA~1\WinTV\UNSftPVR.EXE E:\PROGRA~1\WinTV\softpvr.LOG
Hauppauge WinTV2000-->E:\PROGRA~1\WinTV\UNTV32.EXE E:\PROGRA~1\WinTV\WINTV2K.LOG
HLPCCTR-->MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPSFO-->MsiExec.exe /I{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->E:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->E:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"E:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
InCD-->E:\WINDOWS\NuNInst.exe /UNINSTALL
InterVideo FilterSDK for Hauppauge-->RunDll32 E:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "E:\Programmi\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL
InterVideo WinDVD 5-->"E:\Programmi\InstallShield Installation Information\{1B399A41-C1D0-40A2-9E4F-095868EFAF01}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
K-Lite Codec Pack 2.82 Full-->"F:\Downloads\Utilities\K-Lite Codec Pack\unins000.exe"
Kodak EasyShare software-->E:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\$SETUP_9_142578\Setup.exe /APR-REMOVE
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Labtec Mouse V2.1-->E:\Programmi\Labtec\Mouse\2.1\uninst00.exe
Lexmark 3400 Series-->E:\Programmi\Lexmark 3400 Series\Install\x86\Uninst.exe
Lexmark Barra degli strumenti-->regsvr32.exe /s /u "E:\Programmi\Lexmark Toolbar\toolband.dll"
Magic Manager 9.0-->E:\WINDOWS\unvise32.exe f:\magic manager\uninstal.log
Malwarebytes' Anti-Malware-->"E:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional con FrontPage-->MsiExec.exe /I{90280410-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"E:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MP3 Player Utilities 3.5.02-->MsiExec.exe /I{0DE7211B-A7CB-4112-8D62-142A0EBDFAD9}
MP3 Player Utilities 3.68-->MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NBA LIVE 06-->F:\NBA LIVE 06\EAUninstall.exe
Nero 6 Ultra Edition-->F:\Nero\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->E:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero Media Player-->E:\WINDOWS\UNNMP.exe /UNINSTALL
NeroMIX-->E:\WINDOWS\UNNMIX.exe /UNINSTALL
NeroNET-->E:\WINDOWS\UNNeroNET.exe /UNINSTALL
NET-PRINT easyUp 3.3.23.1250-->"F:\NET-PRINT easyUp\unins000.exe"
NHL 2005-->F:\NHL 2005\EAUninstall.exe
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
NVIDIA Drivers-->E:\WINDOWS\system32\nvudisp.exe UninstallGUI
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
Online Manuals for WinTV (English)-->E:\PROGRA~1\WinTV\UNTVmans.exe E:\PROGRA~1\WinTV\WinTVMan.LOG
OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->E:\Programmi\File comuni\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2-->MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Sid Meier's Civilization 4-->RunDll32 E:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Programmi\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x10 -removeonly
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Soluzioni per l'invio di fax Lexmark-->E:\Programmi\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
SopCast 2.0.4-->F:\Downloads\Sopcast\uninst.exe
SoundMAX-->RunDll32 E:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Programmi\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy-->"F:\Spybot - Search & Destroy\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Sygate Personal Firewall-->MsiExec.exe /X{59BCEEEC-3C0F-4A02-80FC-0B8A6E26B31F}
Thrustmaster Force Feedback Driver-->RunDll32 E:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Programmi\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -l0x10 -removeonly
TVAnts 1.0-->F:\DOWNLO~1\TVAnts\UNWISE.EXE F:\DOWNLO~1\TVAnts\INSTALL.LOG
TVUPlayer 2.4.5.1-->F:\Downloads\TVUPlayer\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->E:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCAMCEN-->MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
VideoLAN VLC media player 0.8.6d-->F:\Downloads\VLC\uninstall.exe
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Internet Explorer 8-->"E:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"E:\Programmi\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"E:\Programmi\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->E:\Programmi\WinRAR\uninstall.exe
WinZip-->"E:\Programmi\WinZip\WINZIP32.EXE" /uninstall
======Hosts File======
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: PC-CASA-XP
Event Code: 126
Message: Link Partner is not Auto-Negotiation able
Record Number: 14489
Source Name: yukonwxp
Time Written: 20100325213714.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 138
Message: Autonegotiation Mode 2
Record Number: 14488
Source Name: yukonwxp
Time Written: 20100325213714.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 6005
Message: Il servizio Registro eventi č stato avviato.
Record Number: 14487
Source Name: EventLog
Time Written: 20100325213657.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 14486
Source Name: EventLog
Time Written: 20100325213657.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 6006
Message: Il servizio Registro eventi č stato arrestato.
Record Number: 14485
Source Name: EventLog
Time Written: 20100325002316.000000+060
Event Type: Informazione
User:
=====Application event log=====
Computer Name: PC-CASA-XP
Event Code: 1800
Message: Servizio Centro sicurezza PC Windows avviato.
Record Number: 7960
Source Name: SecurityCenter
Time Written: 20100320120217.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 1
Message:
Record Number: 7959
Source Name: Bonjour Service
Time Written: 20100320120211.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 0
Message:
Record Number: 7958
Source Name: gusvc
Time Written: 20100320120207.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 0
Message:
Record Number: 7957
Source Name: gupdate
Time Written: 20100320120207.000000+060
Event Type: Informazione
User:
Computer Name: PC-CASA-XP
Event Code: 105
Message:
Record Number: 7956
Source Name: dcfssvc
Time Written: 20100320120207.000000+060
Event Type: Informazione
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\Programmi\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 14 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0e00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;E:\Programmi\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=E:\Programmi\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-05-11 09:33:27
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: E:\DOCUME~1\Flu\IMPOST~1\Temp\uxdirkob.sys
---- System - GMER 1.0.15 ----
SSDT \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwAllocateVirtualMemory [0xF58AFB30]
SSDT F7BF42BE ZwCreateKey
SSDT F7BF42B4 ZwCreateThread
SSDT F7BF42C3 ZwDeleteKey
SSDT F7BF42CD ZwDeleteValueKey
SSDT sptd.sys ZwEnumerateKey [0xF7341C22]
SSDT sptd.sys ZwEnumerateValueKey [0xF7341F9A]
SSDT F7BF42D2 ZwLoadKey
SSDT \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xF58AF470]
SSDT sptd.sys ZwOpenKey [0xF734198E]
SSDT F7BF42A0 ZwOpenProcess
SSDT F7BF42A5 ZwOpenThread
SSDT \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwProtectVirtualMemory [0xF58AFC50]
SSDT sptd.sys ZwQueryKey [0xF7342064]
SSDT sptd.sys ZwQueryValueKey [0xF7341EFC]
SSDT F7BF42DC ZwReplaceKey
SSDT F7BF42D7 ZwRestoreKey
SSDT F7BF42C8 ZwSetValueKey
SSDT \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xF58AF990]
SSDT F7BF42AF ZwTerminateProcess
SSDT \??\E:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwWriteVirtualMemory [0xF58AFD60]
---- Kernel code sections - GMER 1.0.15 ----
? E:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file č utilizzato da un altro processo.
? E:\WINDOWS\System32\Drivers\SPTD3069.SYS Impossibile accedere al file. Il file č utilizzato da un altro processo.
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 F649B4F0 16 Bytes [95, A8, DA, 36, B9, 19, 32, ...]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 11 F649B501 31 Bytes [A0, 49, F6, 92, 50, 46, 02, ...]
? E:\WINDOWS\System32\Drivers\dtscsi.sys Impossibile accedere al file. Il file č utilizzato da un altro processo.
.text tcpip.sys!IPTransmit + 10FC EB07AD3A 6 Bytes CALL F711EC20 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!IPTransmit + 2A52 EB07C690 6 Bytes CALL F711EC20 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!IPRegisterProtocol + 930 EB092454 6 Bytes CALL F711EC20 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text wanarp.sys ED79C3FD 7 Bytes CALL F711ED70 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
---- User code sections - GMER 1.0.15 ----
.text E:\Programmi\Avira\AntiVir Desktop\sched.exe[224] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 01962862
.text E:\Programmi\Avira\AntiVir Desktop\sched.exe[224] WS2_32.dll!send 71A34C27 5 Bytes JMP 019626EE
.text E:\Programmi\Avira\AntiVir Desktop\sched.exe[224] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 019627E0
.text E:\Programmi\Avira\AntiVir Desktop\sched.exe[224] WS2_32.dll!recv 71A3676F 5 Bytes JMP 01962726
.text E:\Programmi\Avira\AntiVir Desktop\sched.exe[224] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 0196275E
.text E:\Programmi\Avira\AntiVir Desktop\avguard.exe[256] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 01E02862
.text E:\Programmi\Avira\AntiVir Desktop\avguard.exe[256] WS2_32.dll!send 71A34C27 5 Bytes JMP 01E026EE
.text E:\Programmi\Avira\AntiVir Desktop\avguard.exe[256] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 01E027E0
.text E:\Programmi\Avira\AntiVir Desktop\avguard.exe[256] WS2_32.dll!recv 71A3676F 5 Bytes JMP 01E02726
.text E:\Programmi\Avira\AntiVir Desktop\avguard.exe[256] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 01E0275E
.text E:\Programmi\Java\jre6\bin\jqs.exe[608] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 01DF2862
.text E:\Programmi\Java\jre6\bin\jqs.exe[608] WS2_32.dll!send 71A34C27 5 Bytes JMP 01DF26EE
.text E:\Programmi\Java\jre6\bin\jqs.exe[608] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 01DF27E0
.text E:\Programmi\Java\jre6\bin\jqs.exe[608] WS2_32.dll!recv 71A3676F 5 Bytes JMP 01DF2726
.text E:\Programmi\Java\jre6\bin\jqs.exe[608] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 01DF275E
.text F:\Sygate Firewall\smc.exe[1392] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 01A02862
.text F:\Sygate Firewall\smc.exe[1392] WS2_32.dll!send 71A34C27 5 Bytes JMP 01A026EE
.text F:\Sygate Firewall\smc.exe[1392] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 01A027E0
.text F:\Sygate Firewall\smc.exe[1392] WS2_32.dll!recv 71A3676F 5 Bytes JMP 01A02726
.text F:\Sygate Firewall\smc.exe[1392] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 01A0275E
.text E:\WINDOWS\Explorer.EXE[1672] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 015E2862
.text E:\WINDOWS\Explorer.EXE[1672] WS2_32.dll!send 71A34C27 5 Bytes JMP 015E26EE
.text E:\WINDOWS\Explorer.EXE[1672] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 015E27E0
.text E:\WINDOWS\Explorer.EXE[1672] WS2_32.dll!recv 71A3676F 5 Bytes JMP 015E2726
.text E:\WINDOWS\Explorer.EXE[1672] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 015E275E
.text E:\Programmi\a-squared Free\a2service.exe[2012] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 00454E05 E:\Programmi\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
.text E:\Programmi\Canon\CAL\CALMAIN.exe[2696] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 00DB2862
.text E:\Programmi\Canon\CAL\CALMAIN.exe[2696] WS2_32.dll!send 71A34C27 5 Bytes JMP 00DB26EE
.text E:\Programmi\Canon\CAL\CALMAIN.exe[2696] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 00DB27E0
.text E:\Programmi\Canon\CAL\CALMAIN.exe[2696] WS2_32.dll!recv 71A3676F 5 Bytes JMP 00DB2726
.text E:\Programmi\Canon\CAL\CALMAIN.exe[2696] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 00DB275E
.text E:\Programmi\iPod\bin\iPodService.exe[3212] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 00BA2862
.text E:\Programmi\iPod\bin\iPodService.exe[3212] WS2_32.dll!send 71A34C27 5 Bytes JMP 00BA26EE
.text E:\Programmi\iPod\bin\iPodService.exe[3212] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 00BA27E0
.text E:\Programmi\iPod\bin\iPodService.exe[3212] WS2_32.dll!recv 71A3676F 5 Bytes JMP 00BA2726
.text E:\Programmi\iPod\bin\iPodService.exe[3212] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 00BA275E
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] ADVAPI32.dll!CryptDestroyKey 77F59EBC 7 Bytes JMP 0220290A
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] ADVAPI32.dll!CryptDecrypt 77F5A129 7 Bytes JMP 022028BA
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] ADVAPI32.dll!CryptEncrypt 77F5E360 7 Bytes JMP 0220287E
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 402B5505 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 4038DAC4 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 4048473F E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40484671 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 404846DC E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40484542 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 404845A4 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 404847A2 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40484606 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!InternetReadFile 3F9E654B 5 Bytes JMP 02202CF3
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!InternetCloseHandle 3F9E9088 5 Bytes JMP 02202D4F
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!HttpOpenRequestA 3F9ED508 2 Bytes JMP 02202AC2
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!HttpOpenRequestA + 3 3F9ED50B 2 Bytes [81, C2]
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!InternetConnectA 3F9EDEAE 5 Bytes JMP 02202926
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!HttpSendRequestW 3F9EFABE 5 Bytes JMP 022030EB
.text E:\Programmi\Internet Explorer\iexplore.exe[3348] WININET.dll!HttpSendRequestA 3F9FEE89 5 Bytes JMP 02202B71
.text E:\Programmi\Lexmark 3400 Series\ezprint.exe[3620] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 02C82862
.text E:\Programmi\Lexmark 3400 Series\ezprint.exe[3620] WS2_32.dll!send 71A34C27 5 Bytes JMP 02C826EE
.text E:\Programmi\Lexmark 3400 Series\ezprint.exe[3620] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 02C827E0
.text E:\Programmi\Lexmark 3400 Series\ezprint.exe[3620] WS2_32.dll!recv 71A3676F 5 Bytes JMP 02C82726
.text E:\Programmi\Lexmark 3400 Series\ezprint.exe[3620] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 02C8275E
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] ADVAPI32.dll!CryptDestroyKey 77F59EBC 7 Bytes JMP 0293290A
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] ADVAPI32.dll!CryptDecrypt 77F5A129 7 Bytes JMP 029328BA
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] ADVAPI32.dll!CryptEncrypt 77F5E360 7 Bytes JMP 0293287E
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 402B5505 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40389A75 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 4037D101 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 4038DAC4 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 402F466E E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 4048473F E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40484671 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 404846DC E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40484542 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 404845A4 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 404847A2 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40484606 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] ole32.dll!CoCreateInstance 774D057E 5 Bytes JMP 4038DB20 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] ole32.dll!OleLoadFromStream 774F9C85 5 Bytes JMP 40484AA7 E:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!InternetReadFile 3F9E654B 5 Bytes JMP 02932CF3
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!InternetCloseHandle 3F9E9088 5 Bytes JMP 02932D4F
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!HttpOpenRequestA 3F9ED508 2 Bytes JMP 02932AC2
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!HttpOpenRequestA + 3 3F9ED50B 2 Bytes [F4, C2]
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!InternetConnectA 3F9EDEAE 5 Bytes JMP 02932926
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!HttpSendRequestW 3F9EFABE 5 Bytes JMP 029330EB
.text E:\Programmi\Internet Explorer\iexplore.exe[3688] WININET.dll!HttpSendRequestA 3F9FEE89 5 Bytes JMP 02932B71
.text E:\Programmi\File comuni\Java\Java Update\jusched.exe[3760] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 00E92862
.text E:\Programmi\File comuni\Java\Java Update\jusched.exe[3760] WS2_32.dll!send 71A34C27 5 Bytes JMP 00E926EE
.text E:\Programmi\File comuni\Java\Java Update\jusched.exe[3760] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 00E927E0
.text E:\Programmi\File comuni\Java\Java Update\jusched.exe[3760] WS2_32.dll!recv 71A3676F 5 Bytes JMP 00E92726
.text E:\Programmi\File comuni\Java\Java Update\jusched.exe[3760] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 00E9275E
.text E:\Programmi\iTunes\iTunesHelper.exe[3776] WS2_32.dll!closesocket 71A33E2B 5 Bytes JMP 017D2862
.text E:\Programmi\iTunes\iTunesHelper.exe[3776] WS2_32.dll!send 71A34C27 5 Bytes JMP 017D26EE
.text E:\Programmi\iTunes\iTunesHelper.exe[3776] WS2_32.dll!WSARecv 71A34CB5 5 Bytes JMP 017D27E0
.text E:\Programmi\iTunes\iTunesHelper.exe[3776] WS2_32.dll!recv 71A3676F 5 Bytes JMP 017D2726
.text E:\Programmi\iTunes\iTunesHelper.exe[3776] WS2_32.dll!WSASend 71A368FA 5 Bytes JMP 017D275E
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 86F92450
Device \FileSystem\Fastfat \FatCdrom 86AC8280
Device \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\dmio \Device\DmControl\DmIoDaemon 86F920E8
Device \Driver\dmio \Device\DmControl\DmConfig 86F920E8
Device \Driver\dmio \Device\DmControl\DmPnP 86F920E8
Device \Driver\dmio \Device\DmControl\DmInfo 86F920E8
Device \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device pci.sys (Enumeratore PCI Plug and Play per NT/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 86FDB2B0
Device \Driver\Ftdisk \Device\HarddiskVolume2 86FDB2B0
Device \Driver\Cdrom \Device\CdRom0 86C6ED18
Device \FileSystem\Rdbss \Device\FsWrap 86B950E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 86FDB2B0
Device \Driver\Cdrom \Device\CdRom1 86C6ED18
Device \Driver\atapi \Device\Ide\IdePort0 [F7291B40] atapi.sys[unknown section] {MOV EAX, 0x86f92dd0; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7351e12; RET }
Device \Driver\atapi \Device\Ide\IdePort1 [F7291B40] atapi.sys[unknown section] {MOV EAX, 0x86f92dd0; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7351e12; RET }
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-5 [F7291B40] atapi.sys[unknown section] {MOV EAX, 0x86f92dd0; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7351e12; RET }
Device \Driver\USBSTOR \Device\00000075 86A34328
Device \Driver\USBSTOR \Device\00000077 86A34328
Device \Driver\NetBT \Device\NetBt_Wins_Export 86A37DC8
Device \Driver\00000040 \Device\0000004a sptd.sys
Device \FileSystem\InCDfs \Device\InCDfsComm 869617F8
Device \Driver\NetBT \Device\NetbiosSmb 86A37DC8
Device \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\Disk \Device\Harddisk0\DR0 86F92688
Device \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\Disk \Device\Harddisk1\DR4 86F92688
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+5 86F92688
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86C740E8
Device \Driver\Tcpip \Device\IPMULTICAST wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \FileSystem\MRxSmb \Device\LanmanRedirector 86C740E8
Device \FileSystem\Npfs \Device\NamedPipe 86A9C6D8
Device \Driver\Ftdisk \Device\FtControl 86FDB2B0
Device \FileSystem\Msfs \Device\Mailslot 86A679F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{3625582B-18DB-4478-B043-20844E7E38DC} 86A37DC8
Device \Driver\viasraid \Device\Scsi\viasraid1 86F92BF8
Device \Driver\viasraid \Device\Scsi\viasraid1 869F3068
Device \Driver\viasraid \Device\Scsi\viasraid1Port2Path0Target0Lun0 86F92BF8
Device \Driver\viasraid \Device\Scsi\viasraid1Port2Path0Target0Lun0 869F3068
Device \Driver\dtscsi \Device\Scsi\dtscsi1 86BAD288
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 86BAD288
Device \FileSystem\Fastfat \Fat 86AC8280
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\InCDfs \GLOBAL??\BsUDF 869617F8
Device \FileSystem\Cdfs \Cdfs 86A27310
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 F:\Daemon Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x21 0xCC 0x71 0x91 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x32 0x73 0xC7 0x53 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1D 0x82 0x74 0xB4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 F:\Daemon Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x21 0xCC 0x71 0x91 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x32 0x73 0xC7 0x53 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD5 0x6E 0x02 0x7C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0 -1700233238
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1136358979
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 957530644
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 F:\Daemon Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFF 0x6B 0x00 0xC6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x32 0x73 0xC7 0x53 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1D 0x82 0x74 0xB4 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 F:\Daemon Tools\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFF 0x6B 0x00 0xC6 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x32 0x73 0xC7 0x53 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1D 0x82 0x74 0xB4 ...
---- EOF - GMER 1.0.15 ----