non ho trovato traccia di quei files tra i processi attivi.
Vi anticipo se puo' essere utile ol log di Hjt e quello di combofix:
ComboFix 08-10-25.01 - Manlio 2008-11-03 17:05:43.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1603 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Manlio.PC-HOME\Appoggio\ComboFix.exe
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\InfoSat.txt
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS.0\system32\drivers\downld
C:\WINDOWS.0\system32\drivers\downld\338921.exe
C:\WINDOWS.0\system32\drivers\downld\339921.exe
C:\WINDOWS.0\system32\drivers\downld\351000.exe
C:\WINDOWS.0\system32\drivers\downld\352593.exe
C:\WINDOWS.0\system32\drivers\downld\383484.exe
C:\WINDOWS.0\system32\drivers\downld\392562.exe
C:\WINDOWS.0\system32\drivers\downld\397281.exe
C:\WINDOWS.0\system32\drivers\downld\469812.exe
C:\WINDOWS.0\system32\drivers\downld\475765.exe
C:\WINDOWS.0\system32\drivers\downld\479312.exe
C:\WINDOWS.0\system32\drivers\downld\484359.exe
C:\WINDOWS.0\system32\drivers\downld\529890.exe
C:\WINDOWS.0\system32\drivers\downld\543609.exe
C:\WINDOWS.0\system32\drivers\downld\545656.exe
C:\WINDOWS.0\system32\drivers\downld\555484.exe
C:\WINDOWS.0\system32\drivers\downld\8157296.exe
C:\WINDOWS.0\system32\drivers\winfilse.exe
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SROSA
((((((((((((((((((((((((( Files Creati Da 2008-10-03 al 2008-11-03 )))))))))))))))))))))))))))))))))))
.
2008-11-03 14:47 . 2008-11-03 14:47 <DIR> d-------- C:\Muestras
2008-11-02 16:15 . 2008-11-02 16:18 419 --a------ C:\WINDOWS.0\nwplayer.ini
2008-11-02 15:57 . 2008-11-02 15:57 <DIR> d-------- C:\WINDOWS.0\ACAMPREF
2008-11-02 15:52 . 1994-09-21 00:00 12,800 --a------ C:\WINDOWS.0\system32\wing32.dll
2008-11-02 15:52 . 2008-11-02 16:05 889 --a------ C:\WINDOWS.0\wacam.ini
2008-11-02 15:52 . 2008-11-02 15:52 724 --a------ C:\WINDOWS.TMP
2008-10-25 20:09 . 2008-10-25 23:18 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-10-25 20:09 . 2008-10-25 20:09 <DIR> d-------- C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\Malwarebytes
2008-10-25 20:09 . 2008-10-25 20:09 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\Malwarebytes
2008-10-25 20:09 . 2008-10-22 15:10 38,496 --a------ C:\WINDOWS.0\system32\drivers\mbamswissarmy.sys
2008-10-25 20:09 . 2008-10-22 15:10 15,504 --a------ C:\WINDOWS.0\system32\drivers\mbam.sys
2008-10-24 21:13 . 2008-10-15 17:36 337,408 -----c--- C:\WINDOWS.0\system32\dllcache\netapi32.dll
2008-10-18 20:34 . 2008-10-18 20:34 <DIR> d-------- C:\Programmi\VstPlugins
2008-10-16 17:28 . 2008-10-16 17:28 <DIR> d-------- C:\Programmi\Alien Connections
2008-10-16 17:28 . 1997-01-18 10:40 299,520 --a------ C:\WINDOWS.0\uninst.exe
2008-10-16 17:28 . 2008-10-16 17:28 0 --a------ C:\WINDOWS.0\PROTOCOL.INI
2008-10-16 14:07 . 2008-10-16 17:26 <DIR> d-------- C:\Audio
2008-10-16 11:17 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS.0\system32\dllcache\srv.sys
2008-10-16 11:16 . 2008-08-14 14:22 2,192,896 -----c--- C:\WINDOWS.0\system32\dllcache\ntoskrnl.exe
2008-10-16 11:16 . 2008-08-14 14:22 2,148,864 -----c--- C:\WINDOWS.0\system32\dllcache\ntkrnlmp.exe
2008-10-16 11:16 . 2008-08-14 14:22 2,069,760 -----c--- C:\WINDOWS.0\system32\dllcache\ntkrnlpa.exe
2008-10-16 11:16 . 2008-08-14 14:22 2,027,520 -----c--- C:\WINDOWS.0\system32\dllcache\ntkrpamp.exe
2008-10-16 11:16 . 2008-09-15 16:24 1,846,400 -----c--- C:\WINDOWS.0\system32\dllcache\win32k.sys
2008-10-12 17:52 . 2008-10-12 17:52 <DIR> d-------- C:\Documents and Settings\Manlio.PC-HOME\.GalleryRemote
2008-10-11 22:51 . 2008-10-11 22:51 <DIR> d-------- C:\WINDOWS.0\USB Vibration
2008-10-10 20:33 . 2008-10-10 20:33 <DIR> d-------- C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\SlySoft
2008-10-10 19:56 . 2008-10-10 19:56 <DIR> d-------- C:\Programmi\Guitar Pro 5
2008-10-10 18:40 . 2008-10-10 18:40 <DIR> d-------- C:\Guitar Pro 4 full +serial
2008-10-09 20:08 . 2008-10-13 13:40 <DIR> d-------- C:\Programmi\Guitar Calculator Pro
2008-10-09 20:04 . 2008-10-13 13:40 249,856 --------- C:\WINDOWS.0\Setup1.exe
2008-10-09 20:04 . 2008-10-13 13:40 73,216 --a------ C:\WINDOWS.0\ST6UNST.EXE
2008-10-09 17:49 . 2008-11-01 18:15 <DIR> d-------- C:\Gitune
2008-10-04 20:10 . 2008-10-04 20:10 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-03 20:28 . 2008-10-03 20:28 <DIR> d-------- C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\Sibelius Software
2008-10-03 20:27 . 2008-10-03 20:27 <DIR> d-------- C:\Programmi\Musicnotes
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 15:48 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-11-03 11:48 --------- d-----w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\stickies
2008-11-03 10:58 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\Google Updater
2008-11-02 23:02 --------- d-----w C:\Programmi\Symantec
2008-11-02 21:11 --------- d-----w C:\Programmi\File comuni\Symantec Shared
2008-11-02 21:11 --------- d-----w C:\Programmi\eMule
2008-11-02 12:51 --------- d-----w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\Skype
2008-11-02 12:50 --------- d-----w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\skypePM
2008-11-01 12:19 --------- d-----w C:\Programmi\FlatOut 2
2008-10-26 17:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\Lavasoft
2008-10-25 14:26 --------- d-----w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\uTorrent
2008-10-22 19:37 --------- d-----w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\Audacity
2008-10-16 13:07 --------- d-----w C:\Programmi\Steinberg
2008-10-15 17:39 --------- d-----w C:\Programmi\10-Strike SearchMyDiscs
2008-10-11 21:51 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-10-10 19:34 --------- d-----w C:\Programmi\SlySoft
2008-10-10 19:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\SecTaskMan
2008-10-06 21:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\Spybot - Search & Destroy
2008-10-04 19:10 --------- d-----w C:\Programmi\iTunes
2008-10-04 19:10 --------- d-----w C:\Programmi\iPod
2008-10-04 11:05 --------- d-----w C:\Programmi\Java
2008-10-02 17:17 --------- d-----w C:\Programmi\BitTorrent Fastest Tool
2008-09-27 10:19 --------- d-----w C:\Programmi\MediaCoder
2008-09-23 22:04 --------- d-----w C:\Programmi\DVDx
2008-09-21 17:41 --------- d-----w C:\Programmi\Formosoft
2008-09-20 13:57 --------- d-----w C:\Programmi\LimeWire
2008-09-17 12:55 --------- d-----w C:\Programmi\QuickTime
2008-09-17 12:54 --------- d-----w C:\Programmi\File comuni\Apple
2008-09-17 12:48 --------- d-----w C:\Programmi\Bonjour
2008-09-15 15:24 1,846,400 ----a-w C:\WINDOWS.0\system32\win32k.sys
2008-09-14 14:44 82,380 ----a-w C:\WINDOWS.0\system32\drivers\AFS2K.SYS
2008-09-14 13:49 0 ---ha-w C:\Documents and Settings\LocalService.NT AUTHORITY\hpothb07.dat
2008-09-12 11:48 --------- d-----w C:\Programmi\ffdshow
2008-09-11 09:27 --------- d-----w C:\Programmi\uTorrent
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS.0\system32\drivers\srv.sys
2008-08-29 08:18 87,336 ----a-w C:\WINDOWS.0\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w C:\WINDOWS.0\system32\dnssd.dll
2008-08-26 07:57 826,368 ----a-w C:\WINDOWS.0\system32\wininet.dll
2008-08-14 13:22 2,192,896 ----a-w C:\WINDOWS.0\system32\ntoskrnl.exe
2008-08-14 13:22 2,069,760 ----a-w C:\WINDOWS.0\system32\ntkrnlpa.exe
2008-04-17 10:02 103,776 ----a-w C:\Documents and Settings\Manlio.PC-HOME\System_Restore.exe
2008-02-26 14:48 357,768 ----a-w C:\Documents and Settings\Manlio.PC-HOME\SymXPep2.dll
2008-02-26 14:03 251,216 ----a-w C:\Documents and Settings\Manlio.PC-HOME\IView.exe
2007-12-01 11:56 32 ----a-w C:\Documents and Settings\All Users.WINDOWS.0\Dati applicazioni\ezsid.dat
2007-01-28 17:38 87,608 ----a-w C:\Documents and Settings\Manlio\Dati applicazioni\ezpinst.exe
2007-01-28 17:38 87,608 ----a-w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\ezpinst.exe
2007-01-28 17:38 47,360 ----a-w C:\Documents and Settings\Manlio\Dati applicazioni\pcouffin.sys
2007-01-28 17:38 47,360 ----a-w C:\Documents and Settings\Manlio.PC-HOME\Dati applicazioni\pcouffin.sys
2008-03-27 17:15 2 --shatr C:\WINDOWS.0\winstart.bat
2002-09-10 11:00 4,952 --sha-r C:\WINDOWS.0\system32\AsBackup\AllUser\Bootfont.bin
2008-05-11 18:42 32,768 --sha-w C:\WINDOWS.0\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008051120080512\index.dat
.
- Codice: Seleziona tutto
<pre>
----a-w 438,359 2006-04-21 13:41:20 C:\Programmi\Alice ti aiuta\SmartBridge\MotiveSB .exe
----a-w 936,960 2006-11-21 14:26:22 C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\McciTrayApp .exe
----a-w 40,960 2002-03-06 00:31:00 C:\Programmi\Creative\WebCam Monitor\TrayMon .exe
----a-w 153,136 2007-03-01 14:57:24 C:\Programmi\File comuni\Nero\Lib\NeroCheck .exe
----a-w 68,856 2008-04-10 12:34:05 C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
----a-w 90,112 2002-10-06 23:23:20 C:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon .exe
----a-w 69,632 2002-04-17 09:42:56 C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd .exe
----a-w 88,024 2007-08-08 13:53:16 C:\Programmi\Lavasoft\Ad-Aware 2007\AAWTray .exe
--sha-r 2,097,488 2008-01-28 10:43:40 C:\Programmi\Spybot - Search & Destroy\TeaTimer .exe
----a-w 28,160 2002-12-12 05:45:00 C:\Programmi\Symantec\WinFax\WFXSWTCH .exe
----a-w 307,200 2007-12-11 02:59:40 C:\Programmi\Syncrosoft\POS\H2O\cledx .exe
----a-w 41,984 2000-12-26 13:35:00 C:\WINDOWS.0\CTRegRun .exe
----a-w 15,360 2004-08-19 13:39:36 C:\WINDOWS.0\system32\ctfmon .exe
----a-w 406,016 2004-03-10 23:26:10 C:\WINDOWS.0\system32\PSDrvCheck .exe
----a-w 14,348 2008-03-17 22:35:22 C:\WINDOWS.0\system32\drivers\hldrrr .exe
</pre>
((((((((((((((((((((((((((((( snapshot@2008-10-27_11.38.44,85 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB941693\update\update.exe
+ 2008-11-03 12:18:26 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB941693\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB943055\update\update.exe
+ 2008-11-03 12:18:30 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB943055\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB944533-IE7\update\update.exe
+ 2008-11-03 12:18:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB944533-IE7\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB945553\update\update.exe
+ 2008-11-03 12:18:34 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB945553\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB946026\update\update.exe
+ 2008-11-03 12:18:35 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB946026\update\update.exe
- 2007-11-30 11:19:29 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB946648\update\update.exe
+ 2008-11-03 12:18:35 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB946648\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB947864-IE7\update\update.exe
+ 2008-11-03 12:18:37 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB947864-IE7\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB948590\update\update.exe
+ 2008-11-03 12:18:38 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB948590\update\update.exe
- 2007-03-06 01:48:32 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB948881\update\update.exe
+ 2008-11-03 12:18:38 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB948881\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB950759-IE7\update\update.exe
+ 2008-11-03 12:18:40 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB950759-IE7\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950760\update\update.exe
+ 2008-11-03 12:18:41 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950760\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950762\update\update.exe
+ 2008-11-03 12:18:41 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950762\update\update.exe
- 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950974\update\update.exe
+ 2008-11-03 12:18:42 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB950974\update\update.exe
- 2007-12-03 15:25:53 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951066\update\update.exe
+ 2008-11-03 12:18:43 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951066\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951072-v2\update\update.exe
+ 2008-11-03 12:18:43 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951072-v2\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951376-v2\update\update.exe
+ 2008-11-03 12:18:44 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951376-v2\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951376\update\update.exe
+ 2008-11-03 12:18:44 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951376\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951698\update\update.exe
+ 2008-11-03 12:18:45 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951698\update\update.exe
- 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951748\update\update.exe
+ 2008-11-03 12:18:46 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951748\update\update.exe
- 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951978\update\update.exe
+ 2008-11-03 12:18:46 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB951978\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB952287\update\update.exe
+ 2008-11-03 12:18:47 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB952287\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB952954\update\update.exe
+ 2008-11-03 12:18:47 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB952954\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB953838-IE7\update\update.exe
+ 2008-11-03 12:18:50 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB953838-IE7\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB953839\update\update.exe
+ 2008-11-03 12:18:50 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB953839\update\update.exe
- 2008-07-09 07:42:38 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB954211\update\update.exe
- 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS.0\$hf_mig$\KB956390-IE7\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB956391\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB956803\update\update.exe
- 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB956841\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB957095\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\$hf_mig$\KB958644\update\update.exe
+ 2008-11-02 15:05:07 12,500 ----a-w C:\WINDOWS.0\ACAMPREF\Myriad\ALBUM.DAT
+ 2008-11-02 15:05:07 77,471 ----a-w C:\WINDOWS.0\ACAMPREF\Myriad\Pattern.Dat
+ 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS.0\ERDNT\subs\ERDNT.EXE
- 2007-11-30 11:19:29 763,768 ----a-w C:\WINDOWS.0\SoftwareDistribution\Download\6992704de146fd04c2b287b390b5ce62\update\update.exe
- 2007-07-27 06:36:02 763,768 ----a-w C:\WINDOWS.0\SoftwareDistribution\Download\739056e231764a9a08938e9afba00f5f\update\update.exe
- 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS.0\SoftwareDistribution\Download\e01610020f827bc60f09563514e31bcd\update\update.exe
- 2008-10-16 12:27:40 208,104 ----a-w C:\WINDOWS.0\system32\FNTCACHE.DAT
+ 2008-11-02 17:52:38 209,696 ----a-w C:\WINDOWS.0\system32\FNTCACHE.DAT
- 2008-10-27 10:02:29 64,200 ----a-w C:\WINDOWS.0\system32\perfc009.dat
+ 2008-10-29 13:20:59 64,200 ----a-w C:\WINDOWS.0\system32\perfc009.dat
- 2008-10-27 10:02:29 77,266 ----a-w C:\WINDOWS.0\system32\perfc010.dat
+ 2008-10-29 13:21:00 77,266 ----a-w C:\WINDOWS.0\system32\perfc010.dat
- 2008-10-27 10:02:29 407,670 ----a-w C:\WINDOWS.0\system32\perfh009.dat
+ 2008-10-29 13:20:59 407,670 ----a-w C:\WINDOWS.0\system32\perfh009.dat
- 2008-10-27 10:02:29 455,008 ----a-w C:\WINDOWS.0\system32\perfh010.dat
+ 2008-10-29 13:21:00 455,008 ----a-w C:\WINDOWS.0\system32\perfh010.dat
+ 2008-11-02 18:29:27 81,064 ----a-w C:\WINDOWS.0\system32\Restore\rstrlog.dat
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe" [N/A]
"FreeMem Pro"="C:\Programmi\FreeMem Professional\Fmempro.exe" [2000-03-27 428544]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-16 68856]
"ctfmon.exe"="C:\WINDOWS.0\system32\ctfmon.exe" [2008-04-14 15360]
"DriverMax"="C:\Programmi\Innovative Solutions\DriverMax\devices.exe" [2008-07-25 5057368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebCam Monitor"="C:\Programmi\Creative\WebCam Monitor\TrayMon.exe" [N/A]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Share-to-Web Namespace Daemon"="C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"Motive SmartBridge"="C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe" [N/A]
"CamMonitor"="C:\Programmi\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [2002-10-06 90112]
"AliceRE_McciTrayApp"="C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe" [2006-11-21 936960]
"ccApp"="C:\Programmi\File comuni\Symantec Shared\ccApp.exe" [2008-11-03 51048]
"osCheck"="C:\Programmi\Norton AntiVirus\osCheck.exe" [2008-11-03 714608]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [N/A]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"PwrUpTweakMe"="C:\WINDOWS.0\system32\PuXpTwks.exe" [N/A]
"AAWTray"="C:\Programmi\Lavasoft\Ad-Aware 2007\AAWTray.exe" [N/A]
"PinnacleDriverCheck"="C:\WINDOWS.0\system32\\PSDrvCheck.exe" [N/A]
"CTRegRun"="C:\WINDOWS.0\CTRegRun.EXE" [N/A]
"StartCCC"="C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"WFXSwtch"="C:\PROGRA~1\Symantec\WinFax\WFXSWTCH.exe" [N/A]
"H2O"="C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"WinFaxAppPortStarter"="wfxsnt40.exe" [2002-12-12 C:\WINDOWS.0\system32\WFXSNT40.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS.0\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide2"="rundll32 advpack.dll" [N/A]
C:\Documents and Settings\Manlio.PC-HOME\Menu Avvio\Programmi\Esecuzione automatica\
Stickies.lnk - C:\Programmi\stickies\stickies.exe [2006-03-29 348160]
C:\Documents and Settings\All Users.WINDOWS.0\Menu Avvio\Programmi\Inicio\
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2008-04-15 217088]
Controller.LNK - C:\Programmi\Symantec\WinFax\WFXCTL32.EXE [2008-04-28 565760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"= "C:\PROGRA~1\Symantec\WinFax\WfxSeh32.Dll" [1998-07-27 38400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
"vidc.ffds"= C:\Programmi\ffdshow\ffdshow.ax
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\stickies\\stickies.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\WINDOWS.0\\system32\\ftp.exe"=
"C:\\Programmi\\File comuni\\Symantec Shared\\NPC\\npcLUStb.exe"=
"C:\\Programmi\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"C:\\Programmi\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"C:\\Programmi\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"C:\\Programmi\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4758:TCP"= 4758:TCP:messenger
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R2 Network WanMiniport First Position;Network WanMiniport First Position;C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe [2003-04-18 8192]
R2 wfxsvc;WinFax PRO;C:\WINDOWS.0\system32\WFXSVC.EXE [2000-09-28 129536]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS.0\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS.0\system32\DRIVERS\fetnd5bv.sys [2008-01-02 43520]
R3 PD1030VID;Creative WebCam Pro;C:\WINDOWS.0\system32\DRIVERS\p1030vid.sys [2006-12-18 167661]
S2 LiveUpdate Notice;LiveUpdate Notice;C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe [2008-11-03 149352]
S2 rend32;Microsoft Rendezvous Control;rundll32.exe C:\WINDOWS.0\system32\rend32.dll,ileb [ ]
S3 COH_Mon;COH_Mon;C:\WINDOWS.0\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
.
Contenuto della cartella 'Scheduled Tasks'
2008-09-01 C:\WINDOWS.0\Tasks\AppleSoftwareUpdate.job
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-27 C:\WINDOWS.0\Tasks\Norton AntiVirus - Scansione completa sistema - Manlio.job
- C:\Programmi\Norton AntiVirus\Navw32.exe [2008-11-03 13:11]
.
- - - - ORFÃOS REMOVIDOS - - - -
SafeBoot-sglfb.sys
SafeBoot-tga.sys
SafeBoot-wd.sys
SafeBoot-sacsvr
.
------- Supplementare di scansione -------
.
R0 -: HKCU-Main,Start Page =
hxxp://www.alice.it/R0 -: HKLM-Main,Start Page = about:blank
O17 -: HKLM\CCS\Interface\{5A153652-D550-4603-ACDA-5F9C31C74892}: NameServer = 85.37.17.43 85.38.28.96
.
.
------- Associazioni di file -------
.
txtfile=Notepad.exe "%1"
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-03 17:07:59
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
**************************************************************************
.
Ora fine scansione: 2008-11-03 17:11:57
ComboFix-quarantined-files.txt 2008-11-03 16:10:52
ComboFix2.txt 2008-10-27 10:40:26
Pre-Run: 25,508,212,736 byte disponibili
Post-Run: 25,482,444,800 byte disponibili
344 --- E O F --- 2008-10-26 22:23:50
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17.23.20, on 03/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\WFXSVC.EXE
C:\Programmi\Symantec\WinFax\WFXMOD32.EXE
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS.0\system32\wfxsnt40.exe
C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\FreeMem Professional\Fmempro.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Programmi\Innovative Solutions\DriverMax\devices.exe
C:\Programmi\Symantec\WinFax\WFXCTL32.EXE
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS.0\explorer.exe
C:\Programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\McciBrowser.exe
E:\Shareback\Hijackthis v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.alice.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FILECO~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WebCam Monitor] C:\Programmi\Creative\WebCam Monitor\TrayMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmi\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS.0\system32\PuXpTwks.exe /TWEAK
O4 - HKLM\..\Run: [AAWTray] C:\Programmi\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS.0\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS.0\CTRegRun.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\Symantec\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [H2O] C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [FreeMem Pro] "C:\Programmi\FreeMem Professional\Fmempro.exe" Startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Programmi\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Programmi\stickies\stickies.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Controller.LNK = C:\Programmi\Symantec\WinFax\WFXCTL32.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: NBService - Unknown owner - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: Microsoft Rendezvous Control (rend32) - Unknown owner - rundll32.exe (file missing)
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Programmi\File comuni\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS.0\system32\WFXSVC.EXE
O24 - Desktop Component 1: Aqua Garden - 6423CD5F-D089-4BF1-88B6-6A359339DAFF
--
End of file - 10542 bytes