Ciao, ecco i due file log:
quello di SDFix:
SDFix: Version 1.137
Run by HD-C on 06/02/2008 at 10.26
Microsoft Windows XP [Versione 5.1.2600]
Running From: C:\SDFix\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\SSPRS.DLL - Deleted
C:\42.TMP - Deleted
C:\WINDOWS\service32.exe - Deleted
C:\WINDOWS\svchost.dll - Deleted
C:\WINDOWS\sysnet32.exe - Deleted
Removing Temp Files...
ADS Check:
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-06 10:32:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:f63518fa
"s1"=dword:e4598d5a
"s2"=dword:b576e0b9
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programmi\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:02,3d,2a,73,d5,ca,29,85,43,d2,14,8c,75,bf,4e,65,77,50,86,cf,de,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,18,2a,e6,a1,49,05,52,86,c0,64,70,65,9c,fa,8d,8e,3e,..
"khjeh"=hex:2b,fc,50,be,e2,78,05,c7,23,f0,ef,bd,07,05,9c,d2,90,28,c4,41,8b,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:05,e1,dc,d5,22,68,88,03,e5,69,b1,cd,39,5e,95,70,06,03,b2,5b,74,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programmi\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:02,3d,2a,73,d5,ca,29,85,43,d2,14,8c,75,bf,4e,65,77,50,86,cf,de,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,18,2a,e6,a1,49,05,52,86,c0,64,70,65,9c,fa,8d,8e,3e,..
"khjeh"=hex:2b,fc,50,be,e2,78,05,c7,23,f0,ef,bd,07,05,9c,d2,90,28,c4,41,8b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:05,e1,dc,d5,22,68,88,03,e5,69,b1,cd,39,5e,95,70,06,03,b2,5b,74,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 4
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmi\\IncrediMail\\bin\\IMApp.exe"="C:\\Programmi\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Programmi\\IncrediMail\\bin\\IncMail.exe"="C:\\Programmi\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Programmi\\Messenger\\msmsgs.exe"="C:\\Programmi\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Programmi\\SmartFTP Client 2.0\\SmartFTP.exe"="C:\\Programmi\\SmartFTP Client 2.0\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"="C:\\Programmi\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programmi\\MSN Messenger\\livecall.exe"="C:\\Programmi\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Programmi\\iTunes\\iTunes.exe"="C:\\Programmi\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programmi\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Programmi\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"="C:\\Programmi\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programmi\\MSN Messenger\\livecall.exe"="C:\\Programmi\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
File Backups: - C:\SDFix\SDFix\backups\backups.zip
Files with Hidden Attributes:
Wed 25 May 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 23 Jan 2003 65,952 ..SHR --- "C:\Programmi\Autodesk\Autodesk Express Viewer\Setup.exe"
Thu 22 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\42240f0e0835cbb61b7f5567bf62437b\BIT4A.tmp"
Thu 12 May 2005 56,832 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0004.tmp"
Sat 3 Dec 2005 30,208 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0005.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0043.tmp"
Sat 3 Dec 2005 100,864 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0121.tmp"
Sun 4 Dec 2005 283,136 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0254.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0402.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0424.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0486.tmp"
Thu 12 May 2005 56,832 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0516.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0527.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0592.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0701.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0800.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL0982.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1007.tmp"
Sat 29 Oct 2005 217,600 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1154.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1165.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1383.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1412.tmp"
Sat 3 Dec 2005 26,624 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1466.tmp"
Thu 12 May 2005 20,480 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1536.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1637.tmp"
Thu 12 May 2005 56,832 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1665.tmp"
Sun 4 Dec 2005 283,648 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1707.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1798.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1852.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL1891.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2073.tmp"
Sun 4 Dec 2005 25,600 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2124.tmp"
Sat 29 Oct 2005 231,424 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2126.tmp"
Mon 4 Dec 2006 23,040 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2243.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2260.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2305.tmp"
Sat 3 Dec 2005 26,624 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2680.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2871.tmp"
Sat 3 Dec 2005 30,208 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL2897.tmp"
Thu 12 May 2005 21,504 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3054.tmp"
Sat 29 Oct 2005 217,600 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3079.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3121.tmp"
Tue 11 Sep 2007 1,256,448 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3123.tmp"
Sat 3 Dec 2005 26,624 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3134.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3136.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3138.tmp"
Thu 12 May 2005 19,968 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3150.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3261.tmp"
Sat 3 Dec 2005 26,624 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3317.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3386.tmp"
Mon 30 Jan 2006 87,040 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3468.tmp"
Sun 4 Dec 2005 31,232 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3488.tmp"
Sun 4 Dec 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3815.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3829.tmp"
Thu 12 May 2005 56,832 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3865.tmp"
Thu 12 May 2005 19,456 ...H. --- "C:\Documents and Settings\HD-C\Dati applicazioni\Microsoft\Word\~WRL3947.tmp"
Sat 26 Jan 2008 888 ...HR --- "C:\Documents and Settings\HD-C\Dati applicazioni\SecuROM\UserData\securom_v7_01.bak"
Finished!
e quello di HiJackThis_v2:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10.39.45, on 06/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\HD-C\Desktop\Manutenzione pc\HiJackThis_v2\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.libero.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar4.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\StarModem\StarModem USB Network\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: jiamfg.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: byiyyyp.bat
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: yulpkhs.bat
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.inforiviera.it/new_webcam/AxisCamControl.ocxO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{96D6A1EF-05F8-4B5D-B191-E1D625AAFD65}: NameServer = 192.168.1.254
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LogIhc - Unknown owner - \\?\C:\Programmi\File comuni\Services\prn.exe (file missing)
O23 - Service: NetEgn - Unknown owner - \\?\C:\Programmi\File comuni\Services\lpt7.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SrvAwl - Unknown owner - \\?\C:\Programmi\File comuni\Microsoft Shared\lpt2.exe (file missing)
O23 - Service: SysCqq - Unknown owner - \\?\C:\Programmi\File comuni\Services\lpt4.exe (file missing)
O23 - Service: UpdTau - Unknown owner - \\?\C:\Programmi\File comuni\System\con.exe (file missing)
O23 - Service: WinWve - Unknown owner - \\?\C:\Programmi\File comuni\System\aux.exe (file missing)
--
End of file - 8227 bytes
Registrazione