www.MegaLab.it

da **mitrha** » dom ott 30, 2011 1:34 pm

Ciao a tutti,
vorrei qualche parere su questa scansione effettuata con SuperAntySpyWare:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/29/2011 at 08:58 PM

Application Version : 5.0.1134

Core Rules Database Version : 7868
Trace Rules Database Version: 5680

Scan type : Quick Scan
Total Scan Time : 00:05:04

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 506
Memory threats detected : 0
Registry items scanned : 32196
Registry threats detected : 2
File items scanned : 6237
File threats detected : 3

Rootkit.Mailer/Gen
HKLM\System\CurrentControlSet\Services\38155281
C:\WINDOWS\SYSTEM32\DRIVERS\38155281.SYS
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_38155281

Adware.Tracking Cookie
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\COOKIES.SQLITE ]

Grazie a tutti per l'aiuto.

da **eugenio19911** » dom ott 30, 2011 1:56 pm

Prima di tutto interverei sul rootkit:
se riesci ad abilitare i file nascosti e di sistema prova a far esaminare su virustotal questo driver sospetto: 38155281.SYS (C:\WINDOWS\SYSTEM32\DRIVERS\38155281.SYS).
Nel caso non dovessi riuscire prova a fare una scansione con hitman pro e Kaspersky TDSS Killer dopo dicci cosa hanno rilevato.

da **mitrha** » dom ott 30, 2011 4:12 pm

Innanzi tutto grazie per il tuo aiuto.Volevo sapere se può andare bene anche avira antirootkit?

da **mitrha** » dom ott 30, 2011 4:34 pm

Non so se ho fatto bene,ti posto la pagina dell'analisi di virusTotal.
http://imageshack.us/photo/my-images/82 ... evirp.jpg/

da **mitrha** » dom ott 30, 2011 6:04 pm

KasperskyTDSS non ha trovato nulla.

da **crazy.cat** » dom ott 30, 2011 6:10 pm

mitrha ha scritto:Non so se ho fatto bene,ti posto la pagina dell'analisi di virusTotal.
http://imageshack.us/photo/my-images/82 ... evirp.jpg/

Non è che si legga molto ma due sembra dicano sia un virus.

da **eugenio19911** » dom ott 30, 2011 10:55 pm

Gli unici 2 che lo rilevano sono superantispyware e mcafee.
direi che è un po' poco come responso.
comunque hai notato qualcosa di anomalo (dns cambiati, comparsa di pagine pubblicitarie, crash di una applicazione avviata, finestra con strani errori, comparsa l'applicazione ha smesso di funzionare, riavvii,scomparsa del suono, cpu al riposo intorno al 100%)
Prossima volta meglio postare il link di virustotal.
Riprovando una scansione per vedere se aumentano il numero di rilevazioni se sì allora il file è un malware

da **mitrha** » dom ott 30, 2011 11:51 pm

Devo dire che l'unica cosa che ho notato e,solo oggi è che avira dopo un po che scansiona si blocca e mi da:"errore in avscan.exe l'applicazione nn risponde e verra bloccata" invia segnalazione errori?? E poi nn mi parte la guida in linea e supporto tecnico,anche se il servizio è avviato e impostato su automatico.La CPU a riposo oscilla tra 0%e 4-5%.Tutti i progr4 girano ottimamente,considera che utilizzo anche programmi abbastanza pesanti tipo Ableton live per suonare e va tutto ok.Ma nn riesco più a scansionare con avira.
Magari una scansione con HIJACK o roba simile???

da **eugenio19911** » lun ott 31, 2011 10:06 am

un log con hijackthis sicuramente aiuta a trovare qualche voce infetta.
poi scarica comodo cleaning essenzial 2 versione beta:
http://www.softpedia.com/progDownload/C ... 99079.html
Avvia questi 2 strumenti:
KillSwitch (per esaminare i processi attivi)
Autoruns (per esaminare i programmi in avvio automatico, i driver ecc.)
Aspetta che finisca di analizzare il tutto, richiede necessariamente la connessione ad internet, e nota se compare una barra orizzontale rossa su una voce questo significa che quel programma è per comodo un malware o sospetto (nel caso dell'autorun resta sulla voce everything e scorri per vedere se compare qualche elemento sospetto tanto si nota subito visivamente).
Volendo avviando poi il CCE puoi fare una scansione attenzione che è un po' aggressivo, ma abbastanzaa efficace ricordati di mantenere sempre la connessione internet.
Il fatto che con avira non possa scansionare è sintomo di infezione.

da **mitrha** » lun ott 31, 2011 11:24 am

Ecco intanto il log di HIJACK:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:21, on 31/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Programmi\SUPERAntiSpyware\SASCORE.EXE
C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\COMODO\Time Machine\ClientService.exe
C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\clipsrv.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\Ask.com\Updater\Updater.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Rising PC Doctor - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - C:\WINDOWS\system32\UrlFilter.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [ApnUpdater] "C:\Programmi\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programmi\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Time Machine Client Service (ClientService) - COMODO. - C:\Programmi\COMODO\Time Machine\ClientService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Programmi\Sandboxie\SbieSvc.exe

--
End of file - 6134 bytes

da **mitrha** » lun ott 31, 2011 11:46 am

Per i log di autorun e killswitch??
Mi sembra che scorrendo per un momento sia apparsa una barra rossa ma un'istante solo.
Queste invece sono le voci che appaiono in grigio in autorun:

ApnUpdater {StringFileInfo_FileDescription} {StringFileInfo_CompanyName} FLS.Unknown C:\Programmi\Ask.com\Updater\Updater.exe

Avira SearchFree Toolbar plus Web Protection Avira SearchFree Toolbar Ask FLS.Unknown C:\Programmi\Ask.com\GenericAskToolbar.dll

Avira SearchFree Toolbar plus Web Protection Avira SearchFree Toolbar Ask FLS.Unknown C:\Programmi\Ask.com\GenericAskToolbar.dll

Scheduled Update for Ask Toolbar.job FLS.Unknown C:\Programmi\Ask.com\UpdateTask.exe

38155281 38155281 FLS.Unknown C:\WINDOWS\system32\drivers\38155281.sys

setup_9.0.0.722_22.05.2011_10-14drv setup_9.0.0.722_22.05.2011_10-14drv Kaspersky Lab FLS.Unknown C:\WINDOWS\system32\drivers\4444921.sys

setup_9.0.0.722_26.05.2011_14-12drv setup_9.0.0.722_26.05.2011_14-12drv Kaspersky Lab FLS.Unknown C:\WINDOWS\system32\drivers\2767017.sys

da **eugenio19911** » lun ott 31, 2011 12:24 pm

per malware si intendono delle barre rosse permanenti quelle di un attimo sono processi che terminano.
Anche comodo non riconosce quel driver sospetto: C:\WINDOWS\system32\drivers\38155281.sys fta l'altro non è digitalmente firmato [uhm]

diciamo che diventa sempre più sospetto.
il log sembra pulito ask immagino che lo abbia installato per abilitarti il controllo web di avira se non è così ti consiglierei di toglierlo.
Per ultima prova potresti fare un esperimento per capire se quel file è sempre esistito:
-dato che hai comodo time machine si potrebbe creare uno snapshot in questo momento, poi torni in dietro all'ultimo snapshot e rifare la scansione con superantispyware se il file non viene più rilevato hai 2 alternative:
o rimani in quella configurazione oppure se non vuoi perdere dati successivamente immagazzinati elimini quel driver "rootkit" e quegli adware rilevati da superantispyware.

ricordati poi di cancellare uno snapshot perché ad ogni riavvio ne crea uno

da **mitrha** » lun ott 31, 2011 9:31 pm

Esatto,ask è stato istallato con Avira.Per quanto riguarda Comodo Time machine ti dirò che nn l'ho mai usato. lo ha istallato un mio amico dicendomi che è estremamente utile ma,per esempio un giorno visto che nn l'ho mai usato avevo provato a disistallarlo e stavo per fare un casino,quindi nn so usarlo molto bene.Ti prego se puoi di spiegarmi in dettaglio cosa devo fare.
Grazie.

da **hashcat** » mar nov 01, 2011 1:44 pm

Il file 38155281.SYS è decisamente sospetto.

Vorrei averne maggiori informazioni:

Scarica SystemLook da qui
Avvia SystemLook
Inserisci il seguente script nella casella di testo (copia e incolla):

Codice: Seleziona tutto
:dir C:\Windows\System32\drivers /s /md5 :file C:\WINDOWS\SYSTEM32\DRIVERS\38155281.SYS :filefind 38155281.* :regfind 38155281 ::env
Disattiva o termina tutte le protezioni in tempo reale di programmi anti-spyware, antivirus, anti-malware, che possono influenzare SystemLook
Clicca Su
Aspetta finché non verrà generato un log e aperto con il Blocco Note
Dal menu del Blocco Note seleziona la voce Modifica >> Seleziona Tutto e successivamente Modifica >> Copia
Inserisci il contenuto copiato nel tuo prossimo messaggio

Dopo aver seguito questo procedimento passiamo ad OTL:

Scarica OTL da qui
Disattivare o terminare tutte le protezioni in tempo reale di programmi anti-spyware, antivirus, anti-malware, che possono influenzare OTL
Avviare OTL mediante doppio click
Quando apparirà la schermata di OTL regolare le impostazioni come segue:
Cliccare su Run Scan per avviare la scansione
Non utilizzare il computer durante l'esecuzione di OTL
Al termine della scansione verranno generati due log e appariranno due finestre del Blocco Note
Salva il log OTL come OTL.txt sul Desktop ed includilo nel tuo prossimo messaggio
Salva il log Extra come Extra.txt sul Desktop ed includilo nel tuo prossimo messaggio

da **mitrha** » mar nov 01, 2011 1:54 pm

Questo è il log di SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 13:54 on 01/11/2011 by Fabio
Administrator - Elevation successful

========== dir ==========

C:\Windows\System32\drivers - Parameters: "/s /md5"

---Files---
1394bus.sys --a---- 53376 bytes [12:00 02/03/2006] [09:46 13/04/2008]

C1536905AD2067812A238BCE998F4BFF
2767017.sys --a---- 315408 bytes [10:59 26/05/2011] [21:31 09/10/2009]

BEBD4B6AA84D977B997587897342816C
27670171.sys --a---- 128016 bytes [10:59 26/05/2011] [15:59 25/09/2009]

7DD41B7AC1FBB1DBF20BB1F4E4FBE58C
27670172.sys --a---- 37392 bytes [10:59 26/05/2011] [11:54 22/10/2009]

A305FAD3719C5DB0C13D1C2BFD08A04D
3815528.sys --a---- 315408 bytes [22:56 22/05/2011] [21:31 09/10/2009]

A244A8BC19B3FABEBB1A085BD6E83525
38155281.sys --a---- 128016 bytes [22:56 22/05/2011] [15:59 25/09/2009]

8A7EB032D8700F8E51D64C32301EB2DC
38155282.sys --a---- 37392 bytes [22:56 22/05/2011] [11:54 22/10/2009]

A305FAD3719C5DB0C13D1C2BFD08A04D
4444921.sys --a---- 315408 bytes [23:03 22/05/2011] [21:31 09/10/2009]

BEBD4B6AA84D977B997587897342816C
44449211.sys --a---- 128016 bytes [23:03 22/05/2011] [15:59 25/09/2009]

7DD41B7AC1FBB1DBF20BB1F4E4FBE58C
44449212.sys --a---- 37392 bytes [23:03 22/05/2011] [11:54 22/10/2009]

A305FAD3719C5DB0C13D1C2BFD08A04D
acpi.sys --a---- 188416 bytes [12:00 02/03/2006] [16:47 13/04/2008]

D766E636187B8F240BBFBABCD51EB2C6
acpiec.sys --a---- 12160 bytes [12:00 02/03/2006] [12:00 02/03/2006]

49AC5CD87FBDDA62F3E25190019E7627
adv01nt5.dll ------- 4255 bytes [08:05 10/06/2010] [17:13 13/04/2008]

B24BADF4FE3A28580F6ACC2CDFB7E471
adv02nt5.dll ------- 3967 bytes [08:05 10/06/2010] [17:13 13/04/2008]

F4DDE8C32B7B83E56095AC948AEDB2C8
adv05nt5.dll ------- 3615 bytes [08:05 10/06/2010] [17:13 13/04/2008]

A5274B422570788BDFBF709FEA252A69
adv07nt5.dll ------- 3647 bytes [08:05 10/06/2010] [17:13 13/04/2008]

8116913EE972CAE617121759E702A9BE
adv08nt5.dll ------- 3135 bytes [08:05 10/06/2010] [17:13 13/04/2008]

AE5732D4C3088B13C1677A37B69E86B1
adv09nt5.dll ------- 3711 bytes [08:05 10/06/2010] [17:13 13/04/2008]

97620922381493C3FF085918A0B32FAE
adv11nt5.dll ------- 3775 bytes [08:05 10/06/2010] [17:13 13/04/2008]

8293A7F6BDA5D9E00164A46427FAE0DF
aec.sys --a---- 142592 bytes [09:13 10/06/2010] [07:39 13/04/2008]

8BED39E3C35D6A489438B8141717A557
afd.sys --a---- 138496 bytes [12:00 02/03/2006] [13:49 17/08/2011]

1E44BC1E83D8FD2305F8D452DB109CF9
agp440.sys ------- 42368 bytes [08:05 10/06/2010] [09:36 13/04/2008]

08FD04AA961BDC77FB983F328334E3D7
agpcpq.sys ------- 44928 bytes [08:05 10/06/2010] [09:36 13/04/2008]

03A7E0922ACFE1B07D5DB2EEB0773063
alcxwdm.sys -ra---- 4122368 bytes [12:37 15/11/2010] [09:40 24/09/2008]

DD8520280304B6145A6BE31008748C7C
alim1541.sys ------- 42752 bytes [08:05 10/06/2010] [09:36 13/04/2008]

CB08AED0DE2DD889A8A820CD8082D83C
amdagp.sys ------- 43008 bytes [08:05 10/06/2010] [09:36 13/04/2008]

95B4FB835E28AA1336CEEB07FD5B9398
amdk6.sys --a---- 41344 bytes [15:22 19/08/2004] [16:48 13/04/2008]

069EA1724C6FC058ED76E4903510BA28
amdk7.sys --a---- 41728 bytes [15:22 19/08/2004] [16:48 13/04/2008]

8368729823859D2CFECC83BFF7A4F8D8
arp1394.sys --a---- 60800 bytes [22:58 03/08/2004] [09:51 13/04/2008]

B5B8A80875C1DEDEDA8B02765642C32F
asyncmac.sys --a---- 14336 bytes [12:00 02/03/2006] [09:57 13/04/2008]

B153AFFAC761E7F5FCFA822B9C4E97BC
atapi.sys --a---- 96512 bytes [12:00 02/03/2006] [09:40 13/04/2008]

9F3A2F5AA6875C72BF062C712CFA2674
ati2erec.dll --a---- 53248 bytes [04:19 11/02/2010] [04:19 11/02/2010]

B99E6C935C430E29533C753EF617802D
ati2mtag.sys --a---- 701440 bytes [07:38 11/02/2010] [16:48 13/04/2008]

26FA97BBA8105F5CE7ECE5111216A22E
atmarpc.sys --a---- 59904 bytes [12:00 02/03/2006] [09:51 13/04/2008]

9916C1225104BA14794209CFA8012159
atmepvc.sys --a---- 31360 bytes [12:00 02/03/2006] [12:00 02/03/2006]

39A0A59180F19946374275745B21AEBA
atmlane.sys --a---- 55808 bytes [12:00 02/03/2006] [09:51 13/04/2008]

AE76348A2605FB197FA8FF1D6F547836
atmuni.sys --a---- 352256 bytes [12:00 02/03/2006] [12:00 02/03/2006]

E7EF69B38D17BA01F914AE8F66216A38
atv01nt5.dll ------- 21183 bytes [08:05 10/06/2010] [17:13 13/04/2008]

6D1EA6EFE74068D3628D8590C1AE6129
atv02nt5.dll ------- 11359 bytes [08:05 10/06/2010] [17:13 13/04/2008]

29FF6AF7F258B33A5C5B595E8DCDDAC7
atv04nt5.dll ------- 25471 bytes [08:05 10/06/2010] [17:13 13/04/2008]

4E18E0A726CC842684A58172079673C2
atv06nt5.dll ------- 14143 bytes [08:05 10/06/2010] [17:13 13/04/2008]

8E4C908586B160DBD72AC5A119F6E2F4
atv10nt5.dll ------- 17279 bytes [08:05 10/06/2010] [17:13 13/04/2008]

A21D4E57572244DD5D8C0AFF2E17B80A
audstub.sys --a---- 3072 bytes [17:47 09/06/2010] [21:59 17/08/2001]

D9F724AA26C010A217C97606B160ED68
avgntdd.sys --a---- 45416 bytes [23:27 22/05/2011] [13:28 17/06/2010]

5B44C214F9CD9F590BE9125347610380
avgntflt.sys --a---- 66616 bytes [23:27 22/05/2011] [20:51 30/08/2011]

1E4114685DE1FFA9675E09C6A1FB3F4B
avgntmgr.sys --a---- 22360 bytes [23:27 22/05/2011] [13:28 17/06/2010]

87451AA7CC6B6A590EBCEA05E755075A
avipbb.sys --a---- 138192 bytes [23:27 22/05/2011] [20:51 30/08/2011]

0F78D3DAE6DEDD99AE54C9491C62ADF2
bdasup.sys --a---- 11392 bytes [19:00 12/10/2010] [02:26 09/07/2004]

61F8F3126D39A7EB2775FB1505469EE3
beep.sys --a---- 4224 bytes [12:00 02/03/2006] [12:00 02/03/2006]

DA1F27D85E0D1525F6621372E7B685E9
bridge.sys --a---- 71552 bytes [12:00 02/03/2006] [09:53 13/04/2008]

F934D1B230F84E1D19DD00AC5A7A83ED
bthenum.sys ------- 17024 bytes [08:05 10/06/2010] [09:46 13/04/2008]

B279426E3C0C344893ED78A613A73BDE
bthmodem.sys ------- 37888 bytes [08:05 10/06/2010] [09:46 13/04/2008]

FCA6F069597B62D42495191ACE3FC6C1
bthpan.sys ------- 101120 bytes [08:05 10/06/2010] [09:51 13/04/2008]

80602B8746D3738F5886CE3D67EF06B6
bthport.sys ------- 272768 bytes [08:05 10/06/2010] [17:32 14/06/2008]

AD0DA527DEC931C85647CB265CEDA13D
bthprint.sys ------- 36480 bytes [08:05 10/06/2010] [09:46 13/04/2008]

BB68CEBFFD181E18A26112D1B9F90F3D
bthusb.sys ------- 18944 bytes [08:05 10/06/2010] [09:46 13/04/2008]

61364CD71EF63B0F038B7E9DF00F1EFA
cam1210.sys --a---- 93824 bytes [09:40 18/07/2008] [08:40 18/07/2008]

C3C2F59695742CFADBA9EE561249E27C
cbidf2k.sys --a---- 13952 bytes [12:00 02/03/2006] [12:00 02/03/2006]

90A673FC8E12A79AFBED2576F6A7AAF9
CCDECODE.sys --a---- 17024 bytes [11:52 15/06/2010] [09:46 13/04/2008]

0BE5AEF125BE881C4F854C554F2B025C
cdaudio.sys --a---- 18688 bytes [21:52 17/08/2001] [12:00 02/03/2006]

C1B486A7658353D33A10CC15211A873B
cdfs.sys --a---- 63744 bytes [12:00 02/03/2006] [10:14 13/04/2008]

C885B02847F5D2FD45A24E219ED93B32
cdrom.sys --a---- 62976 bytes [12:00 02/03/2006] [10:40 13/04/2008]

1F4260CC5B42272D71F79E570A27A4FE
ch7xxnt5.dll ------- 15423 bytes [08:05 10/06/2010] [17:13 13/04/2008]

19EB2CF10F5158D17354A0F3A417F998
cinemst2.sys --a---- 262528 bytes [20:33 30/08/2001] [12:00 02/03/2006]

0CCCBD6EF94910804921BF04A2107EF8
classpnp.sys --a---- 49536 bytes [12:00 02/03/2006] [10:16 13/04/2008]

FE47DD8FE6D7768FF94EBEC6C74B2719
cpqdap01.sys --a---- 11776 bytes [21:24 17/08/2001] [12:00 02/03/2006]

9624293E55AD405415862B504CA95B73
crusoe.sys --a---- 40704 bytes [15:29 19/08/2004] [16:52 13/04/2008]

77C5E2790728D9348D866BD0B30E3C83
CTMFLT.sys --a---- 2097152 bytes [19:55 09/06/2011] [07:36 19/07/2010]

11E870356B43D2241EA04B75A62B09A3
CTMMOUNT.sys --a---- 2097152 bytes [19:55 09/06/2011] [07:36 19/07/2010]

6DA40556D17DD58A84B00B6DDAA96B36
CTMSHD.sys --a---- 2097152 bytes [19:55 09/06/2011] [07:36 19/07/2010]

AEEDA83D0D29359D3D8FB6B1BF038CC1
cxthsfs2.cty ------- 129045 bytes [08:05 10/06/2010] [07:06 02/04/2007]

3194C32E8A2403073B812183355E25C6
disk.sys --a---- 36352 bytes [12:00 02/03/2006] [09:40 13/04/2008]

044452051F3E02E7963599FC8F4F3E25
diskdump.sys --a---- 14208 bytes [12:00 02/03/2006] [09:40 13/04/2008]

E65E2353A5D74EA89971CB918EEEB2F6
dmboot.sys --a---- 800256 bytes [12:00 02/03/2006] [16:53 13/04/2008]

82BC125A8ED33F5F0E75F2AAC1065323
dmio.sys --a---- 154240 bytes [12:00 02/03/2006] [16:54 13/04/2008]

E959DDC0EA7AC11EE5E5602E2A364310
dmload.sys --a---- 5888 bytes [12:00 02/03/2006] [12:00 02/03/2006]

E9317282A63CA4D188C0DF5E09C6AC5F
DMusic.sys --a---- 52864 bytes [09:13 10/06/2010] [09:45 13/04/2008]

8A208DFCF89792A484E76C40E5F50B45
Dr71WU.sys --a---- 459520 bytes [19:36 11/06/2010] [20:50 15/01/2008]

C7BCF9808E2A1B4CABE16FF7FBCE5FAB
drmk.sys --a---- 60160 bytes [09:13 10/06/2010] [09:45 13/04/2008]

6CB08593487F5701D2D2254E693EAFCE
drmkaud.sys --a---- 2944 bytes [09:13 10/06/2010] [09:45 13/04/2008]

8F5FCFF8E8848AFAC920905FBD9D33C8
dxapi.sys --a---- 10496 bytes [12:00 02/03/2006] [12:00 02/03/2006]

FE97D0343ACFDEBDD578FC67CC91FA87
dxg.sys --a---- 71168 bytes [12:00 02/03/2006] [09:38 13/04/2008]

AC7280566A7BB85CB3291F04DDC1198E
dxgthk.sys --a---- 3328 bytes [12:00 02/03/2006] [12:00 02/03/2006]

A73F5D6705B1D820C19B18782E176EFD
enum1394.sys --a---- 6400 bytes [17:47 09/06/2010] [21:46 17/08/2001]

80D1B490B60E74E002DC116EC5D41748
fastfat.sys --a---- 143744 bytes [12:00 02/03/2006] [10:14 13/04/2008]

38D332A6D56AF32635675F132548343E
fdc.sys --a---- 27392 bytes [12:00 02/03/2006] [09:40 13/04/2008]

92CDD60B6730B9F50F6A1A0C1F8CDC81
fips.sys --a---- 44672 bytes [12:00 02/03/2006] [16:48 13/04/2008]

2CFEA3326981A18C6BAF2BD9BE76225B
flpydisk.sys --a---- 20480 bytes [12:00 02/03/2006] [09:40 13/04/2008]

9D27E7B80BFCDF1CDD9B555862D5E7F0
fltmgr.sys --a---- 129792 bytes [15:54 09/06/2010] [09:33 13/04/2008]

B2CF4B0786F8212CB92ED2B50C6DB6B0
fsvga.sys --a---- 12288 bytes [22:03 30/08/2001] [12:00 02/03/2006]

25A7F5539209BE062D4BB3F9CD84BD16
fs_rec.sys --a---- 7936 bytes [12:00 02/03/2006] [12:00 02/03/2006]

3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
ftdisk.sys --a---- 125824 bytes [12:00 02/03/2006] [12:00 02/03/2006]

F3269A6EE547EA87B949A1CEA4816B38
gagp30kx.sys ------- 46464 bytes [08:05 10/06/2010] [09:36 13/04/2008]

3A74C423CF6BCCA6982715878F450A3B
GDBehave.sys --a---- 33480 bytes [14:08 21/05/2011] [18:16 21/05/2011]

C0D1BFC1F62438524326ACDE783ED94D
GDNdisIc.sys --a---- 29640 bytes [14:08 21/05/2011] [18:17 21/05/2011]

D5DC02AA98917F8E5EE8777F82FC7148
GDTdiIcpt.sys --a---- 51400 bytes [14:08 21/05/2011] [18:16 21/05/2011]

46A660486526F956DB0B1D5B96AEC96A
gm.dls --a---- 3440660 bytes [12:00 02/03/2006] [12:00 02/03/2006]

7F29903CB8F5590D52DB0C9F97049A25
gmreadme.txt --a---- 646 bytes [12:00 02/03/2006] [12:00 02/03/2006]

7111BFA692A22E4B3C07F1E6C6FF6F72
GRD.sys --a---- 68976 bytes [14:49 21/05/2011] [14:49 21/05/2011]

BC05B041898CC190946DC18A9935713B
hdaudbus.sys ------- 144384 bytes [08:05 10/06/2010] [07:36 13/04/2008]

573C7D0A32852B48F3058CFD8026F511
hidbth.sys ------- 25728 bytes [08:05 10/06/2010] [16:50 13/04/2008]

A330F15B4F438C1998F57DB753CF7455
hidclass.sys --a---- 36864 bytes [12:00 02/03/2006] [10:45 13/04/2008]

1AF592532532A402ED7C060F6954004F
hidir.sys ------- 19200 bytes [08:05 10/06/2010] [09:45 13/04/2008]

BB1A6FB7D35A91E599973FA74A619056
hidparse.sys --a---- 24960 bytes [12:00 02/03/2006] [10:45 13/04/2008]

96ECCF28FDBF1B2CC12725818A63628D
hidusb.sys --a---- 10368 bytes [19:06 11/06/2010] [10:45 13/04/2008]

CCF82C5EC8A7326C3066DE870C06DAF1
hsfbs2s2.sys ------- 220032 bytes [08:05 10/06/2010] [09:23 13/04/2008]

970178E8E003EB1481293830069624B9
hsfcxts2.sys ------- 685056 bytes [08:05 10/06/2010] [09:23 13/04/2008]

1225EBEA76AAC3C84DF6C54FE5E5D8BE
hsfdpsp2.sys ------- 1041536 bytes [08:05 10/06/2010] [09:23 13/04/2008]

EBB354438A4C5A3327FB97306260714A
HSFHWBS2.sys -ra---- 212864 bytes [13:38 10/06/2010] [12:50 25/01/2004]

1821032E9EE6A72F10448824BEFC5DEB
HSF_CNXT.sys -ra---- 681856 bytes [13:38 10/06/2010] [12:48 25/01/2004]

AC89B0FD546D430CC784AEE928BA108E
HSF_DP.sys -ra---- 1041536 bytes [13:38 10/06/2010] [12:47 25/01/2004]

607EDABFD9CA9C864F3D07B159A9EC19
http.sys --a---- 265728 bytes [12:00 02/03/2006] [16:20 20/10/2009]

F80A415EF82CD06FFAF0D971528EAD38
i8042prt.sys --a---- 53248 bytes [12:00 02/03/2006] [16:51 13/04/2008]

610726E28AF55B95043C5C35A727E320
imapi.sys --a---- 42112 bytes [12:00 02/03/2006] [10:41 13/04/2008]

083A052659F5310DD8B6A6CB05EDCF8E
intelppm.sys --a---- 40448 bytes [12:00 02/03/2006] [16:52 13/04/2008]

EBD830A0970C438047006A49C23E287F
ip6fw.sys --a---- 36608 bytes [12:00 02/03/2006] [09:53 13/04/2008]

3BB22519A194418D5FEC05D800A19AD0
ipfltdrv.sys --a---- 32896 bytes [12:00 02/03/2006] [12:00 02/03/2006]

731F22BA402EE4B62748ADAF6363C182
ipinip.sys --a---- 20864 bytes [12:00 02/03/2006] [09:57 13/04/2008]

B87AB476DCF76E72010632B5550955F5
ipnat.sys --a---- 152832 bytes [12:00 02/03/2006] [09:57 13/04/2008]

CC748EA12C6EFFDE940EE98098BF96BB
ipsec.sys --a---- 75264 bytes [12:00 02/03/2006] [10:19 13/04/2008]

23C74D75E36E7158768DD63D92789A91
irenum.sys --a---- 11264 bytes [17:45 09/06/2010] [09:54 13/04/2008]

C93C9FF7B04D772627A3646D89F7BF89
isapnp.sys --a---- 37504 bytes [12:00 02/03/2006] [16:52 13/04/2008]

0953594BEB81CC72FCC62D37921B25A6
kbdclass.sys --a---- 25088 bytes [12:00 02/03/2006] [17:53 13/04/2008]

28B6EACE513CA7EABA3B809AD4BC274D
kbdhid.sys --a---- 14720 bytes [19:07 11/06/2010] [17:53 13/04/2008]

4C61C226BDDA2EF1672B2C5F4E56625E
kmixer.sys --a---- 172416 bytes [09:13 10/06/2010] [09:45 13/04/2008]

692BCF44383D056AED41B045A323D378
ks.sys --a---- 141056 bytes [23:15 03/08/2004] [10:16 13/04/2008]

0753515F78DF7F271A5E61C20BCD36A1
ksecdd.sys --a---- 92928 bytes [12:00 02/03/2006] [11:18 24/06/2009]

B467646C54CC746128904E1654C750C1
mbam.sys --a---- 22216 bytes [11:50 10/08/2011] [15:00 31/08/2011]

69A6268D7F81E53D568AB4E7E991CAF3
mcd.sys --a---- 7680 bytes [12:00 02/03/2006] [12:00 02/03/2006]

D1F8BE91ED4DDB671D42E473E3FE71AB
mdmxsdk.sys ------- 11868 bytes [08:05 10/06/2010] [09:23 13/04/2008]

195741AEE20369980796B557358CD774
mf.sys --a---- 63744 bytes [23:07 03/08/2004] [09:36 13/04/2008]

A7DA20AB18A1BDAE28B0F349E57DA0D1
MiniIcpt.sys --a---- 62024 bytes [14:08 21/05/2011] [18:16 21/05/2011]

92FCE5D9374926FD4C058ED0F305EBDD
mnmdd.sys --a---- 4224 bytes [12:00 02/03/2006] [12:00 02/03/2006]

4AE068242760A1FB6E1A44BF4E16AFA6
modem.sys --a---- 30208 bytes [15:22 19/08/2004] [16:47 13/04/2008]

8CB6636806D76B85FAFAEE94D75F5129
mouclass.sys --a---- 23552 bytes [15:22 19/08/2004] [16:47 13/04/2008]

E904EBED608055A2BFB824C07F59766C
mouhid.sys --a---- 12160 bytes [13:49 24/07/2010] [18:41 30/08/2001]

D7662F0CF5B77BBBE3202716F5BD5318
mountmgr.sys --a---- 42368 bytes [12:00 02/03/2006] [09:39 13/04/2008]

A80B9A0BAD1B73637DBCBBA7DF72D3FD
mpe.sys --a---- 15104 bytes [19:00 12/10/2010] [02:26 09/07/2004]

83EFF7B976AE24F1A496CA94A8A19919
mrxdav.sys --a---- 180608 bytes [12:00 02/03/2006] [09:32 13/04/2008]

11D42BB6206F33FBB3BA0288D3EF81BD
mrxsmb.sys --a---- 456320 bytes [12:00 02/03/2006] [13:29 15/07/2011]

7D304A5EB4344EBEEAB53A2FE3FFB9F0
msdv.sys --a---- 52096 bytes [19:00 12/10/2010] [02:26 09/07/2004]

8575D788395C4D6378D98D1ED7CDADB9
msfs.sys --a---- 19072 bytes [12:00 02/03/2006] [09:32 13/04/2008]

C941EA2454BA8350021D774DAF0F1027
msgpc.sys --a---- 35072 bytes [12:00 02/03/2006] [09:56 13/04/2008]

0A02C63C8B144BD8C86B103DEE7C86A2
MSKSSRV.sys --a---- 7552 bytes [09:13 10/06/2010] [09:39 13/04/2008]

D1575E71568F4D9E14CA56B7B0453BF1
MSPCLOCK.sys --a---- 5376 bytes [09:13 10/06/2010] [09:39 13/04/2008]

325BB26842FC7CCC1FCCE2C457317F3E
MSPQM.sys --a---- 4992 bytes [09:13 10/06/2010] [09:39 13/04/2008]

BAD59648BA099DA4A17680B39730CB3D
mssmbios.sys --a---- 15488 bytes [23:07 03/08/2004] [09:36 13/04/2008]

AF5F4F3F14A8EA2C26DE30F7A1E17136
MSTEE.sys --a---- 5504 bytes [11:52 15/06/2010] [09:39 13/04/2008]

E53736A9E30C45FA9E7B5EAC55056D1D
mtlmnt5.sys ------- 126686 bytes [08:05 10/06/2010] [09:23 13/04/2008]

C53775780148884AC87C455489A0C070
mtlstrm.sys ------- 1309184 bytes [08:05 10/06/2010] [09:23 13/04/2008]

54886A652BF5685192141DF304E923FD
mtxparhm.sys ------- 452736 bytes [08:05 10/06/2010] [07:34 13/04/2008]

6DDA78A0BE692B61B668FAB860F276CF
mup.sys --a---- 105472 bytes [12:00 02/03/2006] [13:37 21/04/2011]

DE6A75F5C270E756C5508D94B6CF68F5
mutohpen.sys ------- 12672 bytes [08:05 10/06/2010] [09:43 13/04/2008]

B538DCD9816EA35FA4F637CFC261AAA8
NABTSFEC.sys --a---- 85248 bytes [11:52 15/06/2010] [09:46 13/04/2008]

5B50F1B2A2ED47D560577B221DA734DB
ndis.sys --a---- 182656 bytes [12:00 02/03/2006] [10:20 13/04/2008]

1DF7F42665C94B825322FAE71721130D
NdisIP.sys --a---- 10880 bytes [11:52 15/06/2010] [09:46 13/04/2008]

7FF1F1FD8609C149AA432F95A8163D97
ndistapi.sys --a---- 10496 bytes [12:00 02/03/2006] [14:02 08/07/2011]

0109C4F3850DFBAB279542515386AE22
ndisuio.sys --a---- 14592 bytes [23:03 03/08/2004] [09:56 13/04/2008]

F927A4434C5028758A842943EF1A3849
ndiswan.sys --a---- 91520 bytes [12:00 02/03/2006] [10:20 13/04/2008]

EDC1531A49C80614B2CFDA43CA8659AB
ndproxy.sys --a---- 40960 bytes [12:00 02/03/2006] [15:17 02/11/2010]

9282BD12DFB069D3889EB3FCC1000A9B
netbios.sys --a---- 34688 bytes [12:00 02/03/2006] [09:56 13/04/2008]

5D81CF9A2F1A3A756B66CF684911CDF0
netbt.sys --a---- 162816 bytes [12:00 02/03/2006] [10:21 13/04/2008]

74B2B2F5BEA5E9A3DC021D685551BD3D
netwlan5.img ------- 67866 bytes [08:05 10/06/2010] [05:32 29/12/2006]

905CB655E93D39C97E078A3C4C884F31
nic1394.sys --a---- 61824 bytes [22:58 03/08/2004] [09:51 13/04/2008]

E9E47CFB2D461FA0FC75B7A74C6383EA
nikedrv.sys --a---- 12032 bytes [21:24 17/08/2001] [12:00 02/03/2006]

BE984D604D91C217355CDD3737AAD25D
nmnt.sys --a---- 40320 bytes [12:00 02/03/2006] [09:53 13/04/2008]

1E421A6BCF2203CC61B821ADA9DE878B
npfs.sys --a---- 30848 bytes [12:00 02/03/2006] [09:32 13/04/2008]

3182D64AE053D6FB034F44B6DEF8034A
ntfs.sys --a---- 574976 bytes [12:00 02/03/2006] [10:15 13/04/2008]

78A08DD6A8D65E697C18E1DB01C5CDCA
ntmtlfax.sys ------- 180360 bytes [08:05 10/06/2010] [09:23 13/04/2008]

576B34CEAE5B7E5D9FD2775E93B3DB53
null.sys --a---- 2944 bytes [12:00 02/03/2006] [12:00 02/03/2006]

73C1E1F395918BC2C6DD67AF7591A3AD
nv4_mini.sys ------- 1897408 bytes [08:05 10/06/2010] [07:34 13/04/2008]

2B298519EDBFCF451D43E0F1E8F1006D
nvatabus.sys --a---- 86144 bytes [09:06 10/06/2010] [02:58 04/11/2004]

C8DAA008F9E390B9DA504C1CD0DA1EE9
NVENETFD.sys --a---- 33408 bytes [09:05 10/06/2010] [09:56 11/11/2004]

0F432994CA6BAFD97321BFA86296F435
nvnetbus.sys --a---- 12928 bytes [09:05 10/06/2010] [09:56 11/11/2004]

CAE6911F13850B56CB6C96F6BDA70D9B
nvnrm.sys --a---- 274944 bytes [09:05 10/06/2010] [09:56 11/11/2004]

288F90701F7B73562DC739867BFFBDAE
nvsnpu.sys --a---- 208128 bytes [09:05 10/06/2010] [09:56 11/11/2004]

BBA7AAC1988212906B6AA8CBCFFC0D45
nwlnkflt.sys --a---- 12416 bytes [12:00 02/03/2006] [12:00 02/03/2006]

B305F3FAD35083837EF46A0BBCE2FC57
nwlnkfwd.sys --a---- 32512 bytes [12:00 02/03/2006] [12:00 02/03/2006]

C99B3415198D1AAB7227F2C88FD664B9
nwlnkipx.sys --a---- 88320 bytes [12:00 02/03/2006] [09:56 13/04/2008]

8B8B1BE2DBA4025DA6786C645F77F123
nwlnknb.sys --a---- 63232 bytes [12:00 02/03/2006] [12:00 02/03/2006]

56D34A67C05E94E16377C60609741FF8
nwlnkspx.sys --a---- 55936 bytes [12:00 02/03/2006] [12:00 02/03/2006]

C0BB7D1615E1ACBDC99757F6CEAF8CF0
ohci1394.sys --a---- 61696 bytes [12:00 02/03/2006] [09:46 13/04/2008]

CA33832DF41AFB202EE7AEB05145922F
oprghdlr.sys --a---- 3456 bytes [12:00 02/03/2006] [12:00 02/03/2006]

4BB30DDC53EBC76895E38694580CDFE9
p3.sys --a---- 46720 bytes [15:21 19/08/2004] [16:55 13/04/2008]

BF634AEF90B88C406D3CFA644EE7AAAA
parport.sys --a---- 80256 bytes [15:21 19/08/2004] [16:55 13/04/2008]

4E9408A178B2D955871C2CDD278DE3C3
partmgr.sys --a---- 19712 bytes [12:00 02/03/2006] [09:40 13/04/2008]

BEB3BA25197665D82EC7065B724171C6
parvdm.sys --a---- 6912 bytes [12:00 02/03/2006] [12:00 02/03/2006]

0DABEF655A444CB1E193626FB1D24B9F
pci.sys --a---- 68736 bytes [12:00 02/03/2006] [16:56 13/04/2008]

F40A46892AFEBB0314536B849D57C11E
pciide.sys --a---- 3328 bytes [12:00 02/03/2006] [12:00 02/03/2006]

B2DF00D650FD6C4EE781740ED3C8E67F
pciidex.sys --a---- 24960 bytes [12:00 02/03/2006] [09:40 13/04/2008]

52E60F29221D0D1AC16737E8DBF7C3E9
pcmcia.sys --a---- 120448 bytes [12:00 02/03/2006] [16:56 13/04/2008]

815C50F2B1D1562800BDCE8BE895000E
portcls.sys --a---- 146048 bytes [09:13 10/06/2010] [10:19 13/04/2008]

E82A496C3961EFC6828B508C310CE98F
processr.sys --a---- 39936 bytes [15:23 19/08/2004] [16:48 13/04/2008]

B479F50E883B2297A5F7F212AAEE6F6C
psched.sys --a---- 69120 bytes [12:00 02/03/2006] [09:56 13/04/2008]

09298EC810B07E5D582CB3A3F9255424
ptilink.sys --a---- 17792 bytes [12:00 02/03/2006] [12:00 02/03/2006]

80D317BD1C3DBC5D4FE7B1678C60CADD
rasacd.sys --a---- 8832 bytes [12:00 02/03/2006] [12:00 02/03/2006]

FE0D99D6F31E4FAD8159F690D68DED9C
rasl2tp.sys --a---- 51328 bytes [12:00 02/03/2006] [10:19 13/04/2008]

11B4A627BC9614B885C4969BFA5FF8A6
raspppoe.sys --a---- 41472 bytes [12:00 02/03/2006] [09:57 13/04/2008]

5BC962F2654137C9909C3D4603587DEE
raspptp.sys --a---- 48384 bytes [12:00 02/03/2006] [10:19 13/04/2008]

EFEEC01B1D3CF84F16DDD24D9D9D8F99
raspti.sys --a---- 16512 bytes [12:00 02/03/2006] [12:00 02/03/2006]

FDBB1D60066FCFBB7452FD8F9829B242
rawwan.sys --a---- 34432 bytes [12:00 02/03/2006] [12:00 02/03/2006]

01524CD237223B18ADBB48F70083F101
rdbss.sys --a---- 175744 bytes [12:00 02/03/2006] [10:28 13/04/2008]

7AD224AD1A1437FE28D89CF22B17780A
rdpcdd.sys --a---- 4224 bytes [12:00 02/03/2006] [12:00 02/03/2006]

4912D5B403614CE99C28420F75353332
rdpdr.sys --a---- 196224 bytes [15:53 09/06/2010] [09:32 13/04/2008]

15CABD0F7C00C47C70124907916AF3F1
rdpwd.sys --a---- 139656 bytes [15:53 09/06/2010] [14:10 24/06/2011]

FC105DD312ED64EB66BFF111E8EC6EAC
recagent.sys ------- 13776 bytes [08:05 10/06/2010] [09:23 13/04/2008]

E9AAA0092D74A9D371659C4C38882E12
redbook.sys --a---- 58368 bytes [17:47 09/06/2010] [17:49 13/04/2008]

393FC252593323B624B230ECA6B85E63
rfcomm.sys ------- 59136 bytes [08:05 10/06/2010] [09:46 13/04/2008]

851C30DF2807FCFA21E4C681A7D6440E
rio8drv.sys --a---- 12032 bytes [21:24 17/08/2001] [12:00 02/03/2006]

A56FE08EC7473E8580A390BB1081CDD7
riodrv.sys --a---- 12032 bytes [21:24 17/08/2001] [12:00 02/03/2006]

0A854DF84C77A0BE205BFEAB2AE4F0EC
rmcast.sys --a---- 203136 bytes [12:00 02/03/2006] [14:02 08/05/2008]

96F7A9A7BF0C9C0440A967440065D33C
rndismp.sys --a---- 30592 bytes [12:00 02/03/2006] [09:56 13/04/2008]

601844CBCF617FF8C868130CA5B2039D
rndismpx.sys ------- 30592 bytes [08:05 10/06/2010] [09:56 13/04/2008]

726548542AFECA56257FF01EB13BB6D7
rootmdm.sys --a---- 5888 bytes [12:00 02/03/2006] [12:00 02/03/2006]

D8B0B4ADE32574B2D9C5CC34DC0DBBE7
s3gnbm.sys ------- 166912 bytes [08:05 10/06/2010] [07:34 13/04/2008]

0DBCC071A268E0340A2BA6BDD98BACE4
SBREDrv.sys --a---- 101720 bytes [21:52 10/05/2011] [12:21 29/10/2011]

0505DA5D357F18A5D42FC5DEDE6BC9A0
scsiport.sys --a---- 96384 bytes [12:00 02/03/2006] [09:40 13/04/2008]

76C465F570E90C28942D52CCB2580A10
sdbus.sys --a---- 79232 bytes [12:00 02/03/2006] [09:36 13/04/2008]

8D04819A3CE51B9EB47E5689B44D43C4
secdrv.sys --a---- 20480 bytes [12:00 02/03/2006] [07:39 13/04/2008]

90A3935D05B494A5A39D37E71F09A677
serenum.sys --a---- 15744 bytes [12:00 02/03/2006] [09:40 13/04/2008]

0F29512CCD6BEAD730039FB4BD2C85CE
serial.sys --a---- 65792 bytes [12:00 02/03/2006] [16:51 13/04/2008]

FDBD9D64E2E03270021D424F0DCCF79D
sffdisk.sys --a---- 11904 bytes [12:00 02/03/2006] [09:40 13/04/2008]

0FA803C64DF0914B41F807EA276BF2A6
sffp_mmc.sys ------- 10240 bytes [08:05 10/06/2010] [09:40 13/04/2008]

D66D22D76878BF3483A6BE30183FB648
sffp_sd.sys --a---- 11008 bytes [12:00 02/03/2006] [09:40 13/04/2008]

C17C331E435ED8737525C86A7557B3AC
sfi.dat --a---- 272 bytes [23:09 03/12/2010] [23:09 03/12/2010]

D3FC26580CEA5AEFBE9227695DF8DCDA
sfloppy.sys --a---- 11392 bytes [12:00 02/03/2006] [09:40 13/04/2008]

8E6B8C671615D126FDC553D1E2DE5562
siint5.dll ------- 3901 bytes [08:05 10/06/2010] [17:13 13/04/2008]

CC5747E174C8E78DE51E984BDB747585
sisagp.sys ------- 40960 bytes [08:05 10/06/2010] [09:36 13/04/2008]

6B33D0EBD30DB32E27D1D78FE946A754
SLIP.sys --a---- 11136 bytes [11:52 15/06/2010] [09:46 13/04/2008]

866D538EBE33709A5C9F5C62B73B7D14
slnt7554.sys ------- 129535 bytes [08:05 10/06/2010] [09:23 13/04/2008]

D9673011648A71ED1E1F77B831BC85E6
slntamr.sys ------- 404990 bytes [08:05 10/06/2010] [09:23 13/04/2008]

2C1779C0FEB1F4A6033600305EBA623A
slnthal.sys ------- 95424 bytes [08:05 10/06/2010] [09:23 13/04/2008]

F9B8E30E82EE95CF3E1D3E495599B99C
slwdmsup.sys ------- 13240 bytes [08:05 10/06/2010] [09:23 13/04/2008]

DB56BB2C55723815CF549D7FC50CFCEB
SmartDefragDriver.sys --a---- 13496 bytes [19:44 22/06/2011] [15:04 23/02/2011]

972DEA0D8149D73C5B7A2C97B2E749E3
smbali.sys ------- 5888 bytes [08:05 10/06/2010] [09:36 13/04/2008]

895BE38A993B9BD5ABBE570D63D88A2E
smclib.sys --a---- 14592 bytes [12:00 02/03/2006] [12:00 02/03/2006]

017DAECF0ED3AA731313433601EC40FA
sonydcam.sys --a---- 25344 bytes [23:09 03/08/2004] [09:46 13/04/2008]

489703624DAC94ED943C2ABDA022A1CD
splitter.sys --a---- 6272 bytes [09:13 10/06/2010] [09:45 13/04/2008]

AB8B92451ECB048A4D1DE7C3FFCB4A9F
sr.sys --a---- 73472 bytes [15:54 09/06/2010] [16:56 13/04/2008]

618718CAE288BF7CBD8FCBAB2577D932
srv.sys --a---- 357888 bytes [12:00 02/03/2006] [13:18 17/02/2011]

47DDFC2F003F7F9F0592C6874962A2E7
ssmdrv.sys --a---- 28520 bytes [23:27 22/05/2011] [13:28 17/06/2010]

A36EE93698802CD899F98BFD553D8185
StarOpen.sys --a---- 7168 bytes [20:53 19/01/2011] [13:48 12/11/2009]

F92254B0BCFCD10CAAC7BCCC7CB7F467
stream.sys --a---- 48512 bytes [23:08 03/08/2004] [02:27 09/07/2004]

08116E1CFC74302F97CE523A8F5D6064
StreamIP.sys --a---- 15232 bytes [11:52 15/06/2010] [09:46 13/04/2008]

77813007BA6265C4B6098187E6ED79D2
swenum.sys --a---- 4352 bytes [22:58 03/08/2004] [09:39 13/04/2008]

3941D127AEF12E93ADDF6FE6EE027E0F
swmidi.sys --a---- 56576 bytes [09:13 10/06/2010] [09:45 13/04/2008]

8CE882BCC6CF8A62F2B2323D95CB3D01
sysaudio.sys --a---- 60800 bytes [09:13 10/06/2010] [10:15 13/04/2008]

8B83F3ED0F1688B4958F77CD6D2BF290
tape.sys --a---- 14976 bytes [12:00 02/03/2006] [09:40 13/04/2008]

FD6093E3DECD925F1CFFC8A0DD539D72
tcpip.sys --a---- 361600 bytes [12:00 02/03/2006] [11:51 20/06/2008]

9AEFA14BD6B182D61E3119FA5F436D3D
tcpip6.sys --a---- 226880 bytes [12:00 02/03/2006] [12:02 11/02/2010]

4E53BBCC4BE37D7A4BD6EF1098C89FF7
tdi.sys --a---- 19072 bytes [12:00 02/03/2006] [10:00 13/04/2008]

0539D5E53587F82D1B4FD74C5BE205CF
tdpipe.sys --a---- 12040 bytes [15:53 09/06/2010] [17:14 13/04/2008]

6471A66807F5E104E4885F5B67349397
tdtcp.sys --a---- 21896 bytes [15:53 09/06/2010] [17:14 13/04/2008]

C56B6D0402371CF3700EB322EF3AAF61
termdd.sys --a---- 40840 bytes [15:53 09/06/2010] [17:14 13/04/2008]

88155247177638048422893737429D9E
tmcomm.sys --a---- 190032 bytes [23:30 25/05/2011] [23:30 25/05/2011]

11E6A2D8EBF7031D3B1C9602030BFF6A
tosdvd.sys --a---- 51712 bytes [22:01 17/08/2001] [12:00 02/03/2006]

699450901C5CCFD82357CBC531CEDD23
tsbvcap.sys --a---- 21376 bytes [22:06 17/08/2001] [12:00 02/03/2006]

D74A8EC75305F1D3CFDE7C7FC1BD62A9
tunmp.sys --a---- 12288 bytes [23:03 03/08/2004] [09:56 13/04/2008]

8F861EDA21C05857EB8197300A92501C
uagp35.sys ------- 44672 bytes [08:05 10/06/2010] [09:36 13/04/2008]

D85938F272D1BCF3DB3A31FC0A048928
udfs.sys --a---- 66048 bytes [12:00 02/03/2006] [09:32 13/04/2008]

5787B80C2E3C5E2F56C2A233D91FA2C9
update.sys --a---- 384768 bytes [12:00 02/03/2006] [09:39 13/04/2008]

402DDC88356B1BAC0EE3DD1580C76A31
URSLST.cty --a---- 129018 bytes [13:36 10/06/2010] [13:01 26/01/2004]

0F4FF94701DF0053940FDBD5AD0B135A
usb8023.sys --a---- 12800 bytes [12:00 02/03/2006] [09:56 13/04/2008]

BEE793D4A059CAEA55D6AC20E19B3A8F
usb8023x.sys ------- 12800 bytes [08:05 10/06/2010] [09:56 13/04/2008]

B6CC50279D6CD28E090A5D33244ADC9A
USBAUDIO.sys --a---- 60032 bytes [09:19 15/06/2010] [09:45 13/04/2008]

E919708DB44ED8543A7C017953148330
usbcamd.sys --a---- 25600 bytes [22:03 17/08/2001] [09:45 13/04/2008]

1C1A47B40C23358245AA8D0443B6935E
usbcamd2.sys --a---- 25728 bytes [22:03 17/08/2001] [09:45 13/04/2008]

CE97845D2E3F0D274B8BAC1ED07C6149
usbccgp.sys --a---- 32128 bytes [19:06 11/06/2010] [10:45 13/04/2008]

173F317CE0DB8E21322E71B7E60A27E8
usbd.sys --a---- 4736 bytes [12:00 02/03/2006] [12:00 02/03/2006]

596EB39B50D6EBD9B734DC4AE0544693
usbehci.sys --a---- 30208 bytes [12:00 02/03/2006] [09:45 13/04/2008]

65DCF09D0E37D4C6B11B5B0B76D470A7
usbhub.sys --a---- 59520 bytes [12:00 02/03/2006] [09:45 13/04/2008]

1AB3CDDE553B6E064D2E754EFE20285C
usbintel.sys --a---- 15872 bytes [23:08 03/08/2004] [09:45 13/04/2008]

290913DC4F1125E5A82DE52579A44C43
usbohci.sys --a---- 17152 bytes [12:00 02/03/2006] [09:45 13/04/2008]

0DAECCE65366EA32B162F85F07C6753B
usbport.sys --a---- 143872 bytes [12:00 02/03/2006] [09:45 13/04/2008]

791912E524CC2CC6F50B5F2B52D1EB71
USBSTOR.SYS --a---- 26368 bytes [12:00 02/03/2006] [09:45 13/04/2008]

A32426D9B14A089EAA1D922E0C5801A9
usbvideo.sys ------- 121984 bytes [08:05 10/06/2010] [09:46 13/04/2008]

63BBFCA7F390F4C49ED4B96BFB1633E0
vchnt5.dll ------- 11325 bytes [08:05 10/06/2010] [17:13 13/04/2008]

E3377271FCF06FBC4E8EA70B48287862
vdmindvd.sys --a---- 58112 bytes [22:02 17/08/2001] [12:00 02/03/2006]

55E01061C74A8CEFFF58DC36114A8D3F
vga.sys --a---- 20992 bytes [12:00 02/03/2006] [09:44 13/04/2008]

0D3A8FAFCEACD8B7625CD549757A7DF1
viaagp.sys ------- 42240 bytes [08:05 10/06/2010] [09:36 13/04/2008]

754292CE5848B3738281B4F3607EAEF4
videoprt.sys --a---- 81664 bytes [12:00 02/03/2006] [09:44 13/04/2008]

E28726B72C46821A28830E077D39A55B
volsnap.sys --a---- 53376 bytes [12:00 02/03/2006] [16:49 13/04/2008]

E46C1B5A56DA7DA603D09DFCC79EC59E
wacompen.sys ------- 14208 bytes [08:05 10/06/2010] [09:43 13/04/2008]

ACED8C149B30F8496C237BCBA3727B48
wadv07nt.sys ------- 11807 bytes [08:05 10/06/2010] [07:34 13/04/2008]

0308AEF61941E4AF478FA1A0F83812F5
wadv08nt.sys ------- 11295 bytes [08:05 10/06/2010] [07:34 13/04/2008]

714038A8AA5DE08E12062202CD7EAEB5
wadv09nt.sys ------- 11871 bytes [08:05 10/06/2010] [07:34 13/04/2008]

7BB3AA595E4507A788DE1CDC63F4C8C4
wadv11nt.sys ------- 11935 bytes [08:05 10/06/2010] [07:34 13/04/2008]

36E6C405B6143D09687F4056FD9A0D10
wanarp.sys --a---- 34560 bytes [12:00 02/03/2006] [09:57 13/04/2008]

E20B95BAEDB550F32DD489265C1DA1F6
watv06nt.sys ------- 22271 bytes [08:05 10/06/2010] [07:34 13/04/2008]

352FA0E98BC461CE1CE5D41F64DB558D
watv10nt.sys ------- 25471 bytes [08:05 10/06/2010] [07:34 13/04/2008]

791CC45DE6E50445BE72E8AD6401FF45
wdmaud.sys --a---- 83072 bytes [09:13 10/06/2010] [10:17 13/04/2008]

6768ACF64B18196494413695F0C3A00F
wmilib.sys --a---- 4352 bytes [12:00 02/03/2006] [12:00 02/03/2006]

2F31B7F954BED437F2C75026C65CAF7B
wpdusb.sys ------- 38528 bytes [18:00 18/10/2006] [18:00 18/10/2006]

CF4DEF1BF66F06964DC0D91844239104
ws2ifsl.sys --a---- 12032 bytes [12:00 02/03/2006] [12:00 02/03/2006]

6ABE6E225ADB5A751622A9CC3BC19CE8
WSTCODEC.SYS --a---- 19200 bytes [11:52 15/06/2010] [09:46 13/04/2008]

C98B39829C2BBD34E454150633C62C78
WudfPf.sys ------- 77568 bytes [16:55 28/09/2006] [16:55 28/09/2006]

F15FEAFFFBB3644CCC80C5DA584E6311
WudfRd.sys ------- 82944 bytes [17:00 28/09/2006] [17:00 28/09/2006]

28B524262BCE6DE1F7EF9F510BA3985B

C:\Windows\System32\drivers\disdn d------ [17:39 09/06/2010]

C:\Windows\System32\drivers\etc d------ [17:39 09/06/2010]
hosts --a---- 27 bytes [12:00 02/03/2006] [19:22 16/06/2011]

6A4029CFF35FD4BA34C001C1ED5D9945
hosts.ics --a---- 375 bytes [16:49 12/06/2011] [16:49 12/06/2011]

098EA2D40EB48E5115FC2E43B8AA63F2
lmhosts.sam --a---- 3784 bytes [12:00 02/03/2006] [12:00 02/03/2006]

F3A420C9422CE03CF93AD031F84852C0
networks --a---- 394 bytes [12:00 02/03/2006] [12:00 02/03/2006]

3826981D6F5D07463572AE769B504F6A
protocol --a---- 847 bytes [12:00 02/03/2006] [12:00 02/03/2006]

DB2A23263DDD3E427C855207E30C3BFA
services --a---- 7228 bytes [12:00 02/03/2006] [12:00 02/03/2006]

02FE0E4D45682D11EEA9931D79ED9A5F

C:\Windows\System32\drivers\UMDF d------ [10:35 10/06/2010]
wpdmtpdr.dll ------- 671232 bytes [19:47 18/10/2006] [19:47 18/10/2006]

5929A2A4B2A3F1B59FE9BBDC1CCF5375

========== file ==========

C:\WINDOWS\SYSTEM32\DRIVERS\38155281.SYS - File found and opened.
MD5: 8A7EB032D8700F8E51D64C32301EB2DC
Created at 22:56 on 22/05/2011
Modified at 15:59 on 25/09/2009
Size: 128016 bytes
Attributes: --a----
No version information available.

========== filefind ==========

Searching for "38155281.*"
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\38155281.sys.vir --a---- 128016

bytes [22:56 22/05/2011] [15:59 25/09/2009] EE725A7D2CF3314B903306ACA5B73C1E
C:\WINDOWS\system32\drivers\38155281.sys --a---- 128016 bytes [22:56 22/05/2011]

[15:59 25/09/2009] 8A7EB032D8700F8E51D64C32301EB2DC

========== regfind ==========

Searching for "38155281"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\

*]
"c"="C:\WINDOWS\system32\drivers\38155281.sys"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\

sys]
"a"="C:\WINDOWS\system32\drivers\38155281.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\CDS\Device\0]
"DeviceItem0050"="[Driver non Plug and Play] -> [38155281] (0x00000000)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_38155281\0000]
"Service"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_38155281\0000]
"DeviceDesc"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\38155281]
"ImagePath"="system32\DRIVERS\38155281.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\38155281]
"DisplayName"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\38155281]
"Description"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\38155281\Enum]
"0"="Root\LEGACY_38155281\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_38155281\0000]
"Service"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_38155281\0000]
"DeviceDesc"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\38155281]
"ImagePath"="system32\DRIVERS\38155281.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\38155281]
"DisplayName"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\38155281]
"Description"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_38155281\0000]
"Service"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_38155281\0000]
"DeviceDesc"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\38155281]
"ImagePath"="system32\DRIVERS\38155281.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\38155281]
"DisplayName"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\38155281]
"Description"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_38155281\0000]
"Service"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_38155281\0000]
"DeviceDesc"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\38155281]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\38155281]
"ImagePath"="system32\DRIVERS\38155281.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\38155281]
"DisplayName"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\38155281]
"Description"="38155281"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\38155281\Enum]
"0"="Root\LEGACY_38155281\0000"
[HKEY_USERS\S-1-5-21-2000478354-261903793-839522115-1008\Software\Microsoft\Windows\Current

Version\Explorer\ComDlg32\OpenSaveMRU\*]
"c"="C:\WINDOWS\system32\drivers\38155281.sys"
[HKEY_USERS\S-1-5-21-2000478354-261903793-839522115-1008\Software\Microsoft\Windows\Current

Version\Explorer\ComDlg32\OpenSaveMRU\sys]
"a"="C:\WINDOWS\system32\drivers\38155281.sys"

========== Environment Variables ==========

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni
asl.log=%asl.log%
CLASSPATH=%CLASSPATH%
CommonProgramFiles=C:\Programmi\File comuni
COMPUTERNAME=E774BAE2
ComSpec=C:\WINDOWS\system32\cmd.exe
configsetroot=%configsetroot%
DFSTRACINGON=%DFSTRACINGON%
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Manuel Valori.E774BAE2
LOCALAPPDATA=%LOCALAPPDATA%
LOGONSERVER=\\E774BAE2
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Programmi\ATI

Technologies\ATI.ACE\Core-Static;C:\Programmi\COMODO\Time Machine
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramData=%ProgramData%
ProgramFiles=C:\Programmi
PROMPT=%PROMPT%
PUBLIC=%PUBLIC%
QTJAVA=%QTJAVA%
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\MANUEL~1.E7~\IMPOST~1\Temp
TMP=C:\DOCUME~1\MANUEL~1.E7~\IMPOST~1\Temp
TRACE_FORMAT_SEARCH_PATH=%TRACE_FORMAT_SEARCH_PATH%
USERDOMAIN=E774BAE2
USERNAME=Fabio
USERPROFILE=C:\Documents and Settings\Manuel Valori.E774BAE2
VBOX_INSTALL_PATH=%VBOX_INSTALL_PATH%
windir=C:\WINDOWS

-= EOF =-

da **mitrha** » mar nov 01, 2011 2:05 pm

Questo è il log extras di OTL:

OTL Extras logfile created on: 01/11/2011 14:00:21 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\PROGRAMMI
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 664.28 Mb Available Physical Memory | 64.90% Memory free
2.40 Gb Paging File | 2.02 Gb Available in Paging File | 84.13% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 186.30 Gb Total Space | 126.05 Gb Free Space | 67.66% Space Free | Partition Type: NTFS

Computer Name: E774BAE2 | User Name: Fabio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programmi\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programmi\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Programmi\Mozilla Firefox\firefox.exe" = C:\Programmi\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Programmi\VideoLAN\VLC\vlc.exe" = C:\Programmi\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2A845A64-3F80-41D7-9F33-6146E56997E6}" = OpenOffice.org 3.3
"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus XtremeG DWL-G122
"{32C2F9AA-7484-48C2-AC19-2031F2ADD8F2}" = USB Video Camera Driver v1.54
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88615CE6-AC0B-43A7-9E5C-60A6DC0E9911}" = COMODO Time Machine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AAE4B36C-7A25-4513-975B-ACE7437572A0}" = Korg Kontrol Editor
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Italiano
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AdWare SpyWare SE_is1" = AdWare SpyWare SE
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_200314F1" = SoftV92 Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"eMule" = eMule
"Glary Utilities_is1" = Glary Utilities 2.29.0.1032
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.6.0 (Standard)
"Live 8.1.1" = Live 8.1.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware versione 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 it)" = Mozilla Firefox 7.0.1 (x86 it)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nLite_is1" = nLite 1.4.9.1
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"RegScrubXP_is1" = RegScrubXP 3.25
"Revo Uninstaller" = Revo Uninstaller 1.92
"Sandboxie" = Sandboxie 3.54 (32-bit)
"ScreenshotCaptor_is1" = Screenshot Captor 2.96.02
"ShockwaveFlash" = Macromedia Flash Player 8
"Smart Defrag 2_is1" = Smart Defrag 2
"TeraCopy_is1" = TeraCopy 2.22
"Unlocker" = Unlocker 1.9.1
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR gestione archivi
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31/10/2011 12:52:21 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

[ Application Events ]
Error - 31/10/2011 12:52:21 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 31/10/2011 12:57:02 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 31/10/2011 16:07:26 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4163
Description = Impossibile trovare il file registro MS DTC. Dopo aver verificato
che non vi siano transazioni in dubbio in tutti i gestori delle risorse coordinati
da MS DTC, eseguire msdtc -resetlog per creare il file registr

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4185
Description = Impossibile avviare il gestore transazioni di MS DTC. Errore 0x2 durante
l'esecuzione dell'operazione LogIni

Error - 01/11/2011 08:39:48 | Computer Name = E774BAE2 | Source = MSDTC | ID = 4112
Description = Impossibile avviare il gestore transazioni di MS DT

[ System Events ]
Error - 31/10/2011 12:20:27 | Computer Name = E774BAE2 | Source = DCOM | ID = 10010
Description = Il server {D61A27C6-8F53-11D0-BFA0-00A024151983} non si è registrato
con DCOM entro il tempo d'attesa richiesto.

Error - 31/10/2011 12:20:58 | Computer Name = E774BAE2 | Source = DCOM | ID = 10010
Description = Il server {D61A27C6-8F53-11D0-BFA0-00A024151983} non si è registrato
con DCOM entro il tempo d'attesa richiesto.

Error - 31/10/2011 12:52:28 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7024
Description = Servizio Distributed Transaction Coordinator terminato. Errore specifico
del servizio 3221229584 (0xC0001010).

Error - 31/10/2011 12:52:43 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: 38155281
setup_9.0.0.722_22.05.2011_10-14drv
setup_9.0.0.722_26.05.2011_14-12drv

Error - 31/10/2011 12:57:06 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7024
Description = Servizio Distributed Transaction Coordinator terminato. Errore specifico
del servizio 3221229584 (0xC0001010).

Error - 31/10/2011 12:57:24 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: 38155281
setup_9.0.0.722_22.05.2011_10-14drv
setup_9.0.0.722_26.05.2011_14-12drv

Error - 31/10/2011 16:07:30 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7024
Description = Servizio Distributed Transaction Coordinator terminato. Errore specifico
del servizio 3221229584 (0xC0001010).

Error - 31/10/2011 16:07:48 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: 38155281
setup_9.0.0.722_22.05.2011_10-14drv
setup_9.0.0.722_26.05.2011_14-12drv

Error - 01/11/2011 08:39:52 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7024
Description = Servizio Distributed Transaction Coordinator terminato. Errore specifico
del servizio 3221229584 (0xC0001010).

Error - 01/11/2011 08:40:28 | Computer Name = E774BAE2 | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: 38155281
setup_9.0.0.722_22.05.2011_10-14drv
setup_9.0.0.722_26.05.2011_14-12drv

< End of report >

Per l'altro log ho un problema,mi dice che sono troppi caratteri. te lo mando in 2 parti?

da **mitrha** » mar nov 01, 2011 2:08 pm

Prima parte:

OTL logfile created on: 01/11/2011 14:00:21 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\PROGRAMMI
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 664.28 Mb Available Physical Memory | 64.90% Memory free
2.40 Gb Paging File | 2.02 Gb Available in Paging File | 84.13% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 186.30 Gb Total Space | 126.05 Gb Free Space | 67.66% Space Free | Partition Type: NTFS

Computer Name: E774BAE2 | User Name: Fabio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2011/10/16 14:22:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\PROGRAMMI\OTL.exe
PRC - [2011/08/30 21:51:14 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011/08/30 21:51:13 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programmi\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/27 21:41:08 | 000,397,992 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Programmi\Ask.com\Updater\Updater.exe
PRC - [2011/06/09 12:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\File comuni\Java\Java Update\jusched.exe
PRC - [2011/03/28 15:17:55 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 15:17:44 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:17:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/24 12:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programmi\Sandboxie\SbieSvc.exe
PRC - [2010/07/20 05:28:52 | 000,280,888 | ---- | M] (COMODO.) -- C:\Programmi\COMODO\Time Machine\ClientService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programmi\CDBurnerXP\NMSAccessU.exe
PRC - [2008/04/13 18:14:08 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
PRC - [2006/05/16 11:58:18 | 000,213,936 | ---- | M] (Macrovision Corporation) -- C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/18 13:14:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/18 13:06:35 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
MOD - [2011/10/18 13:06:05 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
MOD - [2011/10/18 13:06:01 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
MOD - [2011/10/18 13:06:00 | 001,070,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
MOD - [2011/10/16 20:01:55 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/16 20:01:32 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010/06/17 14:28:20 | 000,355,688 | ---- | M] () -- C:\Programmi\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010/06/10 16:15:33 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programmi\CDBurnerXP\NMSAccessU.exe
MOD - [2007/08/20 16:41:12 | 000,233,472 | ---- | M] () -- C:\WINDOWS\system32\WlanApp.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/30 21:51:14 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/08/30 21:51:13 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programmi\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/03/28 15:17:44 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\sched.exe -- (AntiVirScheduler)
SRV - [2011/03/24 12:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programmi\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/07/20 05:28:52 | 000,280,888 | ---- | M] (COMODO.) [Auto | Running] -- C:\Programmi\COMODO\Time Machine\ClientService.exe -- (ClientService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programmi\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2007/01/19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Running] -- C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - [2011/08/30 21:51:14 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/30 21:51:14 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/24 12:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programmi\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/02/23 16:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/07/19 08:36:36 | 002,097,152 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\CTMSHD.sys -- (CTMSHD)
DRV - [2010/07/19 08:36:32 | 002,097,152 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\CTMMOUNT.sys -- (CTMMOUNT)
DRV - [2010/07/19 08:36:28 | 002,097,152 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\CTMFLT.sys -- (CTMFLT)
DRV - [2010/06/17 14:28:21 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:28:11 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programmi\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\44449212.sys -- (44449212)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\38155282.sys -- (38155282)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\27670172.sys -- (27670172)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\2767017.sys -- (setup_9.0.0.722_26.05.2011_14-12drv)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\4444921.sys -- (setup_9.0.0.722_22.05.2011_10-14drv)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\44449211.sys -- (44449211)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\27670171.sys -- (27670171)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\38155281.sys -- (38155281)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/07/18 09:40:16 | 000,093,824 | ---- | M] (USB video camera) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cam1210.sys -- (CAM1210)
DRV - [2008/04/13 17:48:40 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/01/15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2005/12/11 10:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2004/11/11 10:56:40 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004/11/11 10:56:38 | 000,033,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/11/04 03:58:20 | 000,086,144 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004/01/25 13:50:14 | 000,212,864 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/01/25 13:48:38 | 000,681,856 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/01/25 13:47:02 | 001,041,536 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 15 89 A6 D5 2D CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.it"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2011/05/28 23:03:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2011/09/30 12:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins

[2011/06/01 00:39:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Mozilla\Extensions
[2011/10/28 20:47:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Mozilla\Firefox\Profiles\egge775s.default\extensions
[2011/08/29 22:48:05 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Mozilla\Firefox\Profiles\egge775s.default\extensions\netvideohunter@netvideohunter.com
[2011/10/20 22:14:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2011/09/30 12:38:46 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/21 20:05:16 | 000,000,000 | ---D | M] (G Data Filtro web) -- C:\Programmi\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2011/10/19 17:19:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/28 23:04:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/10/20 22:14:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\{02450954-CDD9-410F-B1DA-DB804E18C671}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\UNDOCLOSEDTABSBUTTON@SUPERNOVA00.BIZ.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MANUEL VALORI.E774BAE2\DATI APPLICAZIONI\MOZILLA\FIREFOX\PROFILES\EGGE775S.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011/05/28 23:03:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/30 12:38:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2011/08/12 05:18:37 | 000,002,252 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2011/08/12 05:55:10 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2011/08/12 05:18:37 | 000,002,364 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\google.xml
[2011/08/12 05:55:10 | 000,000,825 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2011/08/12 05:55:10 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2011/08/12 05:55:10 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2011/06/16 20:22:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Rising PC Doctor) - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - C:\WINDOWS\system32\UrlFilter.dll (Beijing Rising Information Technology Co., Ltd.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (&Indirizzo) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Co&llegamenti) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Programmi\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSPM] C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 327
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC246E48-CDCC-459E-9658-8DC1363CAD69}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz - No CLSID value found
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Precaricatore Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon di cache delle categorie di componenti - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/09 16:56:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

da **mitrha** » mar nov 01, 2011 2:09 pm

Seconda parte:

========== Files/Folders - Created Within 60 Days ==========

[2011/10/31 22:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\TeraCopy
[2011/10/31 22:38:25 | 000,000,000 | ---D | C] -- C:\Programmi\TeraCopy
[2011/10/31 22:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\nLite
[2011/10/31 22:28:24 | 000,000,000 | ---D | C] -- C:\Programmi\nLite
[2011/10/31 22:10:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\Guide&Manuals
[2011/10/31 17:35:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2011/10/31 11:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Autorun Analyzer
[2011/10/31 11:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\CCE
[2011/10/31 11:28:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\KillSwitch
[2011/10/31 11:21:30 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\HijackThis.exe
[2011/10/30 16:54:06 | 001,564,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\tdsskiller.exe
[2011/10/30 13:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ScreenshotCaptor
[2011/10/30 13:39:48 | 000,000,000 | ---D | C] -- C:\Programmi\ScreenshotCaptor
[2011/10/30 13:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\DonationCoder
[2011/10/29 14:39:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\suoni
[2011/10/29 14:31:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Recent
[2011/10/29 14:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\PROGRAMMI
[2011/10/29 14:12:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot - Search & Destroy
[2011/10/29 14:11:53 | 000,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2011/10/29 14:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2011/10/29 14:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\SUPERAntiSpyware.com
[2011/10/29 13:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
[2011/10/29 13:59:34 | 000,000,000 | ---D | C] -- C:\Programmi\SUPERAntiSpyware
[2011/10/29 13:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AdWare SpyWare SE
[2011/10/29 13:35:04 | 000,000,000 | ---D | C] -- C:\Programmi\AdWare SpyWare SE
[2011/10/29 13:10:30 | 000,000,000 | ---D | C] -- C:\Programmi\Lavasoft
[2011/10/28 11:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\Curricula
[2011/10/27 18:51:42 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/10/27 18:51:39 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/10/27 18:51:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/10/27 18:51:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/10/27 18:51:32 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/10/27 18:51:30 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/10/27 18:51:28 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/10/27 18:51:25 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/10/27 18:51:23 | 000,010,752 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/10/27 18:51:20 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/10/27 18:51:17 | 000,702,845 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2011/10/27 18:51:17 | 000,161,020 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2011/10/27 18:51:15 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/10/27 18:51:12 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/10/27 18:51:11 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2011/10/27 18:51:10 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2011/10/27 18:50:40 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/10/27 18:50:37 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/10/27 18:50:35 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/10/27 18:50:33 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/10/27 18:50:30 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/10/27 18:50:28 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/10/27 18:50:26 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/10/27 18:50:23 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/10/27 18:50:21 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/10/27 18:50:19 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/10/27 18:50:17 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/10/27 18:50:14 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/10/27 18:50:12 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/10/27 18:50:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/10/27 18:50:04 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/10/27 18:50:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/10/27 18:50:00 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/10/27 18:49:58 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2011/10/27 18:49:56 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/10/27 18:49:53 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/27 18:49:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/10/27 18:49:45 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/27 18:49:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/10/27 18:49:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/10/27 18:49:29 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/10/27 18:49:27 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/10/27 18:49:25 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/10/27 18:49:24 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/10/27 18:49:21 | 000,908,224 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/10/27 18:49:20 | 000,028,416 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/27 18:49:18 | 000,082,688 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/27 18:49:16 | 000,017,536 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/27 18:49:14 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/10/27 18:49:13 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/10/27 18:49:11 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/10/27 18:49:09 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/10/27 18:49:07 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/10/27 18:49:05 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/10/27 18:49:04 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/27 18:48:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/10/27 18:48:53 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/27 18:48:51 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/27 18:48:49 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/27 18:48:47 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/27 18:48:45 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/27 18:48:44 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/27 18:48:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/10/27 18:48:37 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/10/27 18:48:31 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/10/27 18:48:05 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/27 18:48:03 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/10/27 18:48:01 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/27 18:48:00 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/27 18:47:57 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/10/27 18:47:56 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/10/27 18:47:52 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/10/27 18:47:50 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/10/27 18:47:48 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/10/27 18:47:44 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/10/27 18:47:44 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/10/27 18:47:42 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/10/27 18:47:40 | 000,348,062 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/10/27 18:47:38 | 000,594,750 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/10/27 18:47:36 | 000,596,159 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/10/27 18:47:34 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/10/27 18:47:33 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/10/27 18:47:31 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/10/27 18:47:29 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/10/27 18:47:27 | 000,062,464 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/10/27 18:47:26 | 000,051,712 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/10/27 18:47:24 | 000,053,760 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/10/27 18:47:22 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/10/27 18:47:20 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/10/27 18:47:18 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/10/27 18:47:17 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/10/27 18:47:16 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/10/27 18:47:12 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/10/27 18:47:11 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/10/27 18:47:10 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/10/27 18:47:08 | 000,176,128 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/10/27 18:47:07 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/10/27 18:47:06 | 000,455,711 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/10/27 18:47:05 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/10/27 18:47:04 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/10/27 18:47:02 | 000,241,270 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/10/27 18:47:01 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/10/27 18:47:00 | 000,634,166 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/10/27 18:46:59 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/10/27 18:46:57 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/10/27 18:46:56 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/10/27 18:46:55 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/10/27 18:46:54 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/10/27 18:46:53 | 000,044,615 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/10/27 18:46:48 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/10/27 18:46:46 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2011/10/27 18:46:45 | 000,051,743 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/10/27 18:46:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/10/27 18:46:41 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/27 18:46:38 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2011/10/27 18:46:36 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/27 18:46:35 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/10/27 18:46:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/10/27 18:46:33 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/10/27 18:46:32 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/10/27 18:46:29 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/27 18:46:28 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/10/27 18:46:27 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/27 18:46:26 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/27 18:46:22 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/27 18:46:20 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/27 18:46:18 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/27 18:46:15 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/27 18:46:14 | 000,622,621 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/10/27 18:46:13 | 000,042,624 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/10/27 18:46:12 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/10/27 18:46:11 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/10/27 18:46:10 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/10/27 18:46:09 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/10/27 18:46:08 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/10/27 18:46:07 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/10/27 18:46:06 | 000,090,685 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/10/27 18:46:05 | 000,103,460 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/10/27 18:46:04 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/10/27 18:46:03 | 000,037,959 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/10/27 18:46:02 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/10/27 18:45:59 | 000,421,917 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/10/27 18:45:58 | 000,029,787 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/10/27 18:45:57 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/27 18:45:56 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/27 18:45:55 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/10/27 18:45:54 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/10/27 18:45:53 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/27 18:45:52 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/10/27 18:45:50 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/10/27 18:45:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/10/27 18:45:48 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/10/27 18:45:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/10/27 18:45:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/10/27 18:45:43 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2011/10/27 18:45:42 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2011/10/27 18:45:39 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/10/27 18:45:38 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/10/27 18:45:37 | 000,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/10/27 18:45:36 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/10/27 18:45:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/10/27 18:45:34 | 000,050,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/10/27 18:45:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/10/27 18:45:32 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/10/27 18:45:31 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/27 18:45:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/10/27 18:45:30 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/27 18:45:29 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/27 18:45:28 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/27 18:45:27 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/27 18:45:26 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/27 18:45:25 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/27 18:45:24 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/10/27 18:45:23 | 000,251,392 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/27 18:45:23 | 000,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/10/27 18:45:22 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/10/27 18:45:21 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/10/27 18:45:19 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/10/27 18:45:18 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/10/27 18:45:17 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/27 18:45:16 | 000,061,322 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/10/27 18:45:15 | 000,022,045 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/10/27 18:45:14 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2011/10/27 18:45:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2011/10/27 18:45:09 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/10/27 18:45:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/10/27 18:45:07 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2011/10/27 18:45:06 | 000,020,992 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/27 18:45:05 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2011/10/27 18:45:04 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/10/27 18:45:04 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/10/27 18:45:03 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/10/27 18:45:03 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/10/27 18:45:02 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/10/27 18:45:01 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/10/27 18:45:00 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/27 18:44:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/10/27 18:44:54 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/27 18:44:53 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/27 18:44:53 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/27 18:44:52 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/27 18:44:52 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/27 18:44:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2011/10/27 18:44:50 | 000,715,338 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/27 18:44:49 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/27 18:44:49 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/27 18:44:48 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/27 18:44:47 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/27 18:44:46 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/27 18:44:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/10/27 18:44:44 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/10/27 18:44:44 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/10/27 18:44:43 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/10/27 18:44:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/10/27 18:44:42 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/10/27 18:44:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/10/27 18:44:41 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/10/27 18:44:41 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/10/27 18:44:23 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/10/27 18:44:22 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/27 18:44:21 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/27 18:44:21 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/27 18:44:21 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/27 18:44:20 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/27 18:44:20 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/27 18:44:19 | 000,039,680 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/27 18:44:18 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/27 18:44:17 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/27 18:44:17 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/27 18:44:17 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/27 18:44:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/10/27 18:44:16 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/27 18:44:15 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/27 18:44:15 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/27 18:44:14 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/27 18:44:14 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/27 15:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\AssicurazioneOpel
[2011/10/26 00:35:06 | 000,000,000 | ---D | C] -- C:\Programmi\RegScrubXP
[2011/10/26 00:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\RegScrubXP
[2011/10/25 20:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\Copy Handler
[2011/10/20 22:14:24 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2011/10/19 17:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\OpenOffice.org
[2011/10/19 17:21:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\OpenOffice.org 3.3
[2011/10/19 17:20:03 | 000,000,000 | ---D | C] -- C:\Programmi\OpenOffice.org 3
[2011/10/19 17:19:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/19 17:19:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/19 17:19:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/10/19 16:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\AskToolbar
[2011/10/19 16:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\AskToolbar
[2011/10/19 12:25:01 | 000,000,000 | ---D | C] -- C:\Programmi\Adobe
[2011/10/17 21:28:40 | 000,000,000 | ---D | C] -- C:\Programmi\Ask.com
[2011/10/17 21:23:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/10/17 21:15:04 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/10/17 21:15:04 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/10/16 20:10:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\IECompatCache
[2011/10/16 19:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\ApplicationHistory
[2011/10/16 19:52:17 | 000,000,000 | ---D | C] -- C:\Programmi\MSXML 4.0
[2011/10/16 19:47:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/10/16 19:12:24 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/10/16 19:12:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/10/16 19:11:01 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/10/16 19:09:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/10/16 19:08:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/10/07 17:05:50 | 000,323,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaaut.dll
[2011/10/05 09:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Rising
[2011/10/05 09:55:48 | 000,637,592 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll
[2011/10/05 09:55:48 | 000,100,976 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\UrlFilter.dll
[2011/10/05 09:55:48 | 000,096,880 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll
[2011/10/05 09:55:48 | 000,015,776 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe
[2011/10/05 09:55:36 | 000,000,000 | ---D | C] -- C:\Program Files
[2011/10/04 17:24:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\VST
[2011/10/02 00:20:09 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/09/28 20:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\Ableton
[2011/09/28 20:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Ableton
[2011/09/28 20:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Ableton
[2011/09/28 20:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Ableton
[2011/09/28 20:15:48 | 000,000,000 | ---D | C] -- C:\Programmi\Ableton
[2011/09/27 23:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Korg
[2011/09/27 23:36:29 | 000,000,000 | ---D | C] -- C:\Programmi\KORG
[2011/09/27 23:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\KORG
[2011/09/27 23:36:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/09/14 13:57:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\Truetype
[2011/09/08 11:36:38 | 000,000,000 | ---D | C] -- C:\Programmi\Paint.NET
[2011/09/08 11:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\Paint.NET
[2011/09/05 14:56:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/09/05 14:56:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/06/22 22:55:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\pcouffin.sys

========== Files - Modified Within 60 Days ==========

[2011/11/01 14:01:01 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/01 13:39:48 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{5093A3DD-676C-446E-8C5E-51AEFA430526}
[2011/11/01 13:39:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/31 22:09:50 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2011/10/30 13:40:11 | 000,000,058 | ---- | M] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/10/30 13:40:11 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/10/30 13:30:36 | 000,506,138 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2011/10/30 13:30:36 | 000,435,264 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/30 13:30:36 | 000,090,170 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2011/10/30 13:30:36 | 000,069,254 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/29 13:59:38 | 000,001,642 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/29 13:35:22 | 000,000,015 | ---- | M] () -- C:\WINDOWS\ASSE.dat
[2011/10/29 13:35:06 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\AdWare SpyWare SE.lnk
[2011/10/29 13:22:28 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/29 13:21:07 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/10/28 13:09:02 | 000,001,402 | ---- | M] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\3201196373.cds
[2011/10/28 11:23:35 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\tdsskiller.exe
[2011/10/27 22:48:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/27 21:53:32 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/10/27 21:51:45 | 000,229,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/26 20:15:53 | 000,506,132 | ---- | M] () -- C:\WINDOWS\System32\prfh0410.dat
[2011/10/26 20:15:53 | 000,090,164 | ---- | M] () -- C:\WINDOWS\System32\prfc0410.dat
[2011/10/26 00:35:06 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\RegScrubXP.lnk
[2011/10/19 17:21:57 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/10/19 12:25:22 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/10/19 10:35:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/10/16 19:57:23 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2011/10/07 17:05:50 | 000,323,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaaut.dll
[2011/10/05 09:55:12 | 000,637,592 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll
[2011/10/05 09:55:12 | 000,100,976 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\UrlFilter.dll
[2011/10/05 09:55:11 | 000,096,880 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll
[2011/10/05 09:55:11 | 000,015,776 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe
[2011/10/03 09:33:20 | 005,971,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/10/03 04:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/03 04:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/03 04:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/10/03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/10/03 01:37:52 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/10/02 11:12:13 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/26 10:41:52 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011/09/26 10:41:52 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2011/09/26 10:41:52 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2011/09/26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011/09/09 10:12:01 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/06 15:10:01 | 001,858,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/09/06 15:10:01 | 001,858,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2011/09/05 14:56:22 | 001,510,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2011/09/05 14:56:22 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2011/09/05 14:56:22 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/09/05 14:56:22 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll

========== Files Created - No Company Name ==========

[2011/10/29 13:59:38 | 000,001,642 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/29 13:35:22 | 000,000,015 | ---- | C] () -- C:\WINDOWS\ASSE.dat
[2011/10/29 13:35:06 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\AdWare SpyWare SE.lnk
[2011/10/29 13:10:58 | 000,000,506 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/27 18:49:51 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/27 18:49:47 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/27 18:49:42 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/27 18:49:38 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/27 18:49:33 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/27 18:46:25 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/27 18:46:24 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/27 18:46:23 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/27 18:46:19 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/26 00:35:06 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\RegScrubXP.lnk
[2011/10/26 00:25:13 | 000,506,132 | ---- | C] () -- C:\WINDOWS\System32\prfh0410.dat
[2011/10/26 00:25:13 | 000,090,164 | ---- | C] () -- C:\WINDOWS\System32\prfc0410.dat
[2011/10/19 17:21:57 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/10/19 12:25:22 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/10/19 12:25:21 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader X.lnk
[2011/10/17 21:28:45 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/10/16 19:57:23 | 000,000,151 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2011/09/08 11:36:49 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Paint.NET.lnk
[2011/09/08 11:36:49 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2011/08/22 20:30:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/08/12 17:36:52 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\streamrai.ini
[2011/08/12 14:20:03 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/08/12 14:20:03 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/07/23 02:24:05 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/06/22 22:55:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\inst.exe
[2011/06/22 22:55:10 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\pcouffin.cat
[2011/06/22 22:55:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\pcouffin.inf
[2011/06/22 22:34:00 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\vso_ts_preview.xml
[2011/06/22 20:44:48 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/06/22 20:44:48 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/06/21 23:55:31 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/09 20:55:23 | 002,097,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\CTMSHD.sys
[2011/06/09 20:55:23 | 002,097,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\CTMMOUNT.sys
[2011/06/09 20:55:23 | 002,097,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\CTMFLT.sys
[2011/06/01 23:21:52 | 000,001,416 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/05/30 09:05:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/29 22:59:36 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/05/22 23:56:29 | 000,315,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\3815528.sys
[2011/05/22 23:56:29 | 000,128,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\38155281.sys
[2011/05/21 15:08:42 | 000,062,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/05/21 15:08:42 | 000,033,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/05/21 11:32:26 | 000,026,372 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2011/01/19 21:53:05 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/01/09 17:42:40 | 000,000,841 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2011/01/09 17:42:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/12/04 00:09:54 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/11/15 13:38:07 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/11/15 13:37:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/17 11:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/12 20:00:21 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/10/12 17:37:55 | 000,000,200 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/06/15 12:51:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2010/06/15 12:51:23 | 000,036,099 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2010/06/15 10:16:59 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/11 21:16:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/11 20:39:14 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll
[2010/06/11 20:39:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2010/06/10 14:43:30 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/06/10 10:07:47 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\CapabilityTable.exe
[2010/06/09 18:45:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/09 18:44:33 | 000,229,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/09 16:58:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/09 16:54:25 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/02/11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/02/11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/04/23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/11/28 00:14:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008/05/26 21:22:48 | 000,016,708 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 21:22:46 | 000,021,662 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 21:22:44 | 000,016,338 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/10/30 10:58:30 | 000,200,704 | ---- | C] () -- C:\WINDOWS\StiC1210.exe
[2007/08/30 19:38:34 | 000,060,416 | ---- | C] () -- C:\WINDOWS\StiD1210.exe
[2007/03/07 18:07:12 | 000,021,174 | ---- | C] () -- C:\WINDOWS\cam1210.ini
[2006/11/08 13:27:06 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\cam1210.dll
[2006/03/02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/03/02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/02 13:00:00 | 000,506,138 | ---- | C] () -- C:\WINDOWS\System32\perfh010.dat
[2006/03/02 13:00:00 | 000,435,264 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/03/02 13:00:00 | 000,300,212 | ---- | C] () -- C:\WINDOWS\System32\perfi010.dat
[2006/03/02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/02 13:00:00 | 000,090,170 | ---- | C] () -- C:\WINDOWS\System32\perfc010.dat
[2006/03/02 13:00:00 | 000,069,254 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/03/02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/02 13:00:00 | 000,034,004 | ---- | C] () -- C:\WINDOWS\System32\perfd010.dat
[2006/03/02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/03/02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/03/02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011/09/28 20:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ableton
[2010/10/13 10:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2011/05/19 23:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
[2011/10/31 17:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2011/10/30 13:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DonationCoder
[2011/05/23 21:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Hitman Pro
[2010/10/13 09:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2011/05/19 23:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PACE Anti-Piracy
[2011/08/17 23:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ParetoLogic
[2011/10/26 20:29:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Rising
[2011/09/28 20:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Ableton
[2011/10/19 16:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\AskToolbar
[2011/10/31 11:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Autorun Analyzer
[2011/06/04 20:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\avidemux
[2011/06/21 23:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Canneverbe Limited
[2011/10/31 11:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\CCE
[2011/10/27 15:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Disk Cleaner
[2011/08/12 14:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\DonationCoder
[2011/07/06 22:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\FreeVideoConverter
[2011/06/01 11:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\GlarySoft
[2011/06/22 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\IObit
[2011/10/31 11:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\KillSwitch
[2011/09/27 23:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Korg
[2011/06/21 20:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Mael
[2011/10/19 17:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\OpenOffice.org
[2011/06/01 23:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Runscanner.net
[2011/07/18 22:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Systweak
[2011/08/17 12:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\TeraCopy
[2011/06/22 22:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Vso
[2011/06/01 00:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Windows Search
[2011/08/12 12:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Wormux
[2011/10/29 13:22:28 | 000,000,506 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/10/31 22:41:16 | 000,032,548 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/11/01 14:01:01 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 1184 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft:tUt8dKrRGClr3yEF9iH5Es0U4P

< End of report >

da **hashcat** » mar nov 01, 2011 4:29 pm

Posta un log aggiornato di TDSSKiller rinominandolo in maniera casuale.

Potrai trovare il log generato in C:\

[^]

da **hashcat** » mar nov 01, 2011 5:46 pm

Complessivamente i log non mostrano evidenti infezioni, solo qualche traccia da rimuovere.

Scarica The Avenger 2 da qui
Eseguilo
Deseleziona l'opzione Scan for rootkits
Inserisci il seguente script nella casella di testo
Premi Execute

Codice: Seleziona tutto
Folders to delete: C:\Documents and Settings\All Users\Dati applicazioni\MFAData C:\Documents and Settings\Manuel Valori.E774BAE2\Dati applicazioni\Mael Files to move: C:\Windows\System32\drivers\3815528.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver.sys C:\Windows\System32\drivers\38155281.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver1.sys C:\Windows\System32\drivers\38155282.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver2.sys C:\Windows\System32\drivers\4444921.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver3.sys C:\Windows\System32\drivers\44449211.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver3.sys C:\Windows\System32\drivers\44449212.sys | C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver4.sys
Autorizza The Avenger 2 a riavviare il computer
Inserisci nel prossimo messaggio il log generato da The Avenger 2 (C:\Avenger.txt)

Dopo aver fatto questo passiamo ad OTL:

Inserisci questo script nella casella Custom Scans/Fixes di OTL e clicca Run Fix

Codice: Seleziona tutto
:OTL @Alternate Data Stream - 1184 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft:tUt8dKrRGClr3yEF9iH5Es0U4P :Commands [PURITY] [EMPTYTEMP] [CLEARALLRESTOREPOINTS]
Anche questa volta il computer verrà riavviato.
Inserisci il log di OTL nel tuo prossimo messaggio (C:\_OTL\MovedFiles)

Carica i seguenti files su Virustotal se i files sono già stati analizzati falli riscansionare (fai in modo che GLI screenshot siano leggibili):

Codice: Seleziona tutto: C:\Documents and Settings\Manuel Valori.E774BAE2\Documenti\3201196373.cds C:\Documents and Settings\Manuel Valori.E774BAE2\Impostazioni locali\Dati applicazioni\fusioncache.dat C:\WINDOWS\ASSE.dat C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver.sys C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver1.sys C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver2.sys C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver3.sys C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver3.sys C:\Documents and Settings\Manuel Valori.E774BAE2\Desktop\driver4.sys

www.MegaLab.it

AIUTO log SuperAntySpyware

AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Re: AIUTO log SuperAntySpyware

Chi c’è in linea