Stamattina, mentre navigavo il mio antivirus mi segnala un virus neutralizzato. Il file infetto era C:\Windows\System32\lxaa.dll ed era visto come Dialer.igw.
Dopo pochi minuti mi esce un altro avviso relativo stavolta a C:\windows\system32\in3.dll visto come Adware/Keen Value e questo si ripresenta abbastanza spesso.
Poi altri avvisi come C:\windows\bi.dll visto come Spyware/BetterInet, C:\windows\system32\lycos.dll visto come Adware/SideSearch, C:\windows\system32\ss_msi1_setup.exe visto come Adware/sidesearch e C:\Windows\Downloaded program files\calciom.exe visto come dialer.dkm
Di questi solo il secondo si presenta ogni tanto con un avviso dell'antivirus.
Cercando un po' ho trovato Spysweeper, installato la trial e fatto la scansione, ovviamente senza abbonamento non potevo rimuovere nulla, ma ho fatto un log che allego. E poi ho fatto un log anche di hijackthis che allego anche questo. Ora mentre aspetto la costra risposta faccio una scansione anche con spybot, e vedo cosa mi trova.
Voi potete dirmi cos'altro fare? Grazie.
11.45: Tracce rilevate: 207
11.45: Scansione completa completata. Tempo trascorso 00.39.19
11.44: Scansione dei file completata. Tempo trascorso: 00.31.38
11.35: Attenzione: SweepDirectories: Cannot find directory "f:". This directory was not added to the list of paths to be scanned.
11.35: Attenzione: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.
11.35: Attenzione: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
11.35: C:\WINDOWS\inf\biini.inf (ID = 83199)
11.35: C:\WINDOWS\LastGood\Downloaded Program Files\UniDist.inf (ID = 365904)
11.35: C:\WINDOWS\inf\Belt.inf (ID = 83154)
11.35: C:\WINDOWS\inf\satmat.inf (ID = 488322)
11.35: C:\WINDOWS\satmat.ini (ID = 83499)
11.35: C:\WINDOWS\inf\bi.inf (ID = 83180)
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms858d3b99-32a9-4f76-89e5-4640a8e7a8ff.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms1a40241e-fd1b-49a6-95ac-6c24457c614f.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmse989cf9e-eb48-489a-a2e6-ffae4798c510.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmsb254fe2e-013f-4d96-acf3-01fdb9165771.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms2b9f1325-dde7-4d77-8ef9-995d863a483d.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmsa4cd387c-231e-4fcd-b3f4-e124008f1f54.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\administrator\impostazioni locali\temp\jet2.tmp". Operazione completata
11.33: c:\windows\downloaded program files\accesmembre.inf (ID = 311092)
11.32: C:\WINDOWS\system32\im64.dll (ID = 69841)
11.32: Trovati Adware: mindset interactive - favoriteman
11.30: C:\WINDOWS\GatorPdpSetup.log (ID = 61399)
11.27: C:\WINDOWS\bi.dll (ID = 83176)
11.27: Trovati Adware: directrevenue-abetterinternet
11.27: C:\WINDOWS\svchost.dll (ID = 792043)
11.27: Trovati Trojan Horse: trojan-downloader-tukpat
11.26: C:\Programmi\DivX\DivX Pro Codec\gain_trickler_3202.exe (ID = 61374)
11.25: C:\WINDOWS\system32\Lycos.dll (ID = 365458)
11.24: C:\WINDOWS\system32\ss_msi1_setup.exe (ID = 365125)
11.21: Attenzione: Failed to open file "c:\documents and settings\administrator\impostazioni locali\temp\pxr2.tmp". Operazione completata
11.13: Avvio scansione file in corso
11.13: Attenzione: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
11.13: Scansione dei cookie completata. Tempo trascorso: 00.00.02
11.13: c:\documents and settings\administrator\cookies\administrator@yadro[1].txt (ID = 3743)
11.13: Trovati Spy Cookie: yadro cookie
11.13: c:\documents and settings\administrator\cookies\administrator@xxxcounter[1].txt (ID = 3733)
11.13: c:\documents and settings\administrator\cookies\administrator@xren_cj[2].txt (ID = 3723)
11.13: Trovati Spy Cookie: xren_cj cookie
11.13: c:\documents and settings\administrator\cookies\administrator@xiti[1].txt (ID = 3717)
11.13: Trovati Spy Cookie: xiti cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.xxxcounter[1].txt (ID = 3734)
11.13: Trovati Spy Cookie: xxxcounter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.xxx69[2].txt (ID = 3732)
11.13: Trovati Spy Cookie: xxx69 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.myaffiliateprogram[2].txt (ID = 3032)
11.13: Trovati Spy Cookie: myaffiliateprogram.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.freestats[2].txt (ID = 2705)
11.13: Trovati Spy Cookie: freestats.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.counter[1].txt (ID = 2478)
11.13: Trovati Spy Cookie: counter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.burstbeacon[1].txt (ID = 2335)
11.13: Trovati Spy Cookie: burstbeacon cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.888[2].txt (ID = 2020)
11.13: Trovati Spy Cookie: 888 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@weborama[2].txt (ID = 3658)
11.13: Trovati Spy Cookie: weborama cookie
11.13: c:\documents and settings\administrator\cookies\administrator@webads[3].txt (ID = 3650)
11.13: c:\documents and settings\administrator\cookies\administrator@webads[2].txt (ID = 3650)
11.13: Trovati Spy Cookie: webads cookie
11.13: c:\documents and settings\administrator\cookies\administrator@wayin.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@vip.clickzs[1].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@videoegg.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@videodome[2].txt (ID = 3638)
11.13: Trovati Spy Cookie: videodome cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ugo[1].txt (ID = 3608)
11.13: Trovati Spy Cookie: ugo cookie
11.13: c:\documents and settings\administrator\cookies\administrator@tribalfusion[2].txt (ID = 3589)
11.13: Trovati Spy Cookie: tribalfusion cookie
11.13: c:\documents and settings\administrator\cookies\administrator@trafficmp[1].txt (ID = 3581)
11.13: Trovati Spy Cookie: trafficmp cookie
11.13: c:\documents and settings\administrator\cookies\administrator@toyota.touchclarity[1].txt (ID = 3566)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[4].txt (ID = 3557)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[2].txt (ID = 3557)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[1].txt (ID = 3557)
11.13: Trovati Spy Cookie: toplist cookie
11.13: c:\documents and settings\administrator\cookies\administrator@tacoda[2].txt (ID = 6444)
11.13: c:\documents and settings\administrator\cookies\administrator@studenti.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@stat.onestat[1].txt (ID = 3098)
11.13: Trovati Spy Cookie: onestat.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@sportnet.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@specificclick[2].txt (ID = 3399)
11.13: c:\documents and settings\administrator\cookies\administrator@sixapart.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[5].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[4].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[3].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[2].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[1].txt (ID = 3345)
11.13: Trovati Spy Cookie: servlet cookie
11.13: c:\documents and settings\administrator\cookies\administrator@serving-sys[3].txt (ID = 3343)
11.13: c:\documents and settings\administrator\cookies\administrator@serving-sys[1].txt (ID = 3343)
11.13: Trovati Spy Cookie: serving-sys cookie
11.13: c:\documents and settings\administrator\cookies\administrator@server.iad.liveperson[1].txt (ID = 3341)
11.13: Trovati Spy Cookie: server.iad.liveperson cookie
11.13: c:\documents and settings\administrator\cookies\administrator@search.gamespy[1].txt (ID = 2719)
11.13: c:\documents and settings\administrator\cookies\administrator@rotator.adjuggler[1].txt (ID = 2071)
11.13: Trovati Spy Cookie: adjuggler cookie
11.13: c:\documents and settings\administrator\cookies\administrator@revenue[1].txt (ID = 3257)
11.13: Trovati Spy Cookie: revenue.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@realmedia[2].txt (ID = 3235)
11.13: Trovati Spy Cookie: realmedia cookie
11.13: c:\documents and settings\administrator\cookies\administrator@rambler[1].txt (ID = 3225)
11.13: Trovati Spy Cookie: rambler cookie
11.13: c:\documents and settings\administrator\cookies\administrator@questionmarket[2].txt (ID = 3217)
11.13: Trovati Spy Cookie: questionmarket cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ps2.gamespy[1].txt (ID = 2719)
11.13: c:\documents and settings\administrator\cookies\administrator@prospect.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@pricegrabber[2].txt (ID = 3185)
11.13: Trovati Spy Cookie: pricegrabber cookie
11.13: c:\documents and settings\administrator\cookies\administrator@porngraph[1].txt (ID = 3170)
11.13: Trovati Spy Cookie: porngraph cookie
11.13: c:\documents and settings\administrator\cookies\administrator@perf.overture[1].txt (ID = 3106)
11.13: c:\documents and settings\administrator\cookies\administrator@peel[2].txt (ID = 3127)
11.13: Trovati Spy Cookie: peel network cookie
11.13: c:\documents and settings\administrator\cookies\administrator@pcash.imlive[1].txt (ID = 2844)
11.13: c:\documents and settings\administrator\cookies\administrator@paycounter[1].txt (ID = 3115)
11.13: Trovati Spy Cookie: paycounter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@passion[2].txt (ID = 3113)
11.13: Trovati Spy Cookie: passion cookie
11.13: c:\documents and settings\administrator\cookies\administrator@partypoker[2].txt (ID = 3111)
11.13: Trovati Spy Cookie: partypoker cookie
11.13: c:\documents and settings\administrator\cookies\administrator@overture[2].txt (ID = 3105)
11.13: c:\documents and settings\administrator\cookies\administrator@outster[1].txt (ID = 3103)
11.13: Trovati Spy Cookie: outster cookie
11.13: c:\documents and settings\administrator\cookies\administrator@oasc06006.247realmedia[1].txt (ID = 1954)
11.13: c:\documents and settings\administrator\cookies\administrator@mrskin[1].txt (ID = 3020)
11.13: Trovati Spy Cookie: mrskin cookie
11.13: c:\documents and settings\administrator\cookies\administrator@movies.about[2].txt (ID = 2038)
11.13: c:\documents and settings\administrator\cookies\administrator@metriweb[1].txt (ID = 2992)
11.13: Trovati Spy Cookie: metriweb.be cookie
11.13: c:\documents and settings\administrator\cookies\administrator@maxserving[1].txt (ID = 2966)
11.13: Trovati Spy Cookie: maxserving cookie
11.13: c:\documents and settings\administrator\cookies\administrator@magazine.excite[2].txt (ID = 2632)
11.13: c:\documents and settings\administrator\cookies\administrator@kinghost[2].txt (ID = 2903)
11.13: Trovati Spy Cookie: kinghost cookie
11.13: c:\documents and settings\administrator\cookies\administrator@infospace[1].txt (ID = 2865)
11.13: Trovati Spy Cookie: infospace cookie
11.13: c:\documents and settings\administrator\cookies\administrator@imlive[1].txt (ID = 2843)
11.13: Trovati Spy Cookie: imlive.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@hotlog[1].txt (ID = 2801)
11.13: Trovati Spy Cookie: hotlog cookie
11.13: c:\documents and settings\administrator\cookies\administrator@hc2.humanclick[1].txt (ID = 2810)
11.13: Trovati Spy Cookie: humanclick cookie
11.13: c:\documents and settings\administrator\cookies\administrator@gostats[1].txt (ID = 2747)
11.13: Trovati Spy Cookie: gostats cookie
11.13: c:\documents and settings\administrator\cookies\administrator@goal.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@gjacket.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@gamespy[1].txt (ID = 2719)
11.13: Trovati Spy Cookie: gamespy cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fortunecity[1].txt (ID = 2686)
11.13: Trovati Spy Cookie: fortunecity cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fl01.ct2.comclick[1].txt (ID = 2450)
11.13: Trovati Spy Cookie: comclick cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fe.lea.lycos[1].txt (ID = 2660)
11.13: Trovati Spy Cookie: fe.lea.lycos.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@excite[1].txt (ID = 2631)
11.13: c:\documents and settings\administrator\cookies\administrator@edge.ru4[2].txt (ID = 3269)
11.13: Trovati Spy Cookie: ru4 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@easyjet.touchclarity[1].txt (ID = 3566)
11.13: Trovati Spy Cookie: touchclarity cookie
11.13: c:\documents and settings\administrator\cookies\administrator@domus.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@dnsstuff.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@data3.perf.overture[1].txt (ID = 3106)
11.13: Trovati Spy Cookie: overture cookie
11.13: c:\documents and settings\administrator\cookies\administrator@cz8.clickzs[2].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz7.clickzs[2].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz5.clickzs[1].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz4.clickzs[1].txt (ID = 2413)
11.13: Trovati Spy Cookie: clickzs cookie
11.13: c:\documents and settings\administrator\cookies\administrator@customer[1].txt (ID = 2481)
11.13: Trovati Spy Cookie: customer cookie
11.13: c:\documents and settings\administrator\cookies\administrator@commerce[1].txt (ID = 2451)
11.13: Trovati Spy Cookie: commerce cookie
11.13: c:\documents and settings\administrator\cookies\administrator@club.cdfreaks[1].txt (ID = 2371)
11.13: c:\documents and settings\administrator\cookies\administrator@cgm.adbureau[2].txt (ID = 2060)
11.13: Trovati Spy Cookie: adbureau cookie
11.13: c:\documents and settings\administrator\cookies\administrator@cdfreaks[2].txt (ID = 2370)
11.13: c:\documents and settings\administrator\cookies\administrator@ccbill[2].txt (ID = 2369)
11.13: Trovati Spy Cookie: ccbill cookie
11.13: c:\documents and settings\administrator\cookies\administrator@calcio.excite[2].txt (ID = 2632)
11.13: c:\documents and settings\administrator\cookies\administrator@cala79.blog.excite[2].txt (ID = 2632)
11.13: Trovati Spy Cookie: excite cookie
11.13: c:\documents and settings\administrator\cookies\administrator@bs.serving-sys[1].txt (ID = 2330)
11.13: Trovati Spy Cookie: bs.serving-sys cookie
11.13: c:\documents and settings\administrator\cookies\administrator@bravenet[2].txt (ID = 2322)
11.13: Trovati Spy Cookie: bravenet cookie
11.13: c:\documents and settings\administrator\cookies\administrator@a[1].txt (ID = 2027)
11.13: Trovati Spy Cookie: a cookie
11.13: c:\documents and settings\administrator\cookies\administrator@azjmp[2].txt (ID = 2270)
11.13: Trovati Spy Cookie: azjmp cookie
11.13: c:\documents and settings\administrator\cookies\administrator@atwola[2].txt (ID = 2255)
11.13: c:\documents and settings\administrator\cookies\administrator@at.atwola[2].txt (ID = 2256)
11.13: Trovati Spy Cookie: atwola cookie
11.13: c:\documents and settings\administrator\cookies\administrator@askmen[1].txt (ID = 2247)
11.13: Trovati Spy Cookie: askmen cookie
11.13: c:\documents and settings\administrator\cookies\administrator@as-us.falkag[1].txt (ID = 2650)
11.13: c:\documents and settings\administrator\cookies\administrator@aptimus[2].txt (ID = 2233)
11.13: Trovati Spy Cookie: aptimus cookie
11.13: c:\documents and settings\administrator\cookies\administrator@anad.tacoda[2].txt (ID = 6445)
11.13: Trovati Spy Cookie: tacoda cookie
11.13: c:\documents and settings\administrator\cookies\administrator@alt[1].txt (ID = 2217)
11.13: Trovati Spy Cookie: alt cookie
11.13: c:\documents and settings\administrator\cookies\administrator@affiliate[1].txt (ID = 2199)
11.13: Trovati Spy Cookie: affiliate cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adultfriendfinder[2].txt (ID = 2165)
11.13: Trovati Spy Cookie: adultfriendfinder cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adtech[1].txt (ID = 2155)
11.13: Trovati Spy Cookie: adtech cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adserver[1].txt (ID = 2141)
11.13: Trovati Spy Cookie: adserver cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adserver.adreactor[2].txt (ID = 2087)
11.13: Trovati Spy Cookie: adreactor cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads20.hyperbanner[1].txt (ID = 2816)
11.13: Trovati Spy Cookie: hyperbanner cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads20.bpath[2].txt (ID = 2321)
11.13: c:\documents and settings\administrator\cookies\administrator@ads16.bpath[2].txt (ID = 2321)
11.13: Trovati Spy Cookie: bpath cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.tripod.lycos[2].txt (ID = 2133)
11.13: Trovati Spy Cookie: ads.tripod.lycos.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.pointroll[1].txt (ID = 3148)
11.13: Trovati Spy Cookie: pointroll cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.cdfreaks[1].txt (ID = 2371)
11.13: Trovati Spy Cookie: cd freaks cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.addynamix[2].txt (ID = 2062)
11.13: Trovati Spy Cookie: addynamix cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adrevservice[1].txt (ID = 2091)
11.13: Trovati Spy Cookie: adrevservice cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adopt.specificclick[2].txt (ID = 3400)
11.13: Trovati Spy Cookie: specificclick.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adlegend[1].txt (ID = 2074)
11.13: Trovati Spy Cookie: adlegend cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adecn[2].txt (ID = 2063)
11.13: Trovati Spy Cookie: adecn cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ad9.bannerbank[1].txt (ID = 2281)
11.13: Trovati Spy Cookie: bannerbank cookie
11.13: c:\documents and settings\administrator\cookies\administrator@about[2].txt (ID = 2037)
11.13: Trovati Spy Cookie: about cookie
11.13: c:\documents and settings\administrator\cookies\administrator@aa[2].txt (ID = 2029)
11.13: Trovati Spy Cookie: aa cookie
11.13: c:\documents and settings\administrator\cookies\administrator@a.as-eu.falkag[1].txt (ID = 2650)
11.13: Trovati Spy Cookie: falkag cookie
11.13: c:\documents and settings\administrator\cookies\administrator@2o7[2].txt (ID = 1957)
11.13: Trovati Spy Cookie: 2o7.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@276[1].txt (ID = 1955)
11.13: Trovati Spy Cookie: 276 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@247realmedia[1].txt (ID = 1953)
11.13: Trovati Spy Cookie: 247realmedia cookie
11.13: c:\documents and settings\administrator\cookies\administrator@190[2].txt (ID = 1935)
11.13: Trovati Spy Cookie: 190dotcom cookie
11.13: c:\documents and settings\administrator\cookies\administrator@127.0.0[1].txt (ID = 3281)
11.13: c:\documents and settings\administrator\cookies\administrator@0[6].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[4].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[3].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[2].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[1].txt (ID = 3282)
11.13: Trovati Spy Cookie: sandboxer cookie
11.13: Avvio scansione cookie in corso
11.12: Scansione del Registro di sistema completata. Tempo trascorso:00.00.32
11.12: HKU\S-1-5-18\software\medialoads\ (ID = 1580540)
11.12: HKU\S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping\ || {ffb51760-344e-4ffb-bfff-4b18c7ac1d63} (ID = 139398)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\medialoads\ (ID = 1580540)
11.12: Trovati Adware: great net downloadware
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search page_bak (ID = 774883)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\extensions\cmdmapping\ || {000007c6-17df-4438-92a4-de5537471ba3} (ID = 530423)
11.12: Trovati Adware: sidesearch
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\extensions\cmdmapping\ || {ffb51760-344e-4ffb-bfff-4b18c7ac1d63} (ID = 139398)
11.12: Trovati Adware: ricerchefacili
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\webbrowser\ || {b195b3b3-8a05-11d3-97a4-0004aca6948e} (ID = 127587)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\shellbrowser\ || {b195b3b3-8a05-11d3-97a4-0004aca6948e} (ID = 127585)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\explorer bars\{ff6b2fd5-093c-4d4f-bb98-5641130a9de6}\ (ID = 127574)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\webbrowser\ || {825cf5bd-8862-4430-b771-0c15c5ca8def} (ID = 125745)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search page_bak (ID = 115925)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search bar_bak (ID = 115924)
11.12: Trovati Adware: cws-aboutblank
11.12: HKLM\system\currentcontrolset\services\google online search service\ (ID = 4397839)
11.12: HKLM\software\classes\clsid\{f250d521-225d-4d6b-8829-e064f944e180}\ (ID = 1863360)
11.12: HKCR\clsid\{f250d521-225d-4d6b-8829-e064f944e180}\ (ID = 1863357)
11.12: HKLM\software\classes\clsid\{e3a77057-d10b-b02a-d823-22e020c583b5}\ (ID = 1597455)
11.12: HKCR\clsid\{e3a77057-d10b-b02a-d823-22e020c583b5}\ (ID = 1597453)
11.12: Trovati Adware: linkoptimizer
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/olepro32.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956097)
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/msvcrt.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956095)
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/mfc42.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956093)
11.12: HKLM\software\microsoft\windows\currentversion\run\ || connector (ID = 928585)
11.12: Trovati Adware: comforest dialer
11.12: HKLM\software\gator.com\trickler\ (ID = 724440)
11.12: HKLM\software\gator.com\gator\ (ID = 724411)
11.12: HKLM\software\gatortest\ (ID = 639280)
11.12: HKLM\software\gator.com\ (ID = 528933)
11.11: HKCR\typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1}\ (ID = 136181)
11.11: HKLM\software\classes\typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1}\ (ID = 136154)
11.11: HKLM\software\classes\interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee}\ (ID = 136147)
11.11: HKCR\interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee}\ (ID = 136074)
11.11: Trovati Adware: networkessentials
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\unidist.ocx (ID = 135372)
11.11: Trovati Adware: multidial
11.11: HKLM\software\classes\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (ID = 127413)
11.11: HKCR\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (ID = 127250)
11.11: Trovati Adware: hotbar/zango
11.11: HKLM\software\classes\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\ (ID = 126751)
11.11: HKCR\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\ (ID = 126731)
11.11: Trovati Adware: gain - common components
11.11: HKLM\software\microsoft\windows\currentversion\internet settings\user agent\post platform\ || iebar (ID = 125752)
11.11: HKLM\software\microsoft\internet explorer\toolbar\ || {825cf5bd-8862-4430-b771-0c15c5ca8def} (ID = 125743)
11.11: HKLM\software\classes\clsid\{be8d0059-d24d-4919-b76f-99f4a2203647}\ (ID = 125724)
11.11: HKLM\software\classes\clsid\{825cf5bd-8862-4430-b771-0c15c5ca8def}\ (ID = 125722)
11.11: HKLM\software\classes\clsid\{0a1d22c3-37be-470c-9c29-e3074ee0574b}\ (ID = 125717)
11.11: HKCR\clsid\{be8d0059-d24d-4919-b76f-99f4a2203647}\ (ID = 125694)
11.11: HKCR\clsid\{825cf5bd-8862-4430-b771-0c15c5ca8def}\ (ID = 125692)
11.11: HKCR\clsid\{0a1d22c3-37be-470c-9c29-e3074ee0574b}\ (ID = 125687)
11.11: Trovati Adware: elitebar
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admprog.dll (ID = 103524)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admfdi.dll (ID = 103523)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admdloader.dll (ID = 103522)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admdata.dll (ID = 103521)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\adm4.dll (ID = 103520)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\adm.exe (ID = 103519)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admprog.dll\ (ID = 103511)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admfdi.dll\ (ID = 103510)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admdloader.dll\ (ID = 103509)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admdata.dll\ (ID = 103508)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/adm4.dll\ (ID = 103507)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/adm.exe\ (ID = 103506)
11.11: Trovati Adware: altnet
11.11: HKCR\typelib\{a41c6220-6f42-4646-b119-fbe6f4d38e3c}\ (ID = 102483)
11.11: HKCR\clsid\{d1b80ebf-1a26-4fec-b0b9-dcb934c6507e}\ (ID = 102481)
11.11: HKCR\accesmembre.loader\ (ID = 102480)
11.11: HKCR\accesmembre.loader.1\ (ID = 102479)
11.11: Trovati Adware: accessmember
11.11: Avvio scansione Registro di sistema in corso
11.11: Scansione della memoria completata. Tempo trascorso: 00.05.59
11.05: Avvio scansione memoria in corso
11.05: HKLM\system\currentcontrolset\services\google online search service\ || imagepath (ID = 4397838)
11.05: Trovati Trojan Horse: trojan-downloader-tipikit
11.05: Avvia scansione completa
11.05: Scansione avviata utilizzando la versione delle definizioni 1314
Programma di registrazione dei tasti: Disattivato
11.05: Informativo: ShieldEmail: Start monitoring port 25 for mail activities
Allegato posta elettronica: Attivato
11.05: Informativo: ShieldEmail: Start monitoring port 110 for mail activities
Schermo BHO: Attivato
Schermo protezione IE: Attivato
Schermo Esecuzione flusso ADS (Alternate Data Stream): Attivato
Schermo di avvio: Attivato
Siti pubblicitari comuni: Disattivato
Schermo file Hosts: Attivato
Schermo Comunicazione Internet: Attivato
Schermo ActiveX.: Attivato
Schermo Servizio Windows Messenger: Attivato
Schermo Preferiti IE:: Attivato
Schermo file system: Attivato
Schermo esecuzione: Attivato
Schermo servizi di sistema: Attivato
Schermo Cattura IE: Attivato
Schermo Cookie di rilevamento IE: Disattivato
11.04: Stati degli schermi
11.04: Verifica stato licenza (0): Complimenti
11.04: Definizioni di spyware: 1314
11.04: Spy Sweeper 5.5.7.124 avviato
11.04: Spy Sweeper 5.5.7.124 avviato
11.04: | Avvio della sessione, sabato 25 ottobre 2008 |
***************
11.45: Scansione completa completata. Tempo trascorso 00.39.19
11.44: Scansione dei file completata. Tempo trascorso: 00.31.38
11.35: Attenzione: SweepDirectories: Cannot find directory "f:". This directory was not added to the list of paths to be scanned.
11.35: Attenzione: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.
11.35: Attenzione: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
11.35: C:\WINDOWS\inf\biini.inf (ID = 83199)
11.35: C:\WINDOWS\LastGood\Downloaded Program Files\UniDist.inf (ID = 365904)
11.35: C:\WINDOWS\inf\Belt.inf (ID = 83154)
11.35: C:\WINDOWS\inf\satmat.inf (ID = 488322)
11.35: C:\WINDOWS\satmat.ini (ID = 83499)
11.35: C:\WINDOWS\inf\bi.inf (ID = 83180)
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms858d3b99-32a9-4f76-89e5-4640a8e7a8ff.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms1a40241e-fd1b-49a6-95ac-6c24457c614f.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmse989cf9e-eb48-489a-a2e6-ffae4798c510.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmsb254fe2e-013f-4d96-acf3-01fdb9165771.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssms2b9f1325-dde7-4d77-8ef9-995d863a483d.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\localservice\dati applicazioni\webroot\spy sweeper\temp\ssmsa4cd387c-231e-4fcd-b3f4-e124008f1f54.tmp". Operazione completata
11.35: Attenzione: Failed to open file "c:\documents and settings\administrator\impostazioni locali\temp\jet2.tmp". Operazione completata
11.33: c:\windows\downloaded program files\accesmembre.inf (ID = 311092)
11.32: C:\WINDOWS\system32\im64.dll (ID = 69841)
11.32: Trovati Adware: mindset interactive - favoriteman
11.30: C:\WINDOWS\GatorPdpSetup.log (ID = 61399)
11.27: C:\WINDOWS\bi.dll (ID = 83176)
11.27: Trovati Adware: directrevenue-abetterinternet
11.27: C:\WINDOWS\svchost.dll (ID = 792043)
11.27: Trovati Trojan Horse: trojan-downloader-tukpat
11.26: C:\Programmi\DivX\DivX Pro Codec\gain_trickler_3202.exe (ID = 61374)
11.25: C:\WINDOWS\system32\Lycos.dll (ID = 365458)
11.24: C:\WINDOWS\system32\ss_msi1_setup.exe (ID = 365125)
11.21: Attenzione: Failed to open file "c:\documents and settings\administrator\impostazioni locali\temp\pxr2.tmp". Operazione completata
11.13: Avvio scansione file in corso
11.13: Attenzione: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
11.13: Scansione dei cookie completata. Tempo trascorso: 00.00.02
11.13: c:\documents and settings\administrator\cookies\administrator@yadro[1].txt (ID = 3743)
11.13: Trovati Spy Cookie: yadro cookie
11.13: c:\documents and settings\administrator\cookies\administrator@xxxcounter[1].txt (ID = 3733)
11.13: c:\documents and settings\administrator\cookies\administrator@xren_cj[2].txt (ID = 3723)
11.13: Trovati Spy Cookie: xren_cj cookie
11.13: c:\documents and settings\administrator\cookies\administrator@xiti[1].txt (ID = 3717)
11.13: Trovati Spy Cookie: xiti cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.xxxcounter[1].txt (ID = 3734)
11.13: Trovati Spy Cookie: xxxcounter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.xxx69[2].txt (ID = 3732)
11.13: Trovati Spy Cookie: xxx69 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.myaffiliateprogram[2].txt (ID = 3032)
11.13: Trovati Spy Cookie: myaffiliateprogram.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.freestats[2].txt (ID = 2705)
11.13: Trovati Spy Cookie: freestats.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.counter[1].txt (ID = 2478)
11.13: Trovati Spy Cookie: counter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.burstbeacon[1].txt (ID = 2335)
11.13: Trovati Spy Cookie: burstbeacon cookie
11.13: c:\documents and settings\administrator\cookies\administrator@www.888[2].txt (ID = 2020)
11.13: Trovati Spy Cookie: 888 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@weborama[2].txt (ID = 3658)
11.13: Trovati Spy Cookie: weborama cookie
11.13: c:\documents and settings\administrator\cookies\administrator@webads[3].txt (ID = 3650)
11.13: c:\documents and settings\administrator\cookies\administrator@webads[2].txt (ID = 3650)
11.13: Trovati Spy Cookie: webads cookie
11.13: c:\documents and settings\administrator\cookies\administrator@wayin.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@vip.clickzs[1].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@videoegg.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@videodome[2].txt (ID = 3638)
11.13: Trovati Spy Cookie: videodome cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ugo[1].txt (ID = 3608)
11.13: Trovati Spy Cookie: ugo cookie
11.13: c:\documents and settings\administrator\cookies\administrator@tribalfusion[2].txt (ID = 3589)
11.13: Trovati Spy Cookie: tribalfusion cookie
11.13: c:\documents and settings\administrator\cookies\administrator@trafficmp[1].txt (ID = 3581)
11.13: Trovati Spy Cookie: trafficmp cookie
11.13: c:\documents and settings\administrator\cookies\administrator@toyota.touchclarity[1].txt (ID = 3566)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[4].txt (ID = 3557)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[2].txt (ID = 3557)
11.13: c:\documents and settings\administrator\cookies\administrator@toplist[1].txt (ID = 3557)
11.13: Trovati Spy Cookie: toplist cookie
11.13: c:\documents and settings\administrator\cookies\administrator@tacoda[2].txt (ID = 6444)
11.13: c:\documents and settings\administrator\cookies\administrator@studenti.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@stat.onestat[1].txt (ID = 3098)
11.13: Trovati Spy Cookie: onestat.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@sportnet.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@specificclick[2].txt (ID = 3399)
11.13: c:\documents and settings\administrator\cookies\administrator@sixapart.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[5].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[4].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[3].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[2].txt (ID = 3345)
11.13: c:\documents and settings\administrator\cookies\administrator@servlet[1].txt (ID = 3345)
11.13: Trovati Spy Cookie: servlet cookie
11.13: c:\documents and settings\administrator\cookies\administrator@serving-sys[3].txt (ID = 3343)
11.13: c:\documents and settings\administrator\cookies\administrator@serving-sys[1].txt (ID = 3343)
11.13: Trovati Spy Cookie: serving-sys cookie
11.13: c:\documents and settings\administrator\cookies\administrator@server.iad.liveperson[1].txt (ID = 3341)
11.13: Trovati Spy Cookie: server.iad.liveperson cookie
11.13: c:\documents and settings\administrator\cookies\administrator@search.gamespy[1].txt (ID = 2719)
11.13: c:\documents and settings\administrator\cookies\administrator@rotator.adjuggler[1].txt (ID = 2071)
11.13: Trovati Spy Cookie: adjuggler cookie
11.13: c:\documents and settings\administrator\cookies\administrator@revenue[1].txt (ID = 3257)
11.13: Trovati Spy Cookie: revenue.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@realmedia[2].txt (ID = 3235)
11.13: Trovati Spy Cookie: realmedia cookie
11.13: c:\documents and settings\administrator\cookies\administrator@rambler[1].txt (ID = 3225)
11.13: Trovati Spy Cookie: rambler cookie
11.13: c:\documents and settings\administrator\cookies\administrator@questionmarket[2].txt (ID = 3217)
11.13: Trovati Spy Cookie: questionmarket cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ps2.gamespy[1].txt (ID = 2719)
11.13: c:\documents and settings\administrator\cookies\administrator@prospect.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@pricegrabber[2].txt (ID = 3185)
11.13: Trovati Spy Cookie: pricegrabber cookie
11.13: c:\documents and settings\administrator\cookies\administrator@porngraph[1].txt (ID = 3170)
11.13: Trovati Spy Cookie: porngraph cookie
11.13: c:\documents and settings\administrator\cookies\administrator@perf.overture[1].txt (ID = 3106)
11.13: c:\documents and settings\administrator\cookies\administrator@peel[2].txt (ID = 3127)
11.13: Trovati Spy Cookie: peel network cookie
11.13: c:\documents and settings\administrator\cookies\administrator@pcash.imlive[1].txt (ID = 2844)
11.13: c:\documents and settings\administrator\cookies\administrator@paycounter[1].txt (ID = 3115)
11.13: Trovati Spy Cookie: paycounter cookie
11.13: c:\documents and settings\administrator\cookies\administrator@passion[2].txt (ID = 3113)
11.13: Trovati Spy Cookie: passion cookie
11.13: c:\documents and settings\administrator\cookies\administrator@partypoker[2].txt (ID = 3111)
11.13: Trovati Spy Cookie: partypoker cookie
11.13: c:\documents and settings\administrator\cookies\administrator@overture[2].txt (ID = 3105)
11.13: c:\documents and settings\administrator\cookies\administrator@outster[1].txt (ID = 3103)
11.13: Trovati Spy Cookie: outster cookie
11.13: c:\documents and settings\administrator\cookies\administrator@oasc06006.247realmedia[1].txt (ID = 1954)
11.13: c:\documents and settings\administrator\cookies\administrator@mrskin[1].txt (ID = 3020)
11.13: Trovati Spy Cookie: mrskin cookie
11.13: c:\documents and settings\administrator\cookies\administrator@movies.about[2].txt (ID = 2038)
11.13: c:\documents and settings\administrator\cookies\administrator@metriweb[1].txt (ID = 2992)
11.13: Trovati Spy Cookie: metriweb.be cookie
11.13: c:\documents and settings\administrator\cookies\administrator@maxserving[1].txt (ID = 2966)
11.13: Trovati Spy Cookie: maxserving cookie
11.13: c:\documents and settings\administrator\cookies\administrator@magazine.excite[2].txt (ID = 2632)
11.13: c:\documents and settings\administrator\cookies\administrator@kinghost[2].txt (ID = 2903)
11.13: Trovati Spy Cookie: kinghost cookie
11.13: c:\documents and settings\administrator\cookies\administrator@infospace[1].txt (ID = 2865)
11.13: Trovati Spy Cookie: infospace cookie
11.13: c:\documents and settings\administrator\cookies\administrator@imlive[1].txt (ID = 2843)
11.13: Trovati Spy Cookie: imlive.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@hotlog[1].txt (ID = 2801)
11.13: Trovati Spy Cookie: hotlog cookie
11.13: c:\documents and settings\administrator\cookies\administrator@hc2.humanclick[1].txt (ID = 2810)
11.13: Trovati Spy Cookie: humanclick cookie
11.13: c:\documents and settings\administrator\cookies\administrator@gostats[1].txt (ID = 2747)
11.13: Trovati Spy Cookie: gostats cookie
11.13: c:\documents and settings\administrator\cookies\administrator@goal.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@gjacket.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@gamespy[1].txt (ID = 2719)
11.13: Trovati Spy Cookie: gamespy cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fortunecity[1].txt (ID = 2686)
11.13: Trovati Spy Cookie: fortunecity cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fl01.ct2.comclick[1].txt (ID = 2450)
11.13: Trovati Spy Cookie: comclick cookie
11.13: c:\documents and settings\administrator\cookies\administrator@fe.lea.lycos[1].txt (ID = 2660)
11.13: Trovati Spy Cookie: fe.lea.lycos.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@excite[1].txt (ID = 2631)
11.13: c:\documents and settings\administrator\cookies\administrator@edge.ru4[2].txt (ID = 3269)
11.13: Trovati Spy Cookie: ru4 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@easyjet.touchclarity[1].txt (ID = 3566)
11.13: Trovati Spy Cookie: touchclarity cookie
11.13: c:\documents and settings\administrator\cookies\administrator@domus.adbureau[1].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@dnsstuff.adbureau[2].txt (ID = 2060)
11.13: c:\documents and settings\administrator\cookies\administrator@data3.perf.overture[1].txt (ID = 3106)
11.13: Trovati Spy Cookie: overture cookie
11.13: c:\documents and settings\administrator\cookies\administrator@cz8.clickzs[2].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz7.clickzs[2].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz5.clickzs[1].txt (ID = 2413)
11.13: c:\documents and settings\administrator\cookies\administrator@cz4.clickzs[1].txt (ID = 2413)
11.13: Trovati Spy Cookie: clickzs cookie
11.13: c:\documents and settings\administrator\cookies\administrator@customer[1].txt (ID = 2481)
11.13: Trovati Spy Cookie: customer cookie
11.13: c:\documents and settings\administrator\cookies\administrator@commerce[1].txt (ID = 2451)
11.13: Trovati Spy Cookie: commerce cookie
11.13: c:\documents and settings\administrator\cookies\administrator@club.cdfreaks[1].txt (ID = 2371)
11.13: c:\documents and settings\administrator\cookies\administrator@cgm.adbureau[2].txt (ID = 2060)
11.13: Trovati Spy Cookie: adbureau cookie
11.13: c:\documents and settings\administrator\cookies\administrator@cdfreaks[2].txt (ID = 2370)
11.13: c:\documents and settings\administrator\cookies\administrator@ccbill[2].txt (ID = 2369)
11.13: Trovati Spy Cookie: ccbill cookie
11.13: c:\documents and settings\administrator\cookies\administrator@calcio.excite[2].txt (ID = 2632)
11.13: c:\documents and settings\administrator\cookies\administrator@cala79.blog.excite[2].txt (ID = 2632)
11.13: Trovati Spy Cookie: excite cookie
11.13: c:\documents and settings\administrator\cookies\administrator@bs.serving-sys[1].txt (ID = 2330)
11.13: Trovati Spy Cookie: bs.serving-sys cookie
11.13: c:\documents and settings\administrator\cookies\administrator@bravenet[2].txt (ID = 2322)
11.13: Trovati Spy Cookie: bravenet cookie
11.13: c:\documents and settings\administrator\cookies\administrator@a[1].txt (ID = 2027)
11.13: Trovati Spy Cookie: a cookie
11.13: c:\documents and settings\administrator\cookies\administrator@azjmp[2].txt (ID = 2270)
11.13: Trovati Spy Cookie: azjmp cookie
11.13: c:\documents and settings\administrator\cookies\administrator@atwola[2].txt (ID = 2255)
11.13: c:\documents and settings\administrator\cookies\administrator@at.atwola[2].txt (ID = 2256)
11.13: Trovati Spy Cookie: atwola cookie
11.13: c:\documents and settings\administrator\cookies\administrator@askmen[1].txt (ID = 2247)
11.13: Trovati Spy Cookie: askmen cookie
11.13: c:\documents and settings\administrator\cookies\administrator@as-us.falkag[1].txt (ID = 2650)
11.13: c:\documents and settings\administrator\cookies\administrator@aptimus[2].txt (ID = 2233)
11.13: Trovati Spy Cookie: aptimus cookie
11.13: c:\documents and settings\administrator\cookies\administrator@anad.tacoda[2].txt (ID = 6445)
11.13: Trovati Spy Cookie: tacoda cookie
11.13: c:\documents and settings\administrator\cookies\administrator@alt[1].txt (ID = 2217)
11.13: Trovati Spy Cookie: alt cookie
11.13: c:\documents and settings\administrator\cookies\administrator@affiliate[1].txt (ID = 2199)
11.13: Trovati Spy Cookie: affiliate cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adultfriendfinder[2].txt (ID = 2165)
11.13: Trovati Spy Cookie: adultfriendfinder cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adtech[1].txt (ID = 2155)
11.13: Trovati Spy Cookie: adtech cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adserver[1].txt (ID = 2141)
11.13: Trovati Spy Cookie: adserver cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adserver.adreactor[2].txt (ID = 2087)
11.13: Trovati Spy Cookie: adreactor cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads20.hyperbanner[1].txt (ID = 2816)
11.13: Trovati Spy Cookie: hyperbanner cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads20.bpath[2].txt (ID = 2321)
11.13: c:\documents and settings\administrator\cookies\administrator@ads16.bpath[2].txt (ID = 2321)
11.13: Trovati Spy Cookie: bpath cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.tripod.lycos[2].txt (ID = 2133)
11.13: Trovati Spy Cookie: ads.tripod.lycos.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.pointroll[1].txt (ID = 3148)
11.13: Trovati Spy Cookie: pointroll cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.cdfreaks[1].txt (ID = 2371)
11.13: Trovati Spy Cookie: cd freaks cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ads.addynamix[2].txt (ID = 2062)
11.13: Trovati Spy Cookie: addynamix cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adrevservice[1].txt (ID = 2091)
11.13: Trovati Spy Cookie: adrevservice cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adopt.specificclick[2].txt (ID = 3400)
11.13: Trovati Spy Cookie: specificclick.com cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adlegend[1].txt (ID = 2074)
11.13: Trovati Spy Cookie: adlegend cookie
11.13: c:\documents and settings\administrator\cookies\administrator@adecn[2].txt (ID = 2063)
11.13: Trovati Spy Cookie: adecn cookie
11.13: c:\documents and settings\administrator\cookies\administrator@ad9.bannerbank[1].txt (ID = 2281)
11.13: Trovati Spy Cookie: bannerbank cookie
11.13: c:\documents and settings\administrator\cookies\administrator@about[2].txt (ID = 2037)
11.13: Trovati Spy Cookie: about cookie
11.13: c:\documents and settings\administrator\cookies\administrator@aa[2].txt (ID = 2029)
11.13: Trovati Spy Cookie: aa cookie
11.13: c:\documents and settings\administrator\cookies\administrator@a.as-eu.falkag[1].txt (ID = 2650)
11.13: Trovati Spy Cookie: falkag cookie
11.13: c:\documents and settings\administrator\cookies\administrator@2o7[2].txt (ID = 1957)
11.13: Trovati Spy Cookie: 2o7.net cookie
11.13: c:\documents and settings\administrator\cookies\administrator@276[1].txt (ID = 1955)
11.13: Trovati Spy Cookie: 276 cookie
11.13: c:\documents and settings\administrator\cookies\administrator@247realmedia[1].txt (ID = 1953)
11.13: Trovati Spy Cookie: 247realmedia cookie
11.13: c:\documents and settings\administrator\cookies\administrator@190[2].txt (ID = 1935)
11.13: Trovati Spy Cookie: 190dotcom cookie
11.13: c:\documents and settings\administrator\cookies\administrator@127.0.0[1].txt (ID = 3281)
11.13: c:\documents and settings\administrator\cookies\administrator@0[6].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[4].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[3].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[2].txt (ID = 3282)
11.13: c:\documents and settings\administrator\cookies\administrator@0[1].txt (ID = 3282)
11.13: Trovati Spy Cookie: sandboxer cookie
11.13: Avvio scansione cookie in corso
11.12: Scansione del Registro di sistema completata. Tempo trascorso:00.00.32
11.12: HKU\S-1-5-18\software\medialoads\ (ID = 1580540)
11.12: HKU\S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping\ || {ffb51760-344e-4ffb-bfff-4b18c7ac1d63} (ID = 139398)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\medialoads\ (ID = 1580540)
11.12: Trovati Adware: great net downloadware
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search page_bak (ID = 774883)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\extensions\cmdmapping\ || {000007c6-17df-4438-92a4-de5537471ba3} (ID = 530423)
11.12: Trovati Adware: sidesearch
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\extensions\cmdmapping\ || {ffb51760-344e-4ffb-bfff-4b18c7ac1d63} (ID = 139398)
11.12: Trovati Adware: ricerchefacili
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\webbrowser\ || {b195b3b3-8a05-11d3-97a4-0004aca6948e} (ID = 127587)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\shellbrowser\ || {b195b3b3-8a05-11d3-97a4-0004aca6948e} (ID = 127585)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\explorer bars\{ff6b2fd5-093c-4d4f-bb98-5641130a9de6}\ (ID = 127574)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\toolbar\webbrowser\ || {825cf5bd-8862-4430-b771-0c15c5ca8def} (ID = 125745)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search page_bak (ID = 115925)
11.12: HKU\S-1-5-21-1645522239-412668190-839522115-500\software\microsoft\internet explorer\main\ || search bar_bak (ID = 115924)
11.12: Trovati Adware: cws-aboutblank
11.12: HKLM\system\currentcontrolset\services\google online search service\ (ID = 4397839)
11.12: HKLM\software\classes\clsid\{f250d521-225d-4d6b-8829-e064f944e180}\ (ID = 1863360)
11.12: HKCR\clsid\{f250d521-225d-4d6b-8829-e064f944e180}\ (ID = 1863357)
11.12: HKLM\software\classes\clsid\{e3a77057-d10b-b02a-d823-22e020c583b5}\ (ID = 1597455)
11.12: HKCR\clsid\{e3a77057-d10b-b02a-d823-22e020c583b5}\ (ID = 1597453)
11.12: Trovati Adware: linkoptimizer
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/olepro32.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956097)
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/msvcrt.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956095)
11.12: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/mfc42.dll\ || {e8edb60c-951e-4130-93dc-faf1ad25f8e7} (ID = 956093)
11.12: HKLM\software\microsoft\windows\currentversion\run\ || connector (ID = 928585)
11.12: Trovati Adware: comforest dialer
11.12: HKLM\software\gator.com\trickler\ (ID = 724440)
11.12: HKLM\software\gator.com\gator\ (ID = 724411)
11.12: HKLM\software\gatortest\ (ID = 639280)
11.12: HKLM\software\gator.com\ (ID = 528933)
11.11: HKCR\typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1}\ (ID = 136181)
11.11: HKLM\software\classes\typelib\{4767c447-ef15-42f2-8809-68adb7fa76f1}\ (ID = 136154)
11.11: HKLM\software\classes\interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee}\ (ID = 136147)
11.11: HKCR\interface\{4438a5dc-e00b-41a0-b0e6-b63fd3b86eee}\ (ID = 136074)
11.11: Trovati Adware: networkessentials
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\unidist.ocx (ID = 135372)
11.11: Trovati Adware: multidial
11.11: HKLM\software\classes\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (ID = 127413)
11.11: HKCR\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (ID = 127250)
11.11: Trovati Adware: hotbar/zango
11.11: HKLM\software\classes\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\ (ID = 126751)
11.11: HKCR\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\ (ID = 126731)
11.11: Trovati Adware: gain - common components
11.11: HKLM\software\microsoft\windows\currentversion\internet settings\user agent\post platform\ || iebar (ID = 125752)
11.11: HKLM\software\microsoft\internet explorer\toolbar\ || {825cf5bd-8862-4430-b771-0c15c5ca8def} (ID = 125743)
11.11: HKLM\software\classes\clsid\{be8d0059-d24d-4919-b76f-99f4a2203647}\ (ID = 125724)
11.11: HKLM\software\classes\clsid\{825cf5bd-8862-4430-b771-0c15c5ca8def}\ (ID = 125722)
11.11: HKLM\software\classes\clsid\{0a1d22c3-37be-470c-9c29-e3074ee0574b}\ (ID = 125717)
11.11: HKCR\clsid\{be8d0059-d24d-4919-b76f-99f4a2203647}\ (ID = 125694)
11.11: HKCR\clsid\{825cf5bd-8862-4430-b771-0c15c5ca8def}\ (ID = 125692)
11.11: HKCR\clsid\{0a1d22c3-37be-470c-9c29-e3074ee0574b}\ (ID = 125687)
11.11: Trovati Adware: elitebar
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admprog.dll (ID = 103524)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admfdi.dll (ID = 103523)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admdloader.dll (ID = 103522)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\admdata.dll (ID = 103521)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\adm4.dll (ID = 103520)
11.11: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\adm.exe (ID = 103519)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admprog.dll\ (ID = 103511)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admfdi.dll\ (ID = 103510)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admdloader.dll\ (ID = 103509)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/admdata.dll\ (ID = 103508)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/adm4.dll\ (ID = 103507)
11.11: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/adm.exe\ (ID = 103506)
11.11: Trovati Adware: altnet
11.11: HKCR\typelib\{a41c6220-6f42-4646-b119-fbe6f4d38e3c}\ (ID = 102483)
11.11: HKCR\clsid\{d1b80ebf-1a26-4fec-b0b9-dcb934c6507e}\ (ID = 102481)
11.11: HKCR\accesmembre.loader\ (ID = 102480)
11.11: HKCR\accesmembre.loader.1\ (ID = 102479)
11.11: Trovati Adware: accessmember
11.11: Avvio scansione Registro di sistema in corso
11.11: Scansione della memoria completata. Tempo trascorso: 00.05.59
11.05: Avvio scansione memoria in corso
11.05: HKLM\system\currentcontrolset\services\google online search service\ || imagepath (ID = 4397838)
11.05: Trovati Trojan Horse: trojan-downloader-tipikit
11.05: Avvia scansione completa
11.05: Scansione avviata utilizzando la versione delle definizioni 1314
Programma di registrazione dei tasti: Disattivato
11.05: Informativo: ShieldEmail: Start monitoring port 25 for mail activities
Allegato posta elettronica: Attivato
11.05: Informativo: ShieldEmail: Start monitoring port 110 for mail activities
Schermo BHO: Attivato
Schermo protezione IE: Attivato
Schermo Esecuzione flusso ADS (Alternate Data Stream): Attivato
Schermo di avvio: Attivato
Siti pubblicitari comuni: Disattivato
Schermo file Hosts: Attivato
Schermo Comunicazione Internet: Attivato
Schermo ActiveX.: Attivato
Schermo Servizio Windows Messenger: Attivato
Schermo Preferiti IE:: Attivato
Schermo file system: Attivato
Schermo esecuzione: Attivato
Schermo servizi di sistema: Attivato
Schermo Cattura IE: Attivato
Schermo Cookie di rilevamento IE: Disattivato
11.04: Stati degli schermi
11.04: Verifica stato licenza (0): Complimenti
11.04: Definizioni di spyware: 1314
11.04: Spy Sweeper 5.5.7.124 avviato
11.04: Spy Sweeper 5.5.7.124 avviato
11.04: | Avvio della sessione, sabato 25 ottobre 2008 |
***************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.59.06, on 25/10/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\programmi\quicktime\qttask.exe
C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SxgTkBar.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Programmi\FCM\FCMLoad.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.ilmeteo.it/index2.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {532E3F16-C2ED-3209-9850-D2EBCC525C8C} - C:\WINDOWS\danku1.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll (file missing)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmi\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Connector] C:\WINDOWS\System32\ShellExt\CNPS.EXE -n
O4 - HKLM\..\Run: [GMTZDJQWH] C:\WINDOWS\GMTZDJQWH.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\programmi\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [Amfgc] C:\Program Files\Yzhhanv\Jouguu.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [mRouterConfig] "C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe"
O4 - HKCU\..\Run: [PlugIn] C:\WINDOWS\System32/plugin.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Fantacalcio Manager 2006 - Top Edition Quick Loader.lnk = C:\Programmi\FCM\FCMLoad.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Programmi\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O8 - Extra context menu item: &Define - C:\WINDOWS\Web\ERS_DEF.HTM
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Search the Web - C:\WINDOWS\Web\ERS_SRC.HTM
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download with Star Downloader - C:\Programmi\Star Downloader\sdie.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINDOWS\Web\ERS_ENC.HTM
O8 - Extra context menu item: Scarica con Star Downloader - C:\Programmi\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.68737075.com/connect/virgban ... nect4x.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://tky09.celartem.com/en/download/d ... _it_IT.cab
O16 - DPF: {3A471221-E332-4240-A709-C6D087007ADE} - http://members.yodahosting.com/inforete/Login.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/cd/1,0, ... Membre.cab
O16 - DPF: {FFFF003C-0001-101A-A3C9-08002B2F49FB} - http://www.download-italia.com/060A005.exe
O18 - Protocol: bw+0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\WM\MySQL-4.0.16\bin\mysqld-nt.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 20585 bytes
Scan saved at 11.59.06, on 25/10/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\programmi\quicktime\qttask.exe
C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SxgTkBar.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Programmi\FCM\FCMLoad.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Programmi\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.ilmeteo.it/index2.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {532E3F16-C2ED-3209-9850-D2EBCC525C8C} - C:\WINDOWS\danku1.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll (file missing)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmi\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Connector] C:\WINDOWS\System32\ShellExt\CNPS.EXE -n
O4 - HKLM\..\Run: [GMTZDJQWH] C:\WINDOWS\GMTZDJQWH.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\programmi\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [Amfgc] C:\Program Files\Yzhhanv\Jouguu.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [mRouterConfig] "C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe"
O4 - HKCU\..\Run: [PlugIn] C:\WINDOWS\System32/plugin.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Fantacalcio Manager 2006 - Top Edition Quick Loader.lnk = C:\Programmi\FCM\FCMLoad.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Programmi\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O8 - Extra context menu item: &Define - C:\WINDOWS\Web\ERS_DEF.HTM
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Search the Web - C:\WINDOWS\Web\ERS_SRC.HTM
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download with Star Downloader - C:\Programmi\Star Downloader\sdie.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINDOWS\Web\ERS_ENC.HTM
O8 - Extra context menu item: Scarica con Star Downloader - C:\Programmi\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.68737075.com/connect/virgban ... nect4x.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://tky09.celartem.com/en/download/d ... _it_IT.cab
O16 - DPF: {3A471221-E332-4240-A709-C6D087007ADE} - http://members.yodahosting.com/inforete/Login.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/cd/1,0, ... Membre.cab
O16 - DPF: {FFFF003C-0001-101A-A3C9-08002B2F49FB} - http://www.download-italia.com/060A005.exe
O18 - Protocol: bw+0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4BC68902-F64B-4769-B257-16D6D0E6CF87} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\WM\MySQL-4.0.16\bin\mysqld-nt.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 20585 bytes