ComboFix 09-08-10.06 - Klaude3d 12/08/2009 11.30.10.1.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.3070.1364 [GMT 2:00]
Eseguito da: c:\users\Klaude3d\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\InfoSat.txt
.
((((((((((((((((((((((((( Files Creati Da 2009-07-12 al 2009-08-12 )))))))))))))))))))))))))))))))))))
.
2009-08-12 09:39 . 2009-08-12 09:39 -------- d-----w- c:\users\SS-Dobermann-SS\AppData\Local\temp
2009-08-12 09:39 . 2009-08-12 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-11 21:58 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-11 21:58 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-11 21:58 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-11 21:58 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-11 21:58 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-11 21:58 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-11 21:58 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-11 21:58 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-11 21:56 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-11 21:56 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-11 21:56 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-11 21:56 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-11 21:56 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-11 21:56 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-11 21:56 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-11 21:56 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-11 14:35 . 2009-08-11 14:35 -------- d-----w- c:\windows\system32\dllcache
2009-08-10 16:53 . 2009-08-10 16:53 -------- d-----w- c:\program files\Defraggler
2009-08-10 12:41 . 2009-08-10 12:40 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-08-10 12:40 . 2009-08-10 13:30 -------- d-----w- c:\users\Klaude3d\.housecall6.6
2009-08-09 18:05 . 2009-08-09 18:08 -------- d-----w- c:\users\Klaude3d\{11b30d6b-7372-43f8-8f8f-3967e6b452f0}
2009-08-09 17:57 . 2007-04-10 12:37 212392 ----a-w- c:\windows\system32\drivers\FeroASD504.bin
2009-08-09 17:57 . 2007-04-10 12:37 212392 ----a-w- c:\windows\system32\drivers\FeroASD503.bin
2009-08-09 17:57 . 2007-04-10 10:03 234456 ----a-w- c:\windows\system32\drivers\FeroSD406.bin
2009-08-09 17:57 . 2006-01-04 09:42 212392 ----a-w- c:\windows\system32\drivers\FeroDSD401.bin
2009-08-09 17:57 . 2005-11-07 15:42 212392 ----a-w- c:\windows\system32\drivers\FeroASD401.bin
2009-08-09 17:57 . 2005-08-29 13:42 234456 ----a-w- c:\windows\system32\drivers\FeroSD405.bin
2009-08-09 17:47 . 2009-08-09 17:49 -------- d-----w- c:\users\Klaude3d\{960dfebd-7df3-4912-ad5a-598d735c7ab7}
2009-08-07 11:58 . 2009-08-07 11:59 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\MAGIX
2009-08-07 11:56 . 2003-04-18 13:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2009-08-07 11:54 . 2009-08-07 11:57 -------- d-----w- c:\windows\system32\MAGIX
2009-08-07 11:54 . 2009-08-07 11:56 -------- d-----w- C:\MAGIX
2009-08-07 11:54 . 2002-09-20 21:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-08-07 11:54 . 1999-01-28 11:44 49152 ----a-w- c:\windows\system32\INETWH32.dll
2009-08-07 11:54 . 1998-10-15 14:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll
2009-08-06 22:10 . 2005-09-15 14:55 458752 ----a-w- c:\windows\system32\mgxoschk.dll
2009-08-06 13:39 . 2009-08-06 13:39 -------- d-----w- c:\program files\Algorithmix
2009-08-06 13:33 . 1999-07-22 10:23 36864 ------w- c:\windows\Algoui.exe
2009-08-06 10:59 . 2009-08-06 11:03 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Luxology
2009-08-06 10:57 . 2009-08-06 16:33 -------- d-----w- c:\program files\Luxology
2009-08-06 10:55 . 2009-08-06 10:55 -------- d-----w- c:\users\Klaude3d\AppData\Local\Downloaded Installations
2009-08-04 21:36 . 2008-04-07 04:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2009-08-04 10:10 . 2008-06-11 08:47 9022288 ----a-w- c:\users\Klaude3d\AppData\Roaming\TomTom\HOME\Profiles\yuu3fbhm.default\extensions\Navcore.8.010.9369@tomtom.com\8-010-9369-1.dll
2009-08-04 09:53 . 2009-08-04 09:53 -------- d-----w- c:\progra~2\TomTom
2009-08-04 09:52 . 2009-08-04 09:52 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\TomTom
2009-08-04 09:52 . 2009-08-04 09:52 -------- d-----w- c:\users\Klaude3d\AppData\Local\TomTom
2009-08-04 09:51 . 2009-08-04 09:51 -------- d-----w- c:\program files\TomTom International B.V
2009-08-04 09:51 . 2009-08-04 09:51 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-04 09:50 . 2009-08-04 09:50 -------- d-----w- c:\program files\TomTom DesktopSuite
2009-07-31 23:09 . 2009-08-10 22:23 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\vlc
2009-07-28 20:26 . 2009-07-28 20:26 -------- d-----w- c:\users\Klaude3d\AppData\Local\Nero
2009-07-26 22:31 . 2009-07-26 22:31 -------- d-----w- c:\program files\SIM Secretary
2009-07-26 22:12 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-07-26 21:54 . 2003-06-03 09:51 34825 ----a-w- c:\windows\system32\drivers\IMT0521.sys
2009-07-26 21:54 . 2009-07-26 21:57 -------- d-----w- c:\users\Klaude3d\{68b4e33b-4ba4-48a1-bd4e-2aee92bf79b9}
2009-07-26 18:11 . 2009-07-26 18:11 -------- d-----w- c:\users\Klaude3d\AppData\Local\Activision
2009-07-26 17:43 . 2009-07-26 17:43 -------- d-----w- c:\program files\Activision
2009-07-23 22:08 . 2009-07-23 22:08 -------- d-----w- c:\program files\Common Files\Skype
2009-07-20 16:35 . 2009-07-20 16:35 -------- d-----w- c:\program files\iPod
2009-07-19 15:40 . 2009-07-19 15:40 -------- d-----w- c:\users\Klaude3d\AppData\Local\BVRP Software
2009-07-18 22:48 . 2009-07-18 22:48 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-17 22:17 . 2009-07-17 22:17 -------- d--h--w- C:\Classes
2009-07-17 08:02 . 2009-08-12 09:39 -------- d-----w- c:\users\Klaude3d\AppData\Local\temp
2009-07-15 10:23 . 2009-07-20 23:18 -------- d-----w- C:\FindyKill
2009-07-15 06:07 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 06:07 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 06:07 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-15 06:07 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-13 13:41 . 2009-07-13 13:41 -------- d-----w- c:\users\Klaude3d\AppData\Local\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-12 09:32 . 2009-02-05 18:37 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Skype
2009-08-12 08:03 . 2009-02-05 18:40 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\skypePM
2009-08-12 08:02 . 2009-07-20 23:05 32156 ----a-w- c:\progra~2\nvModes.dat
2009-08-12 05:41 . 2009-02-07 17:13 -------- d-----w- c:\progra~2\Google Updater
2009-08-12 01:03 . 2009-02-03 16:54 -------- d-----w- c:\progra~2\NVIDIA
2009-08-11 22:01 . 2009-02-05 23:05 -------- d-----w- c:\progra~2\Microsoft Help
2009-08-11 22:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-10 21:54 . 2009-02-04 12:58 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\USBSafelyRemove
2009-08-10 21:14 . 2006-11-06 01:52 673790 ----a-w- c:\windows\system32\perfh010.dat
2009-08-10 21:14 . 2006-11-06 01:52 124488 ----a-w- c:\windows\system32\perfc010.dat
2009-08-10 12:30 . 2009-02-03 22:41 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-09 17:57 . 2009-02-03 23:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-08 13:28 . 2009-07-09 12:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-08 13:25 . 2009-08-07 23:56 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-08-08 13:25 . 2009-02-03 22:48 -------- d-----w- c:\program files\Java
2009-08-08 12:56 . 2009-02-03 15:23 157280 ----a-w- c:\users\Klaude3d\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-07 11:55 . 2009-08-07 11:55 4608 ----a-w- c:\windows\system32\w95inf32.dll
2009-08-07 11:55 . 2009-08-07 11:55 2272 ----a-w- c:\windows\system32\w95inf16.dll
2009-08-07 11:55 . 2009-08-07 11:55 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2009-08-07 11:22 . 2009-04-09 16:04 -------- d-----w- c:\progra~2\Installations
2009-08-07 11:22 . 2009-04-09 15:59 -------- d-----w- c:\program files\Common Files\Nokia
2009-08-07 11:22 . 2009-04-09 15:54 -------- d-----w- c:\program files\Nokia
2009-08-05 11:34 . 2009-03-19 11:31 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Winamp
2009-08-03 11:36 . 2009-07-09 12:00 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 11:36 . 2009-07-09 12:00 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-02 17:14 . 2009-02-04 07:34 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-30 14:55 . 2009-05-24 16:36 -------- d-----w- c:\progra~2\AQ
2009-07-23 22:10 . 2009-02-05 18:35 -------- d-----r- c:\program files\Skype
2009-07-23 22:08 . 2009-02-05 18:35 -------- d-----w- c:\progra~2\Skype
2009-07-20 16:35 . 2009-06-08 16:30 -------- d-----w- c:\program files\iTunes
2009-07-20 16:35 . 2009-04-06 16:54 -------- d-----w- c:\program files\Common Files\Apple
2009-07-19 18:14 . 2009-07-19 18:14 52962 ----a-w- c:\windows\inf\Nokia Music\0010\tmp1C07.tmp
2009-07-19 18:14 . 2009-07-19 18:14 52962 ----a-w- c:\windows\inf\Nokia Music\0009\tmp1C07.tmp
2009-07-19 18:14 . 2009-07-19 18:14 52962 ----a-w- c:\windows\inf\Nokia Music\0000\tmp1C07.tmp
2009-07-19 18:14 . 2009-07-19 18:14 1657 ----a-w- c:\windows\inf\Nokia Music\tmp1C08.tmp
2009-07-19 17:41 . 2009-05-03 13:04 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\vghd
2009-07-19 17:33 . 2009-04-19 13:57 -------- d-----w- c:\program files\Manifold Toolbar
2009-07-19 17:32 . 2009-02-06 00:46 -------- d-----w- c:\program files\MSN Messenger
2009-07-19 17:32 . 2009-02-04 00:01 -------- d-----w- c:\program files\Windows Live
2009-07-19 17:25 . 2009-05-24 16:52 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Juce VST Host
2009-07-18 22:57 . 2009-02-03 16:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-18 22:57 . 2009-02-03 16:41 -------- d-----w- c:\program files\AGEIA Technologies
2009-07-18 16:06 . 2009-07-29 07:38 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-29 07:38 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-29 07:38 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-15 10:47 . 2009-06-21 12:08 -------- d-----w- c:\program files\AVS4YOU
2009-07-13 21:37 . 2009-03-30 17:51 -------- d-----w- c:\program files\Safari
2009-07-10 14:15 . 2009-07-10 14:15 680 ----a-w- c:\users\Default\AppData\Local\d3d9caps.dat
2009-07-10 14:06 . 2009-07-10 14:06 -------- d-----w- c:\users\Default\AppData\Roaming\Malwarebytes
2009-07-10 05:01 . 2009-02-03 16:39 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-07-09 12:00 . 2009-07-09 12:00 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Malwarebytes
2009-07-09 12:00 . 2009-07-09 12:00 -------- d-----w- c:\progra~2\Malwarebytes
2009-07-09 11:35 . 2009-07-09 09:55 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-07-09 09:19 . 2009-02-03 22:56 -------- d-----w- c:\program files\Trillian
2009-07-08 23:24 . 2009-04-09 16:01 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-08 23:11 . 2009-07-08 23:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-07-08 22:44 . 2009-07-08 22:44 20914549 ----a-w- c:\users\Klaude3d\AppData\Roaming\Nokia\Nokia Download!\Temp\Nokia_Download_newUI_2.1.19.0_setup.exe
2009-07-08 12:25 . 2009-04-14 00:03 -------- d-----w- c:\progra~2\Nokia
2009-07-08 12:10 . 2009-04-09 16:09 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\Nokia
2009-07-05 12:11 . 2009-06-17 22:20 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\MessengerDiscovery 2
2009-06-28 16:06 . 2009-06-28 16:06 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-06-28 15:45 . 2009-06-28 15:45 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-06-28 15:41 . 2009-04-09 15:59 -------- d-----w- c:\program files\DIFX
2009-06-28 15:27 . 2009-06-28 15:27 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-06-26 22:42 . 2009-06-26 22:42 -------- d-----w- c:\progra~2\Thunder Network
2009-06-26 22:40 . 2009-06-26 22:40 20 ----a-w- c:\windows\system32\pub_store.dat
2009-06-26 22:40 . 2009-06-26 22:40 -------- d-----w- c:\program files\Common Files\Thunder Network
2009-06-26 22:40 . 2009-06-26 22:40 -------- d-----w- c:\program files\Thunder Network
2009-06-21 21:56 . 2009-05-31 12:23 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\NCH Software
2009-06-21 21:55 . 2009-05-31 12:23 -------- d-----w- c:\progra~2\NCH Software
2009-06-21 13:24 . 2009-06-21 12:08 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-21 12:28 . 2009-02-04 09:19 -------- d-----w- c:\program files\MessengerDiscovery
2009-06-21 12:10 . 2009-06-21 12:10 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\AVS4YOU
2009-06-21 12:10 . 2009-06-21 12:10 -------- d-----w- c:\progra~2\AVS4YOU
2009-06-21 11:53 . 2009-02-16 23:40 -------- d-----w- c:\program files\DirectVobSub
2009-06-21 11:53 . 2009-02-16 23:45 -------- d-----w- c:\program files\OpenSource Flash Video Splitter
2009-06-21 11:52 . 2009-02-16 23:45 -------- d-----w- c:\program files\CD Audio Reader Filter
2009-06-21 11:52 . 2009-02-16 23:43 -------- d-----w- c:\program files\SHOUTcast Source
2009-06-21 11:52 . 2009-02-16 23:42 -------- d-----w- c:\program files\DSP-worx
2009-06-21 11:52 . 2009-06-08 11:06 -------- d-----w- c:\program files\DivX
2009-06-21 11:52 . 2009-02-16 23:45 -------- d-----w- c:\program files\RealMedia
2009-06-21 11:51 . 2009-06-08 11:07 -------- d-----w- c:\users\Klaude3d\AppData\Roaming\DivX
2009-06-10 16:33 . 2009-06-10 16:33 9899296 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-06-10 16:33 . 2009-06-10 16:33 678432 ----a-w- c:\windows\system32\nvcuvid.dll
2009-06-10 16:33 . 2009-06-10 16:33 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-06-10 16:33 . 2009-06-10 16:33 3148288 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-06-10 16:33 . 2009-06-10 16:33 1704960 ----a-w- c:\windows\system32\nvcuda.dll
2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod155.dll
2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-06-10 16:33 . 2009-06-10 16:33 1317408 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-06-10 16:33 . 2009-06-10 16:33 10379264 ----a-w- c:\windows\system32\nvoglv32.dll
2009-06-10 16:33 . 2009-01-15 07:19 989696 ----a-w- c:\windows\system32\nvapi.dll
2009-06-10 16:33 . 2009-01-15 07:19 7611904 ----a-w- c:\windows\system32\nvd3dum.dll
2009-06-10 06:35 . 2009-06-10 06:35 1505824 ----a-w- c:\windows\system32\nvcpluir.dll
2009-06-10 06:35 . 2009-06-10 06:35 1358368 ----a-w- c:\windows\system32\nvsvsr.dll
2009-06-10 06:35 . 2009-06-10 06:35 1194528 ----a-w- c:\windows\system32\nvcplui.exe
2009-06-10 06:35 . 2009-06-10 06:35 1296928 ----a-w- c:\windows\system32\nvsvs.dll
2009-06-10 04:33 . 2009-06-10 04:33 244736 ----a-w- c:\windows\system32\nvStInst.exe
2009-06-10 04:33 . 2009-06-10 04:33 467968 ----a-w- c:\windows\system32\nvstlink.exe
2009-06-10 04:33 . 2009-06-10 04:33 3953152 ----a-w- c:\windows\system32\nvstwiz.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2009-01-04 743936]
"SplitCam"="c:\program files\SplitCam\SplitCam.exe" [2006-09-09 990208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Camtasia Recorder"="c:\program files\TechSmith\Camtasia Studio 6\CamRecorder.exe" [2008-10-10 2678104]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904]
"Camfrog"="c:\program files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2009-06-16 41800]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-07-09 15872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13785632]
"NokiaMusic FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-10 149280]
c:\users\Klaude3d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CamRecorder.exe [2004-3-29 1208320]
c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
SIDA.Connect.lnk - c:\aq\supdate.exe [2008-12-10 2151936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^C6 Messenger.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\C6 Messenger.lnk
backup=c:\windows\pss\C6 Messenger.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Klaude3d^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.LNK]
path=c:\users\Klaude3d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.LNK
backup=c:\windows\pss\DesktopVideoPlayer.LNK.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Klaude3d^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=c:\users\Klaude3d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Klaude3d^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Skype.lnk]
path=c:\users\Klaude3d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
backup=c:\windows\pss\Skype.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-736386715-1995483522-3099797811-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C9AA8625-2775-4BE3-B22E-EA7AB9301DDC}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{2E21C932-C153-47E8-8425-75C5E02D4963}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{27FA73E1-B0C1-43AA-A03E-3E41F41D7449}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{C6BAFD06-DC36-40B9-B3C7-6E68F7EF259A}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{83759BA0-7AEB-47D3-A7C4-0810D871DA42}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{B642A33D-7A96-4BE2-8A9F-2ED2EAE19C22}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{65DC7B7B-DE10-42F9-B673-A1DD6B3DCA1A}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{E79B185D-420E-431E-9589-4E6E39230FCD}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{E1FC2BC2-B904-4869-90AC-7F060EA864A1}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{A849A248-80C9-4A37-926E-F5381B6A064D}c:\\users\\klaude3d\\desktop\\emule\\emule.exe"= UDP:c:\users\klaude3d\desktop\emule\emule.exe:emule.exe
"UDP Query User{CB89BD28-C45E-45BA-998D-9E55B8144F24}c:\\users\\klaude3d\\desktop\\emule\\emule.exe"= TCP:c:\users\klaude3d\desktop\emule\emule.exe:emule.exe
"{BBE9F3AD-F195-4CB0-B4D0-F3B85AEC6752}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{0BF80177-884C-4CAD-A1BC-26A0A045C4D4}"= UDP:5353:Adobe CSI CS4
"{BFF560FD-31C0-487E-B08E-502B90E1B215}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{9EB671B6-EFC4-43FF-AB0B-3ACA4F847963}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{CFDEC7C7-FA92-4110-BF47-843FABB49699}"= UDP:3703:Adobe Version Cue CS4 Server
"{0A4FC547-467E-4014-B814-5E5EB2FF690F}"= UDP:3704:Adobe Version Cue CS4 Server
"{022FECC8-AF00-4A39-A4D0-E05304CBD2C7}"= UDP:51000:Adobe Version Cue CS4 Server
"{9E627405-3275-4D16-91D1-20782AEA035E}"= UDP:51001:Adobe Version Cue CS4 Server
"{85BCE220-73D5-4A59-96C1-0F38AC7BE05B}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{1BD8E142-9594-475E-83AA-A15E65DEF829}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{6EDDD184-E6D9-4317-AA84-39A7A9C91A3A}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{77DE7EF1-9700-40F3-B5DD-FA00CC563F85}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6EBCA6E1-61F4-46F8-8292-937817B130AE}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{D06DDC06-8A67-4BBF-8046-38D6894D177D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{339E7B55-A4B0-4DDA-83F3-AC5FEB63D664}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{88085790-D132-4718-B1B1-C90AAF3C5D1D}c:\\program files\\next limit\\realflow4\\realflow.exe"= UDP:c:\program files\next limit\realflow4\realflow.exe:realflow
"UDP Query User{C3757EB5-C4AC-480A-90DF-C6AF4496237D}c:\\program files\\next limit\\realflow4\\realflow.exe"= TCP:c:\program files\next limit\realflow4\realflow.exe:realflow
"TCP Query User{17F06F46-A6A6-4DB9-A924-4789B3DCE711}c:\\users\\klaude3d\\desktop\\power-script.0.2.1\\mirc.exe"= UDP:c:\users\klaude3d\desktop\power-script.0.2.1\mirc.exe:mirc.exe
"UDP Query User{6A738567-1673-416B-A95E-AD361D96012A}c:\\users\\klaude3d\\desktop\\power-script.0.2.1\\mirc.exe"= TCP:c:\users\klaude3d\desktop\power-script.0.2.1\mirc.exe:mirc.exe
"TCP Query User{AC7DCB96-374F-4F38-B97F-1A024ECB694C}c:\\power-script.0.2.1\\mirc.exe"= UDP:c:\power-script.0.2.1\mirc.exe:PoWeR-Script
"UDP Query User{74F13F3C-D7D7-4CAD-901E-D997C208F42E}c:\\power-script.0.2.1\\mirc.exe"= TCP:c:\power-script.0.2.1\mirc.exe:PoWeR-Script
"TCP Query User{C0F075D4-53DF-4D11-AAB7-C1336B857426}c:\\flashcad_composer\\flashcad.exe"= UDP:c:\flashcad_composer\flashcad.exe:FlashCAD
"UDP Query User{9712F55B-8C69-4495-84D2-2434D776D732}c:\\flashcad_composer\\flashcad.exe"= TCP:c:\flashcad_composer\flashcad.exe:FlashCAD
"{26B86C2A-4476-4E51-861D-D64FD76FACE8}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"TCP Query User{D65D46F2-6FC1-4A59-99A6-270A3631BD61}c:\\flashcad\\flashcad.exe"= UDP:c:\flashcad\flashcad.exe:FlashCAD
"UDP Query User{8E835343-E529-4E16-B46D-868E8011EEF1}c:\\flashcad\\flashcad.exe"= TCP:c:\flashcad\flashcad.exe:FlashCAD
"TCP Query User{9D9A88B1-B8F4-45FB-9102-FEE52081D9F2}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= UDP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"UDP Query User{157429BE-6144-47A5-BB7E-C2DAB8A8E85F}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= TCP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"{8FFAEE71-5F3A-4164-9AEB-121088906BE1}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{160AF601-6BD6-446C-B699-D89123F9568D}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{874410AB-B1FB-4675-8273-F9474BACC5E3}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{990C1BD5-18A6-40AD-916B-AC4BA07AC682}"= Disabled:UDP:443:Porta TCP ooVoo 443
"{4D8E1ADF-94C4-438B-9222-1808DE785D5F}"= Disabled:TCP:443:Porta UDP ooVoo 443
"{969E62F6-92AF-4D52-8D38-E8FFDD06D4F9}"= Disabled:UDP:37674:Porta TCP ooVoo 37674
"{43A7F9F8-A1FE-470A-9313-DC05D0509747}"= Disabled:TCP:37674:Porta UDP ooVoo 37674
"{3D1DF0B0-168E-4A48-B7AC-52DDFC0E227E}"= Disabled:TCP:37675:Porta UDP ooVoo 37675
"TCP Query User{DFD0E3EE-7FC5-431C-9A2B-B33A0F895CAB}c:\\c6 messenger\\plugin\\fsmodule\\c6filesharing.exe"= UDP:c:\c6 messenger\plugin\fsmodule\c6filesharing.exe:C6 Scambia File
"UDP Query User{48E999EC-A6E2-4D5F-8972-2932F20B4195}c:\\c6 messenger\\plugin\\fsmodule\\c6filesharing.exe"= TCP:c:\c6 messenger\plugin\fsmodule\c6filesharing.exe:C6 Scambia File
"{13B629EF-0A0D-407C-B5E0-FA891EB3FCCD}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{FEC07F1C-82C1-476F-8359-E42B25EACB29}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{897E0A5E-5DF2-423B-AB0D-513F4E08DD08}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{B8BB78E7-61A2-4777-998F-5D58F7FD8195}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{60562E9F-0AC1-43BF-86EB-AF080E3EA4B3}c:\\c6 messenger\\plugin\\fsmodule\\c6filesharing.exe"= UDP:c:\c6 messenger\plugin\fsmodule\c6filesharing.exe:C6 Scambia File
"UDP Query User{2EA7BE2F-B4A2-4E25-8F30-A47CD99812AE}c:\\c6 messenger\\plugin\\fsmodule\\c6filesharing.exe"= TCP:c:\c6 messenger\plugin\fsmodule\c6filesharing.exe:C6 Scambia File
"{0DBDED3A-43F6-498F-A6AF-2F25A38CADD0}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
"{95FFBFE6-1EB0-4BF4-824A-B587C88BA141}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8D7900B8-508B-4199-9FD8-BDE0F72037E7}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B5D3A034-1DBD-4FBE-BEE5-CA528381C2C5}"= UDP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:TwonkyMedia
"{71692943-05EE-4314-9D19-AEE20B4EFDEF}"= TCP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:TwonkyMedia
"{38C784F0-9F01-4A88-9CAA-77993D6DC4C0}"= UDP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:TwonkyMediaServer
"{D2860F82-4550-40F2-850B-C75791C3CF07}"= TCP:c:\program files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:TwonkyMediaServer
"{DD8B68BA-9BC7-4076-969A-DC8BFAEAE692}"= UDP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{FA5F14F3-798E-4009-A570-4E0D1E6CA19C}"= TCP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{2D35C5EE-7FD0-4975-AC49-D5A3F86C6627}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{8650FC83-D8C2-4FA6-B354-F22A71011E48}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{4AB7A7AC-5A32-4529-BFA3-9EA9F834A1FA}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{4487C37E-746E-4C32-83B7-ECC0346E6F08}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{3CFE7E57-63D6-468A-A592-380EBE142A07}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{4E51B7DF-293A-4C96-AE2E-54C118316F17}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{88508258-BFA9-4A79-9553-E69DA8D5C82F}"= UDP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{0D0C84CA-61F6-40BD-BA7F-A91041BB1D37}"= TCP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{81FD4A1E-D97F-4FBB-9679-7C3637558B56}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
"{C176CF59-24A8-4D0A-B153-5892FC937CD2}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
"{87DD530E-5BE3-4C5E-94C6-2A43F3D3BB8D}"= UDP:c:\users\Klaude3d\Downloads\guardian.sisx:guardian
"{1329BB00-B379-48CC-84FF-CBCE40D707C3}"= TCP:c:\users\Klaude3d\Downloads\guardian.sisx:guardian
"{171760A2-6405-491E-ABAC-A3C641AABCCD}"= UDP:c:\program files\Nokia\PC Connectivity Solution\NclInstaller.exe:NclInstaller
"{6146B3A0-35EE-42E0-A634-CB7C3FB8ECE3}"= TCP:c:\program files\Nokia\PC Connectivity Solution\NclInstaller.exe:NclInstaller
"TCP Query User{8E17B86B-8FA6-42DE-9199-BDCC9FDE7636}c:\\program files\\icuii\\icuii.exe"= Disabled:UDP:c:\program files\icuii\icuii.exe:ICUII Video Chat Client
"UDP Query User{65346FDF-4A57-4EE9-BBE2-AD290C353FAF}c:\\program files\\icuii\\icuii.exe"= Disabled:TCP:c:\program files\icuii\icuii.exe:ICUII Video Chat Client
"{DDAD558A-750A-4B2A-A3AF-C0AD93A5F397}"= Disabled:UDP:c:\program files\Total Uninstall 5\Tu.exe:Total Uninstall 5
"{6B194647-8990-47C0-80AA-16EC19F7994A}"= Disabled:TCP:c:\program files\Total Uninstall 5\Tu.exe:Total Uninstall 5
"{671B7ADE-6E19-4B87-9CC1-4BBC23C391D1}"= Disabled:UDP:c:\program files\Total Uninstall 5\TuAgent.exe:TuAgent
"{050E5619-2E91-422B-B1AB-8E0317918EF4}"= Disabled:TCP:c:\program files\Total Uninstall 5\TuAgent.exe:TuAgent
"{34F52D46-79F7-4781-99C0-9923FCA153F3}"= Disabled:UDP:c:\program files\Total Uninstall 5\TuStarter.exe:TuStarter
"{1CB99F34-E2AF-40A4-A763-C08FD08EE565}"= Disabled:TCP:c:\program files\Total Uninstall 5\TuStarter.exe:TuStarter
"TCP Query User{65A1DA3A-0942-4080-A3DA-E0F1A78AC4E0}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{275E2F3E-8FE0-4EE5-B893-DE3428A905FF}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{4CBC4944-BC6E-48CD-AFA5-15FEF875A57A}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{8CE6BB3E-1A1A-44D7-98B0-9F17E20C2B7E}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{0D9E3424-099B-4C50-B3D4-627AEB6ED8ED}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{877D84F0-488D-4D2D-9DFB-996A1E1767D4}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{3F79E6EF-9669-40EB-AB5E-97D1E32AFC05}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{5ED57799-5E5B-4FCB-85A9-1DBA1C539354}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{4C455322-C205-413E-9B1E-E67D1D68F58C}c:\\program files\\amsn\\bin\\wish.exe"= UDP:c:\program files\amsn\bin\wish.exe:Wish Application
"UDP Query User{1B131684-0ACD-4C0F-8B3B-E041786BF558}c:\\program files\\amsn\\bin\\wish.exe"= TCP:c:\program files\amsn\bin\wish.exe:Wish Application
"TCP Query User{B052CE0B-8E78-4188-B17A-8A47E6ADD2A3}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exe:DC++
"UDP Query User{69794E02-85ED-4015-BC13-7CDF467EA35D}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exe:DC++
"{B84819F4-BF99-41BF-8F55-E291C5D5F065}"= UDP:c:\windows\Temp\~os7060.tmp\ossproxy.exe:ossproxy.exe
"{3F5139DF-9B37-41FE-A3B7-26EFB19A1827}"= UDP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{E3CB033A-5202-4C27-AB98-1F2BB008200A}"= TCP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{CCA776D8-4B25-4E9E-9B1C-4AD1723DAF50}"= UDP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{BB797303-0D80-423B-9885-8AB4264C57B5}"= TCP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{24A67AD6-1B6B-4598-B9B6-C213ADB77676}"= UDP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{5BC04D40-78BF-4796-9F32-8521834C2D3A}"= TCP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{2ADC481D-6D93-4DF3-AA84-AADE86B79047}"= UDP:c:\program files\Autodesk\3ds Max 2010\3dsmax.exe:Autodesk 3ds Max 2010 32-bit
"{94620FC5-91A4-4900-B020-58415F1E5264}"= TCP:c:\program files\Autodesk\3ds Max 2010\3dsmax.exe:Autodesk 3ds Max 2010 32-bit
"{8250D3D7-FE69-4C92-8F0A-B9BC997147D5}"= UDP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe:mental ray satellite server for Autodesk 3ds Max 2010 32-bit
"{81732BB1-76F6-4876-A28A-B0F7A977810A}"= TCP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe:mental ray satellite server for Autodesk 3ds Max 2010 32-bit
"{81F3F4C1-DD0D-409A-98D3-69570245589F}"= UDP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe:mental ray satellite for Autodesk 3ds Max 2010 32-bit
"{36F822EA-F37D-440D-87BF-FCC0789AD8CF}"= TCP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe:mental ray satellite for Autodesk 3ds Max 2010 32-bit
"{18C8D750-53AA-4DF8-B6DB-A2605C11C40E}"= UDP:86:BroadCam Web Server
"{B3190357-4B73-4961-9193-506A609B9656}"= UDP:c:\aq\supdate.exe:SIDA.Connect
"{6AD63DC6-B0AE-4656-B2EC-B9332E73CCFE}"= TCP:c:\aq\supdate.exe:SIDA.Connect
"{C0AE53D5-1797-405A-8E2F-2EC7EFE206D7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A442C1E5-29E3-4D32-82B8-1B9BCCCB64A9}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{F0D4BE5E-DFFD-4988-8365-E3C2FE173246}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{F01A88C1-C8BC-48DF-BFE2-8E5362809B54}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{0A83A220-8F43-4362-9D27-E1FCC8FC3741}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{73CCEDA3-0E68-408C-A216-FB7E0E4F17B3}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2009/04/03 20:41];c:\program files\CyberLink\PowerDVD8\000.fcl [05/03/2009 01.47.50 87536]
R2 DigiNet;Digidesign Ethernet Support;c:\windows\System32\drivers\diginet.sys [18/02/2009 13.45.12 16400]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [12/03/2009 17.36.24 86016]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\System32\nvSCPAPISvr.exe [10/06/2009 06.33.00 232960]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [03/06/2009 14.46.36 92008]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [04/02/2009 14.58.49 208144]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [19/02/2008 03.15.38 106496]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16.28.36 1533808]
S2 gupdate1c9c36be6dd4e70;Servizio di Google Update (gupdate1c9c36be6dd4e70);c:\program files\Google\Update\GoogleUpdate.exe [22/04/2009 19.00.54 133104]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0
c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0
S3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;c:\windows\System32\drivers\IMT0521.sys [26/07/2009 23.54.59 34825]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19/03/2009 14.48.18 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19/03/2009 14.48.12 8320]
S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 06.46.20 284016]
S4 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [03/02/2009 17.57.16 33752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: ?????? - c:\program files\Thunder Network\Thunder\Program\geturl.htm
IE: ?????????? - c:\program files\Thunder Network\Thunder\Program\getallurl.htm
TCP: {456BCF8F-B8B7-44C9-9FC9-31E04622AE59} = 85.37.17.57 85.38.28.80
FF - ProfilePath - c:\users\Klaude3d\AppData\Roaming\Mozilla\Firefox\Profiles\8rsu1hh0.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft Research\HD View\nphdview.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPC6Helper.dll
FF - plugin: c:\users\Klaude3d\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-08-12 11:39
Windows 6.0.6001 Service Pack 1 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-736386715-1995483522-3099797811-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77C79333-22E7-DB6E-EB65-829DEBBF482A}*]
"hafjbahbcoaekpmd"=hex:6b,61,61,69,66,68,69,6c,64,65,63,65,68,62,69,68,6c,61,
6a,6a,65,66,00,00
"ialklbndnjaglgoeih"=hex:6b,61,61,69,66,68,69,6c,64,65,63,65,68,62,69,68,6c,61,
6a,6a,65,66,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'Explorer.exe'(5972)
c:\program files\Trillian\events.dll
.
Ora fine scansione: 2009-08-12 11.41.48
ComboFix-quarantined-files.txt 2009-08-12 09:41
Pre-Run: 21.127.860.224 byte disponibili
Post-Run: 21.157.335.040 byte disponibili
508 --- E O F --- 2009-08-11 22:02