Log created by WinPatrol [FREE Edition] version 16.1.2009.1:16.1.2009.1
Scan saved at 12:02:30 AM, on 7/30/2009
Platform: Windows XP SP3 Service Pack 3 (Build 2600)
MSIE: Internet Explorer (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\PROGRAMMI\Unlocker\UNLOCKERASSISTANT.EXE
C:\PROGRAMMI\VISTA DRIVE ICON\DrvIcon.exe
C:\PROGRAMMI\McAfee.com\Agent\mcagent.exe
C:\PROGRAMMI\Creative\SOUND BLASTER X-FI\VOLUME PANEL\VolPanlu.exe
C:\PROGRAMMI\VISUAL TOOLTIP\VISUALTOOLTIP.EXE
C:\PROGRAMMI\ASUS\ASUS REMOTE\REMOTECONTROLAPPL.EXE
C:\PROGRAMMI\Java\jre6\bin\jusched.exe
C:\PROGRAMMI\CYBERLINK\POWERCINEMA\PCMAgent.exe
C:\PROGRAMMI\CYBERLINK\TV ENHANCE\TVESERVICE.EXE
D:\Programmi\CyberLink\InstantBurn\Win2K\IBurn.exe
D:\PROGRAMMI\CYBERLINK\Power2Go\CLMLSvc.exe
D:\PROGRAMMI\CYBERLINK\POWERDVD8\PDVD8SERV.EXE
C:\PROGRAMMI\CYBERLINK\SHARED FILES\brs.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRAMMI\LEXMARK 7300 SERIES\lxcimon.exe
C:\PROGRAMMI\LEXMARK 7300 SERIES\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAMMI\LClock\LClock.exe
C:\PROGRAMMI\WINDOWS SIDEBAR\sidebar.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\PROGRAMMI\FILE COMUNI\LIGHTSCRIBE\LIGHTSCRIBECONTROLPANEL.EXE
C:\PROGRAMMI\Nokia\NOKIA PC SUITE 7\PCSuite.exe
C:\PROGRAMMI\FILE COMUNI\Apple\MOBILE DEVICE SUPPORT\bin\APPLEMOBILEDEVICESERVICE.EXE
C:\WINDOWS\system32\ASTSRV.EXE
C:\PROGRAMMI\Bonjour\MDNSRESPONDER.EXE
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\PROGRAMMI\Java\jre6\bin\jqs.exe
C:\PROGRAMMI\FILE COMUNI\LIGHTSCRIBE\LSSrvc.exe
C:\Programmi\McAfee\MSC\mcmscsvc.exe
C:\PROGRAMMI\FILE COMUNI\McAfee\MNA\McNASvc.exe
C:\Programmi\File comuni\McAfee\McProxy\McProxy.exe
C:\Programmi\McAfee\VirusScan\Mcshield.exe
C:\PROGRAMMI\McAfee\MPF\MpfSrv.exe
C:\PROGRAMMI\FILE COMUNI\Nero\NERO BACKITUP 4\NBSERVICE.EXE
C:\PROGRAMMI\ADVANCED REGISTRY DOCTOR\REGMANSERV.EXE
C:\PROGRAMMI\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
C:\PROGRAMMI\FILE COMUNI\ROXIO SHARED\10.0\SHAREDCOM\ROXWATCH10.EXE
D:\PROGRAMMI\Photodex\PROSHOWPRODUCER\SCSIACCESS.EXE
C:\PROGRAMMI\CYBERLINK\TV ENHANCE\Kernel\TV\TVECAPSVC.EXE
C:\PROGRAMMI\CYBERLINK\TV ENHANCE\Kernel\TV\TVESched.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\PROGRAMMI\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRAMMI\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLUSBSRV.EXE
C:\PROGRAMMI\PC CONNECTIVITY SOLUTION\TRANSPORTS\NclRSSrv.exe
C:\PROGRAMMI\FILE COMUNI\ROXIO SHARED\10.0\SHAREDCOM\ROXMEDIADB10.EXE
C:\Programmi\McAfee\VirusScan\mcsysmon.exe
C:\PROGRAMMI\INTERNET EXPLORER\iexplore.exe
D:\PROGRAMMI\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\WINDOWS\system32\wuauclt.exe
D:\PROGRAMMI\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: - {5C255C8A-E604-49b4-9D64-90988571CECB} -
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programmi\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Programmi\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programmi\kikin\ie_kikin.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programmi\Styler\TB\StylerTB.dll
O3 - Toolbar: Searchme Toolbar - {4d02e7e6-5930-4b51-b9b0-9f21b3789400} - mscoree.dll
O3 - Toolbar: - Locked -
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [UnlockerAssistant]C:\Programmi\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [DrvIcon]C:\Programmi\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [mcagent_exe]C:\Programmi\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [VolPanel]C:\Programmi\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe /r
O4 - HKLM\..\Run: [VisualTooltip]C:\Programmi\Visual ToolTip\VisualToolTip.exe
O4 - HKLM\..\Run: [RemoteControl]C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Programmi\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [PCMAgent]C:\Programmi\CyberLink\PowerCinema\PCMAgent.exe
O4 - HKLM\..\Run: [TVEService]C:\Programmi\CyberLink\TV Enhance\TVEService.exe
O4 - HKLM\..\Run: [InstantBurn]d:\Programmi\CyberLink\InstantBurn\Win2K\IBurn.exe
O4 - HKLM\..\Run: [CLMLServer]d:\Programmi\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Run: [P2Go_Menu]d:\Programmi\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe d:\Programmi\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0
O4 - HKLM\..\Run: [UpdatePDRShortCut]d:\Programmi\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe d:\Programmi\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter
O4 - HKLM\..\Run: [RemoteControl8]d:\Programmi\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut]d:\Programmi\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [BDRegion]C:\Programmi\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [UpdatePPShortCut]d:\Programmi\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe d:\Programmi\CyberLink\PowerProducer update Software\CyberLink\PowerProducer\5.0
O4 - HKLM\..\Run: [QuickTime Task]C:\Programmi\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [lxcimon.exe]C:\Programmi\Lexmark 7300 Series\lxcimon.exe
O4 - HKLM\..\Run: [EzPrint]C:\Programmi\Lexmark 7300 Series\ezprint.exe
O4 - HKLM\..\Run: [WinPatrol [FREE Edition]]d:\Programmi\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock]C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [Sidebar]C:\Programmi\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg]C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr]C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe /background
O4 - HKCU\..\Run: [LightScribe Control Panel]C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray]C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Programmi\Java\jre6\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab Class) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (http://fpdownload.macromedia.com/get/fl ... /ultrashim) - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - - C:\Programmi\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter - - C:\Programmi\Java\jre6\bin\jqs.exe -service -config C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe -service
O23 - Service: McAfee Services - McAfee, Inc. - C:\Programmi\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent - McAfee, Inc. - c:\programmi\file comuni\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner - McAfee, Inc. - C:\Programmi\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service - McAfee, Inc. - c:\Programmi\File comuni\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner - McAfee, Inc. - C:\Programmi\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards - McAfee, Inc. - C:\Programmi\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service - McAfee, Inc. - C:\Programmi\McAfee\MPF\MpfSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Registry Management Service - - C:\Programmi\Advanced Registry Doctor\RegManServ.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) - - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - D:\Programmi\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - D:\Programmi\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ScsiAccess - - d:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - - C:\DOCUME~1\tony\IMPOST~1\Temp\DX9\SessionLauncher.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Programmi\File comuni\SureThing Shared\stllssvr.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) - - C:\Programmi\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) - - C:\Programmi\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
O24 - Desktop Component 0: Pagina iniziale corrente - About:Home
--- Additional WinPatrol Info ---
Default Browser: Windows® Internet Explorer - Internet Explorer version 8.00.6001.18702
MSIE: Internet Explorer (8.00.6001.18702)
1071 IE Cookies in Folder: C:\Documents and Settings\tony\Cookies\
WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
WP03 - Windows Automatic Update = 4:Automatically download recommended updates for my computer and install them.
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://
WP31 - Scheduled Tasks: [McQcTask.job]c:\programmi\McAfee\MQC\QcConsol.exe Never
WP31 - Scheduled Tasks: [McDefragTask.job]C:\WINDOWS\system32\defrag.exe Never
WP31 - Scheduled Tasks: [AppleSoftwareUpdate.job]C:\Programmi\Apple Software Update\SoftwareUpdate.exe 06/29/2009 1:48 PM
WP16 - ActiveX: {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [Google Script Object] C:\PROGRAMMI\Google\GOOGLE TOOLBAR\GOOGLETOOLBAR.DLL 6, 1, 1715, 1442
WP16 - ActiveX: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [QuickTime Object] C:\PROGRAMMI\QUICKTIME\QTPlugin.ocx QuickTime 7.6 (1292)
WP16 - ActiveX: {19916E01-B44E-4E31-94A4-4696DF46157B} [InformationCardSigninHelper Class] C:\WINDOWS\system32\icardie.dll 8.00.6001.18702
WP16 - ActiveX: {1E54D648-B804-468D-BC78-4AFFED8E262F} [System Requirements Lab Class] C:\WINDOWS\DOWNLOADED PROGRAM FILES\SYSREQLAB_NVD.DLL 3, 0, 0, 4
WP16 - ActiveX: {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [Windows Media Player] C:\WINDOWS\system32\wmpdxm.dll 11.0.5721.5145
WP16 - ActiveX: {25336920-03F9-11CF-8FD0-00AA00686F13} [HTML Document] C:\WINDOWS\system32\mshtml.dll 8.00.6001.18812
WP16 - ActiveX: {2933BF90-7B36-11D2-B20E-00C04F983E60} [XML DOM Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [DHTML Edit Control Safe for Scripting for IE5] C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\Triedit\DHTMLED.OCX 6.01.9234
WP16 - ActiveX: {4063BE15-3B08-470D-A0D5-B37161CFFD69} [QuickTime Object] C:\PROGRAMMI\QUICKTIME\QTPlugin.ocx QuickTime 7.6 (1292)
WP16 - ActiveX: {48123BC4-99D9-11D1-A6B3-00C04FD91555} [XML Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {55136805-B2DE-11D1-B9F2-00A0C98BC547} [Shell Name Space] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\WINDOWS\system32\wmp.dll 11.0.5721.5260
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {88D969C0-F192-11D4-A65F-0040963251E5} [XML DOM Document 4.0] C:\WINDOWS\system32\msxml4.dll 4.20.9870.0
WP16 - ActiveX: {88D969E5-F192-11D4-A65F-0040963251E5} [XML DOM Document 5.0] C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\OFFICE11\msxml5.dll 5.20.1072.0
WP16 - ActiveX: {88D96A05-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A06-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A08-F192-11D4-A65F-0040963251E5} [XSL Template 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {88D96A0A-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] C:\WINDOWS\system32\msxml6.dll 6.20.1099.0
WP16 - ActiveX: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_13] C:\PROGRAMMI\Java\jre6\bin\jp2iexp.dll
WP16 - ActiveX: {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} [&Discussione] SHDOCVW.DLL 6.00.2900.5512
WP16 - ActiveX: {C9712B19-838B-45A5-ABF2-9A315DDDED50} [Microsoft Office 12 Authorization Control] C:\Programmi\Microsoft Office\Office12\AUTHZAX.DLL 12.0.4518.1014
WP16 - ActiveX: {CD3AFA88-B84F-48F0-9393-7EDC34128127} [VIDEO__AVI Moniker Class] C:\WINDOWS\system32\wmp.dll 11.0.5721.5260
WP16 - ActiveX: {CD3AFA94-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] C:\WINDOWS\system32\wmp.dll 11.0.5721.5260
WP16 - ActiveX: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [get_atlcom Class] C:\WINDOWS\DOWNLOADED PROGRAM FILES\gp.ocx 1, 5, 2, 35
WP16 - ActiveX: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Microsoft Url Search Hook] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [RealPlayer G2 Control] C:\WINDOWS\system32\rmoc3260.dll 6.0.9.2533
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx 10,0,22,87
WP16 - ActiveX: {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [QuickTimeCheck Class] C:\PROGRAMMI\QUICKTIME\QTSystem\QUICKTIMECHECK.OCX QuickTime 7.6 (1292)
WP16 - ActiveX: {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [msgsc.14.0.8064.0206] C:\Programmi\Windows Live\Messenger\msgsc.14.0.8064.0206.dll 14.0.8064.0206
WP16 - ActiveX: {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} [NameCtrl Class] C:\PROGRAMMI\MICROSOFT OFFICE\Office12\NAME.DLL 12.0.4518.1014
WP16 - ActiveX: {ED8C108E-4349-11D2-91A4-00C04F7969E8} [XML HTTP Request] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {F6ACF75C-C32C-447B-9BEF-46B766368D29} [Creative Software AutoUpdate Support Package] C:\Programmi\Creative\Shared Files\Software Update\CTPID.ocx 1.0.0.0
WP16 - ActiveX: {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML DOM Document] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] C:\WINDOWS\system32\msxml3.dll 8.100.1048.0
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\WINDOWS\system32\wmpdxm.dll 11.0.5721.5145
WP16 - ActiveX: {0713E8A2-850A-101B-AFC0-4210102A8DA7} [Microsoft TreeView Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {0713E8D2-850A-101B-AFC0-4210102A8DA7} [Microsoft ProgressBar Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {1D2B4F40-1F10-11D1-9E88-00C04FDCAB92} [ThumbCtl Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.5512
WP16 - ActiveX: {52A2AAAE-085D-4187-97EA-8C30DB990436} [HHCtrl Object] C:\WINDOWS\system32\hhctrl.ocx 5.2.3790.4110
WP16 - ActiveX: {58DA8D8A-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ListView Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {58DA8D8F-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ImageList Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {6B7E638F-850A-101B-AFC0-4210102A8DA7} [Microsoft StatusBar Control, version 5.0 (SP2)] C:\WINDOWS\system32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\WINDOWS\system32\ieframe.dll 8.00.6001.18812
WP16 - ActiveX: {8BD21D50-EC42-11CE-9E0D-00AA006002F3} [Microsoft Forms 2.0 OptionButton] C:\WINDOWS\system32\FM20.DLL 12.0.4518.1014
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\WINDOWS\system32\mshtml.dll 8.00.6001.18812
WP16 - ActiveX: {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [RealPlayer G2 Control] C:\WINDOWS\system32\rmoc3260.dll 6.0.9.2533
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx 10,0,22,87
WP16 - ActiveX: {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} [WebViewFolderIcon Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.5512
WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\Bootfont.bin
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:\ntldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\sqmdata00.sqm
WP32 - Hidden File: C:\sqmdata01.sqm
WP32 - Hidden File: C:\sqmnoopt00.sqm
WP32 - Hidden File: C:\sqmnoopt01.sqm
WP32 - Hidden File: C:\WINDOWS\ctfile.rfc
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
WP32 - Hidden File: C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
WP32 - Hidden File: C:\Documents and Settings\tony\Impostazioni locali\Temp\application.sif
WP33 - File Type .AVI: [Creative MediaSource]C:\Programmi\Creative\MediaSource5\CTCMSU.exe /PlayNow %L
WP33 - File Type .AVI: [PowerDVD]D:\Programmi\CyberLink\PowerDVD8\PowerDVD8.exe %1
WP33 - File Type .BAT: [File batch MS-DOS]%1 %*
WP33 - File Type .CAB: [Archivio WinRAR]C:\Programmi\WinRAR\WinRAR.exe %1
WP33 - File Type .CAT: [Catalogo protezione]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [File di HTML Help compilato]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [Applicazione per MS-DOS]%1 %*
WP33 - File Type .CMD: [Script di comandi Windows NT]%1 %*
WP33 - File Type .DOC: [Documento di Microsoft Office Word 97 - 2003]C:\Programmi\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Messaggio di Outlook Express Mail]C:\Programmi\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Applicazione]%1 %*
WP33 - File Type .INF: [Informazioni di installazione]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [File di script JScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Documento di testo]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Elemento di Outlook]C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [Creative MediaSource]C:\Programmi\Creative\MediaSource5\CTCMSU.exe /PlayNow %L
WP33 - File Type .MP3: [Creative MediaSource]C:\Programmi\Creative\MediaSource5\CTCMSU.exe /PlayNow %L
WP33 - File Type .MP3: [Audio formato MP3]C:\Programmi\Windows Media Player\wmplayer.exe /prefetch:6 /Open %L
WP33 - File Type .PIF: [Collegamento ad un programma per MS-DOS]%1 %*
WP33 - File Type .RAM: [RealMedia file]d:\Programmi\K-Lite Codec Pack\Media Player Classic\mplayerc.exe %1
WP33 - File Type .REG: [Voci di registrazione]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Programmi\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .SCR: [Screen saver]%1 /S
WP33 - File Type .TXT: [Documento di testo]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Collegamento Internet]C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [File di script VBScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [File di script codificato in VBScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [File di script Windows]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [File di impostazioni di Windows Script Host]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Foglio di lavoro di Microsoft Office Excel 97-2003]C:\Programmi\Microsoft Office\Office12\EXCEL.EXE /e
Memory currently in use: 26%
Physical Memory Free: 2,097,151 KB
Paging File Free: 4,194,303 KB
Virtual Memory Free: 2,044,684 KB
--
End of file