OTListIt logfile created on: 2009-02-23 17:13:46 - Run
OTListIt2 by OldTimer - Version 2.0.1.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: yyyy-MM-dd
511.42 Mb Total Physical Memory | 136.67 Mb Available Physical Memory | 26.72% Memory free
1.21 Gb Paging File | 0.89 Gb Available in Paging File | 73.28% Paging File free
Paging file location(s): G:\pagefile.sys 766 768;
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Programmi
Drive C: | 9.50 Gb Total Space | 2.78 Gb Free Space | 29.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 149.04 Gb Total Space | 78.12 Gb Free Space | 52.41% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-MIGLIORI
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\WINNT\system32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programmi\FLIR Systems\ThermaCAM QuickView 2\T3Srv.exe (FLIR Systems)
PRC - C:\WINNT\system32\hidserv.exe (Microsoft Corporation)
PRC - C:\Programmi\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINNT\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
PRC - C:\WINNT\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINNT\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINNT\system32\regsvc.exe (Microsoft Corporation)
PRC - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\WINNT\system32\stisvc.exe (Microsoft Corporation)
PRC - C:\Programmi\FLIR Systems\Device Drivers\T3Srv.exe (FLIR Systems)
PRC - C:\WINNT\System32\WBEM\WinMgmt.exe (Microsoft Corporation)
PRC - C:\WINNT\Explorer.EXE (Microsoft Corporation)
PRC - C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe (adi)
PRC - C:\Programmi\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programmi\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (AVP [Auto | Running]) -- C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
SRV - (bgsvcgen [Auto | Running]) -- C:\WINNT\system32\bgsvcgen.exe (B.H.A Corporation)
SRV - (btwdins [Auto | Running]) -- C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe (Broadcom Corporation.)
SRV - (CameraMonitor [Auto | Running]) -- C:\Programmi\FLIR Systems\ThermaCAM QuickView 2\T3Srv.exe (FLIR Systems)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dmadmin [On_Demand | Stopped]) -- C:\WINNT\System32\dmadmin.exe (VERITAS Software Corp.)
SRV - (Fax [On_Demand | Stopped]) -- C:\WINNT\system32\faxsvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (HidServ [Auto | Running]) -- C:\WINNT\system32\hidserv.exe (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Stopped]) -- C:\Programmi\hp\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Programmi\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KodakCCS [Auto | Running]) -- C:\WINNT\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINNT\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NVSvc [Auto | Running]) -- C:\WINNT\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (O&O Defrag [Auto | Running]) -- C:\WINNT\system32\oodag.exe (O&O Software GmbH)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINNT\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (RemoteRegistry [Auto | Running]) -- C:\WINNT\system32\regsvc.exe (Microsoft Corporation)
SRV - (SolidWorks Licensing Service [On_Demand | Stopped]) -- C:\Programmi\File comuni\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (StiSvc [Auto | Running]) -- C:\WINNT\system32\stisvc.exe (Microsoft Corporation)
SRV - (T3Srv [Auto | Running]) -- C:\Programmi\FLIR Systems\Device Drivers\T3Srv.exe (FLIR Systems)
SRV - (UtilMan [On_Demand | Stopped]) -- C:\WINNT\System32\UtilMan.exe (Microsoft Corporation)
SRV - (WinMgmt [Auto | Running]) -- C:\WINNT\System32\WBEM\WinMgmt.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (aeaudio [On_Demand | Running]) -- C:\WINNT\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (BT2KNDFL [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\bt2kndfl.sys (Broadcom Corporation.)
DRV - (btaudio [On_Demand | Running]) -- C:\WINNT\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINNT\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWDNDIS [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\btwhid.sys (WIDCOMM, Inc.)
DRV - (btwmodem [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINNT\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (Cdr4_2K [System | Running]) -- C:\WINNT\System32\drivers\cdr4_2k.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINNT\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (DcCam [System | Running]) -- C:\WINNT\system32\DRIVERS\DcCam.sys (Eastman Kodak Company)
DRV - (DcFpoint [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\DcFpoint.sys (Eastman Kodak Company)
DRV - (DCFS2K [Auto | Running]) -- C:\WINNT\system32\drivers\dcfs2k.sys (Eastman Kodak Company)
DRV - (DcLps [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\DcLps.sys (Eastman Kodak Company)
DRV - (DcPTP [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\DcPTP.sys (Eastman Kodak Company)
DRV - (Diskperf [Boot | Running]) -- C:\WINNT\System32\drivers\diskperf.sys (Microsoft Corporation)
DRV - (dmboot [Disabled | Stopped]) -- C:\WINNT\System32\drivers\dmboot.sys (VERITAS Software Corp.)
DRV - (dmio [Boot | Running]) -- C:\WINNT\System32\drivers\dmio.sys (VERITAS Software Corp.)
DRV - (dmload [Boot | Running]) -- C:\WINNT\System32\drivers\dmload.sys (VERITAS Software Corp.)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINNT\System32\Drivers\dtscsi.sys ()
DRV - (E100B [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\e100bnt5.sys (Intel Corporation)
DRV - (EFS [Disabled | Running]) -- C:\WINNT\System32\drivers\efs.sys (Microsoft Corporation)
DRV - (eugss [Auto | Running]) -- C:\WINNT\system32\Drivers\eugss2k.sys (Eutronsec)
DRV - (eusk2par [Auto | Running]) -- C:\WINNT\system32\Drivers\eusk2par.sys (Eutron)
DRV - (Eutron-Emu [Auto | Stopped]) -- C:\WINNT\System32\drivers\Eutron-Emu.SYS ()
DRV - (Exportit [System | Stopped]) -- C:\WINNT\system32\DRIVERS\exportit.sys (Eastman Kodak Company)
DRV - (F-Secure Standalone Minifilter [On_Demand | Stopped]) -- C:\Documents and Settings\Administrator\Impostazioni locali\temp\OnlineScanner\Anti-Virus\fsgk.sys ()
DRV - (FLIRUSBRNDIS [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\usb8023k.sys (Microsoft Corporation)
DRV - (hwdatacard [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (kl1 [Boot | Stopped]) -- C:\WINNT\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (klbg [Boot | Running]) -- C:\WINNT\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (KLIF [System | Running]) -- C:\WINNT\system32\DRIVERS\klif.sys (Kaspersky Lab)
DRV - (klim5 [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\klim5.sys (Kaspersky Lab)
DRV - (motccgp [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\motccgpfl.sys (Motorola)
DRV - (MotDev [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\motodrv.sys (Motorola Inc)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (MPE [On_Demand | Stopped]) -- C:\WINNT\system32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (NetDetect [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\netdtect.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINNT\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nv4 [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\nv4.sys (NVIDIA Corporation)
DRV - (Parallel [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\parallel.sys (Microsoft Corporation)
DRV - (pfc [On_Demand | Running]) -- C:\WINNT\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINNT\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RCA [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\RCA.sys (Microsoft Corporation)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation )
DRV - (skeyusb [On_Demand | Stopped]) -- C:\WINNT\System32\Drivers\skeyusb.sys (Eutron)
DRV - (smwdm [On_Demand | Running]) -- C:\WINNT\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINNT\System32\Drivers\sptd.sys ()
DRV - (StillCam [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (TSP [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (UALFDrv2 [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\UALFDrv2.sys (Sonix)
DRV - (uhcd [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\uhcd.sys (Microsoft Corporation)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINNT\system32\drivers\usbaudio.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
O1 HOSTS File: (893524 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 a9rhiwa.cn #[Google.Warning]
O1 - Hosts: 127.0.0.1
www.a9rhiwa.cnO1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1
www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1
www.accuserveadsystem.comO1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 26081 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" (Kaspersky Lab)
O4 - HKLM..\Run: [DrvLsnr] C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe (adi)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Synchronization Manager] mobsync.exe /logon (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk = C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra Button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINNT\System32\rnr20.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED}
http://plug-in.reallusion.com/CrazyTalk4.cab (CrazyTalk4 Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A}
http://support.f-secure.com/ols3beta/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB}
http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes
file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java
file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{46AA183D-08D8-4F06-99CC-5F02635E7636}\\NameServer = 151.99.125.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{E5E72B87-5298-4953-BD78-BAD92DCB4C6F}\\NameServer = 151.99.125.1
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINNT\system32\klogon.dll - C:\WINNT\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\system32\wzcdlg.dll (Microsoft Corporation)
O21 - SSODL: Network.ConnectionTray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\WINNT\system32\NETSHELL.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.inf [2009-01-28 14:23:24 00,000,000 | RHSD | M] - [ NTFS ]
O32 - Autorun File - G:\autorun.inf [2009-01-28 14:23:24 00,000,000 | RHSD | M] - [ NTFS ]
========== Files/Folders - Created Within 30 Days ========== [4 C:\WINNT\*.tmp files]
[2009-02-23 17:13:21 | 00,494,080 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009-02-23 09:02:28 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_27c.dat
[2009-02-20 14:33:40 | 00,057,568 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Immagine.jpg
[2009-02-20 10:12:46 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Flash_Disinfector.exe
[2009-02-19 17:43:03 | 00,771,824 | ---- | C] (Rockwell) -- C:\WINNT\System32\dllcache\winacisa.sys
[2009-02-19 17:43:03 | 00,019,728 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w840nd.sys
[2009-02-19 17:43:02 | 00,007,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\twotrack.sys
[2009-02-19 17:39:41 | 00,176,400 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnprop.dll
[2009-02-19 17:39:40 | 00,421,648 | ---- | C] (Specialix International Ltd.) -- C:\WINNT\System32\dllcache\spxports.dll
[2009-02-19 17:39:40 | 00,281,456 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnata.sys
[2009-02-19 17:39:39 | 00,104,656 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINNT\System32\dllcache\skfpwin.sys
[2009-02-19 17:39:37 | 00,010,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\stkmc.sys
[2009-02-19 17:39:36 | 00,028,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sma032.dll
[2009-02-19 17:38:14 | 00,025,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm9132.dll
[2009-02-19 17:38:14 | 00,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm9032.dll
[2009-02-19 17:38:13 | 00,025,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8c32.dll
[2009-02-19 17:38:13 | 00,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8d32.dll
[2009-02-19 17:38:13 | 00,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8a32.dll
[2009-02-19 17:38:12 | 00,032,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8132.dll
[2009-02-19 17:38:12 | 00,032,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8732.dll
[2009-02-19 17:38:12 | 00,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8932.dll
[2009-02-19 17:38:11 | 00,024,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm5932.dll
[2009-02-19 17:38:11 | 00,013,968 | ---- | C] (Rainbow Technologies Inc.) -- C:\WINNT\System32\dllcache\rnbo3531.sys
[2009-02-19 17:37:58 | 00,044,464 | ---- | C] () -- C:\WINNT\System32\dllcache\otceth5.sys
[2009-02-19 17:37:58 | 00,030,064 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\pca200e.sys
[2009-02-19 17:37:57 | 00,092,080 | ---- | C] (Compaq Computer Corporation) -- C:\WINNT\System32\dllcache\netflx3.sys
[2009-02-19 17:37:57 | 00,030,992 | ---- | C] (NETGEAR Corporation.) -- C:\WINNT\System32\dllcache\ngrpci.sys
[2009-02-19 17:37:55 | 00,026,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msmgr32.dll
[2009-02-19 17:37:55 | 00,012,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msriffwv.sys
[2009-02-19 17:37:55 | 00,008,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mssti.dll
[2009-02-19 17:37:54 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf12sp.dll
[2009-02-19 17:37:54 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf12cx.dll
[2009-02-19 17:37:54 | 00,005,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msfsio.sys
[2009-02-19 17:37:53 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf08sp.dll
[2009-02-19 17:37:53 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf06sp.dll
[2009-02-19 17:37:53 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf06cz.dll
[2009-02-19 17:37:52 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msf06cx.dll
[2009-02-19 17:37:49 | 00,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\miscan32.dll
[2009-02-19 17:37:49 | 00,016,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\modemcsa.sys
[2009-02-19 17:37:49 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs12sp.dll
[2009-02-19 17:37:49 | 00,006,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mphase32.dll
[2009-02-19 17:37:48 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs12cx.dll
[2009-02-19 17:37:48 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs08sp.dll
[2009-02-19 17:37:48 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs06sp.dll
[2009-02-19 17:37:47 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs06cz.dll
[2009-02-19 17:37:47 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfs06cx.dll
[2009-02-19 17:37:47 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mf3.dll
[2009-02-19 17:37:46 | 00,019,408 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwusbhid.sys
[2009-02-19 17:37:46 | 00,018,576 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwadihid.sys
[2009-02-19 17:37:45 | 00,091,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lgpusb.dll
[2009-02-19 17:37:45 | 00,036,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lgmntr.dll
[2009-02-19 17:37:45 | 00,032,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lginstsc.dll
[2009-02-19 17:37:44 | 00,010,000 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lgdeskew.dll
[2009-02-19 17:37:43 | 00,016,144 | ---- | C] (Litronic Industries) -- C:\WINNT\System32\dllcache\lit220p.sys
[2009-02-19 17:37:42 | 00,035,856 | ---- | C] (Level One Communications) -- C:\WINNT\System32\dllcache\jt1nd5.sys
[2009-02-19 17:37:42 | 00,017,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jupi32.dll
[2009-02-19 17:37:37 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\is4x.dll
[2009-02-19 17:37:37 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\is450.dll
[2009-02-19 17:37:37 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\is410.dll
[2009-02-19 17:37:36 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\is01.dll
[2009-02-19 17:37:34 | 00,017,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hr132.dll
[2009-02-19 17:37:02 | 00,032,528 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\forehe.sys
[2009-02-19 17:37:01 | 00,039,072 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecnb.sys
[2009-02-19 17:37:01 | 00,033,792 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpagex.dll
[2009-02-19 17:37:01 | 00,023,664 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eclandd.sys
[2009-02-19 17:37:01 | 00,017,856 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwandd.sys
[2009-02-19 17:37:00 | 00,156,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\essm2e.sys
[2009-02-19 17:36:59 | 00,008,960 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecsnadd.sys
[2009-02-19 17:36:59 | 00,007,648 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecvbus.sys
[2009-02-19 17:36:58 | 00,021,680 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpinst.dll
[2009-02-19 17:36:58 | 00,007,744 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecdtrace.sys
[2009-02-19 17:36:57 | 00,100,656 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eccommdd.sys
[2009-02-19 17:36:56 | 00,008,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dot4scan.sys
[2009-02-19 17:36:55 | 00,012,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dot4prt.sys
[2009-02-19 17:36:53 | 00,044,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dot4.sys
[2009-02-19 17:36:45 | 00,013,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dspimg32.dll
[2009-02-19 17:36:44 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dr3020.dll
[2009-02-19 17:36:43 | 00,023,216 | ---- | C] (D-Link Corporation) -- C:\WINNT\System32\dllcache\dlh5xnd5.sys
[2009-02-19 17:36:39 | 00,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINNT\System32\dllcache\cb325.sys
[2009-02-19 17:36:39 | 00,031,888 | ---- | C] (BreezeCOM) -- C:\WINNT\System32\dllcache\brzwlan.sys
[2009-02-19 17:36:38 | 00,042,192 | ---- | C] () -- C:\WINNT\System32\dllcache\atibt829.sys
[2009-02-19 17:36:38 | 00,016,976 | ---- | C] () -- C:\WINNT\System32\dllcache\atitvsnd.sys
[2009-02-19 17:36:37 | 00,017,168 | ---- | C] (AmbiCom, Inc.) -- C:\WINNT\System32\dllcache\amb8002.sys
[2009-02-19 17:36:37 | 00,007,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\af450.dll
[2009-02-19 17:36:28 | 00,092,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\acq32.dll
[2009-02-19 17:36:28 | 00,038,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\8514a.dll
[2009-02-19 17:36:27 | 00,010,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\4mmdat.sys
[2009-02-19 17:36:25 | 00,801,072 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cpciadi.sys
[2009-02-19 17:36:24 | 00,774,928 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisati.sys
[2009-02-19 17:36:23 | 00,792,176 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisaadi.sys
[2009-02-19 17:36:22 | 00,763,024 | ---- | C] (3Com, Inc.) -- C:\WINNT\System32\dllcache\3cwmcru.sys
[2009-02-19 17:36:22 | 00,022,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\15_16wdm.sys
[2009-02-19 17:36:01 | 00,040,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\1394bus.sys
[2009-02-19 16:26:26 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-02-19 16:26:24 | 00,246,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\CF26044.exe
[2009-02-19 16:26:24 | 00,246,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\CF26041.exe
[2009-02-19 11:41:30 | 00,101,287 | ---- | C] () -- C:\WINNT\System32\drivers\klin.dat
[2009-02-19 11:41:30 | 00,089,601 | ---- | C] () -- C:\WINNT\System32\drivers\klick.dat
[2009-02-19 10:28:00 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_280.dat
[2009-02-19 09:15:56 | 00,000,000 | ---D | C] -- C:\fsaua.data
[2009-02-19 08:59:41 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_294.dat
[2009-02-16 15:40:50 | 00,025,037 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\athena_speech_export.dat
[2009-02-16 14:43:44 | 00,026,560 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ONLINESCANNER.html
[2009-02-16 09:06:17 | 00,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2009-02-13 17:47:36 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009-02-13 10:21:39 | 00,348,160 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTMoveIt3.exe
[2009-02-13 09:24:26 | 00,001,410 | ---- | C] () -- C:\WINNT\imsins.BAK
[2009-02-12 17:56:43 | 00,000,000 | ---D | C] -- C:\WINNT\temp
[2009-02-12 17:37:52 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINNT\SWXCACLS.exe
[2009-02-12 17:37:52 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINNT\SWREG.exe
[2009-02-12 17:37:52 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINNT\SWSC.exe
[2009-02-12 17:37:52 | 00,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2009-02-12 17:37:52 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINNT\fdsv.exe
[2009-02-12 17:37:52 | 00,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2009-02-12 17:37:52 | 00,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2009-02-12 17:37:52 | 00,049,152 | ---- | C] () -- C:\WINNT\VFIND.exe
[2009-02-12 17:37:52 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINNT\NIRCMD.exe
[2009-02-12 17:37:44 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009-02-10 16:39:03 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009-02-04 17:09:36 | 00,083,730 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Schema elettrico.zip
[2009-02-04 11:04:46 | 00,013,824 | ---- | C] () -- G:\Documenti\pc.xls
[2009-02-02 16:33:45 | 00,000,000 | ---D | C] -- C:\Programmi\EsetOnlineScanner
[2009-02-02 16:21:01 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009-02-02 14:12:42 | 00,000,000 | ---D | C] -- C:\Programmi\TVAnts
[2009-01-30 17:14:36 | 47,298,7973 | ---- | C] () -- G:\Documenti\Thunderbird.rar
[2009-01-30 11:11:30 | 00,161,604 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\VP2_Quick_Ref_Guide_Rev_A.pdf
[2009-01-29 15:41:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\WinRAR
[2009-01-29 15:27:54 | 00,000,000 | ---D | C] -- C:\WINNT\ERUNT
[2009-01-29 15:13:04 | 00,000,000 | ---D | C] -- C:\SDFix
[2009-01-29 14:48:00 | 00,724,952 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\avenger.zip
[2009-01-29 14:47:36 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009-01-29 09:32:35 | 41,112,0482 | ---- | C] () -- G:\Documenti\Thunderbird 2.0.0.19 (it) - 2009-01-29.pcv
[2009-01-29 09:16:22 | 00,000,250 | ---- | C] () -- C:\WINNT\gmer.ini
[2009-01-29 09:16:19 | 00,884,736 | ---- | C] () -- C:\WINNT\gmer.dll
[2009-01-29 09:16:19 | 00,811,008 | ---- | C] () -- C:\WINNT\gmer.exe
[2009-01-29 09:16:19 | 00,085,969 | ---- | C] (GMER) -- C:\WINNT\System32\drivers\gmer.sys
[2009-01-29 09:16:19 | 00,000,080 | ---- | C] () -- C:\WINNT\gmer_uninstall.cmd
[2009-01-28 14:23:24 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009-01-27 14:11:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Turbine
[2009-01-27 11:12:25 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINNT\System32\E_DCINST.DLL
[2009-01-27 11:12:24 | 00,000,182 | ---- | C] () -- C:\WINNT\System32\EBPPORT4.DAT
========== Files - Modified Within 30 Days ========== [1 C:\WINNT\System32\*.tmp files]
[4 C:\WINNT\*.tmp files]
[2009-02-23 17:13:08 | 00,494,080 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009-02-23 16:36:18 | 00,000,345 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\GUEST.lnk
[2009-02-23 09:02:28 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_27c.dat
[2009-02-20 14:37:12 | 00,057,568 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Immagine.jpg
[2009-02-20 11:58:00 | 00,893,524 | R--- | M] () -- C:\WINNT\System32\drivers\etc\HOSTS
[2009-02-20 10:11:01 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Flash_Disinfector.exe
[2009-02-19 16:25:52 | 00,246,544 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\CF26044.exe
[2009-02-19 16:25:52 | 00,246,544 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\CF26041.exe
[2009-02-19 15:55:55 | 00,230,032 | ---- | M] (Kaspersky Lab) -- C:\WINNT\System32\drivers\klif.sys
[2009-02-19 15:55:55 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINNT\System32\drivers\klbg.sys
[2009-02-19 15:55:53 | 00,101,287 | ---- | M] () -- C:\WINNT\System32\drivers\klin.dat
[2009-02-19 15:55:53 | 00,089,601 | ---- | M] () -- C:\WINNT\System32\drivers\klick.dat
[2009-02-19 15:13:20 | 00,000,069 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2009-02-19 15:12:44 | 00,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\eMule Incoming.lnk
[2009-02-19 10:28:00 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_280.dat
[2009-02-19 08:59:41 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_294.dat
[2009-02-16 15:40:50 | 00,025,037 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\athena_speech_export.dat
[2009-02-16 14:43:45 | 00,026,560 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ONLINESCANNER.html
[2009-02-16 09:06:17 | 00,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2009-02-16 09:05:46 | 00,259,048 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009-02-13 17:48:19 | 00,001,461 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009-02-13 10:21:43 | 00,348,160 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTMoveIt3.exe
[2009-02-13 09:26:35 | 00,001,410 | ---- | M] () -- C:\WINNT\imsins.BAK
[2009-02-12 17:48:51 | 00,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2009-02-12 17:38:16 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009-02-12 16:36:36 | 00,000,565 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009-02-12 14:08:18 | 00,001,744 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2009-02-11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009-02-11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009-02-11 01:29:44 | 00,610,711 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts.20090220-115800.backup
[2009-02-04 17:06:33 | 00,083,730 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Schema elettrico.zip
[2009-02-04 11:04:46 | 00,013,824 | ---- | M] () -- G:\Documenti\pc.xls
[2009-01-30 17:31:58 | 47,298,7973 | ---- | M] () -- G:\Documenti\Thunderbird.rar
[2009-01-30 11:11:32 | 00,161,604 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\VP2_Quick_Ref_Guide_Rev_A.pdf
[2009-01-29 14:48:09 | 00,724,952 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\avenger.zip
[2009-01-29 09:36:45 | 41,112,0482 | ---- | M] () -- G:\Documenti\Thunderbird 2.0.0.19 (it) - 2009-01-29.pcv
[2009-01-29 09:17:55 | 00,000,250 | ---- | M] () -- C:\WINNT\gmer.ini
[2009-01-29 09:16:19 | 00,884,736 | ---- | M] () -- C:\WINNT\gmer.dll
[2009-01-29 09:16:19 | 00,085,969 | ---- | M] (GMER) -- C:\WINNT\System32\drivers\gmer.sys
[2009-01-29 09:16:19 | 00,000,080 | ---- | M] () -- C:\WINNT\gmer_uninstall.cmd
[2009-01-28 14:10:05 | 00,001,451 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HijackThis.lnk
[2009-01-27 10:18:57 | 00,060,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
< End of report >