Here are the logs!
Thanks Bob and have a nice weekend,
Sined
-----------------------------------------------------------------------------------
xp - 06-11-03 17.11.02,54 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\xp\Desktop"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\xp\Dati applicazioni\Install.dat
((((((((((((((((((((((((((((((( Files Created from 2006-10-03 to 2006-11-03 ))))))))))))))))))))))))))))))))))
2006-10-27 20:11 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-03 17:09 -------- d-------- C:\Documents and Settings\xp\Dati applicazioni\Skype
2006-11-03 17:08 -------- d-------- C:\Programmi\Symantec AntiVirus
2006-11-01 17:21 -------- d-------- C:\Documents and Settings\xp\Dati applicazioni\AdobeUM
2006-10-29 23:24 -------- d-------- C:\Programmi\Hijackthis
2006-10-27 20:11 -------- d-------- C:\Programmi\Grisoft
2006-10-27 20:11 -------- d-------- C:\Programmi\ewido anti-spyware 4.0
2006-10-27 20:05 -------- d-------- C:\Programmi\CCleaner
2006-10-22 21:43 -------- d-------- C:\Documents and Settings\xp\Dati applicazioni\U3
2006-10-17 21:12 -------- d-------- C:\Documents and Settings\xp\Dati applicazioni\Google
2006-10-17 16:52 -------- d-------- C:\Programmi\Google
2006-10-01 20:43 -------- d-------- C:\Programmi\DivX
2006-10-01 20:18 -------- d-------- C:\Documents and Settings\xp\Dati applicazioni\CyberLink
2006-09-18 19:11 778240 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-09-18 19:11 778240 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-09-18 19:11 761856 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-09-18 19:11 620180 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-14 09:53 -------- d-------- C:\Programmi\MSN Messenger
2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-05 10:36 -------- d-------- C:\Programmi\MySpeed PC
2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 12:59 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-12 17:30 12249 --a------ C:\delfiles.bat
2006-08-11 18:35 520192 --a------ C:\WINDOWS\system32\DivXsm.exe
2006-08-11 18:35 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-08-11 18:35 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2006-08-11 18:35 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2006-08-11 18:31 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2006-08-11 18:31 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2006-08-11 18:31 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2006-08-11 18:31 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2006-08-11 18:31 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2006-08-11 18:31 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2006-08-11 18:31 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2006-08-11 18:31 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2006-08-11 18:31 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2006-08-11 18:31 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background"
"LogitechSoftwareUpdate"="C:\\Programmi\\Logitech\\Video\\ManifestEngine.exe boot"
"Google Desktop Search"="\"C:\\Programmi\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"Skype"="\"C:\\Programmi\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"swg"="C:\\Programmi\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"RemoteControl"="C:\\Programmi\\CyberLink\\PowerDVD\\PDVDServ.exe"
"HP Component Manager"="\"C:\\Programmi\\HP\\hpcoretech\\hpcmpmgr.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Programmi\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Programmi\\Logitech\\Video\\LogiTray.exe"
"ccApp"="\"C:\\Programmi\\File comuni\\Symantec Shared\\ccApp.exe\""
"vptray"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"HP Software Update"="C:\\Programmi\\HP\\HP Software Update\\HPWuSchd2.exe"
"QuickTime Task"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Programmi\\Java\\jre1.5.0_08\\bin\\jusched.exe\""
"Windows Defender"="\"C:\\Programmi\\Windows Defender\\MSASCui.exe\" -hide"
"!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Pagina iniziale corrente"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Precaricatore Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Daemon di cache delle categorie di componenti"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20061027-210051-156
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
http://cdn.downloadcontrol.com/files/in ... all_it.cab
backup-20061027-210051-364
R3 - Default URLSearchHook is missing
backup-20061027-210051-377
O4 - Global Startup: RealSecure(r) Desktop Protector.lnk = ?
backup-20061019-125938-789
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} -
http://deposito.easyaccesssite.com/10243-23.exe
backup-20061019-125938-872
O23 - Service: NIEFMEUB - Unknown owner - C:\DOCUME~1\xp\IMPOST~1\Temp\NIEFMEUB.exe (file missing)
backup-20061019-125937-564
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) -
http://12.36.103.133/push.cab
backup-20060823-144239-137
O16 - DPF: {ECDFD956-C2EC-44F8-A553-3837EAA31F5C} -
http://gromozon.com/eb2570a8/50400/1/xp/FreeAccess.ocx
backup-20060821-110250-844
O2 - BHO: Class - {9402C8B6-4907-B268-996F-9EEF8A3BE369} - C:\WINDOWS\lykeh1.dll (file missing)
backup-20060817-144726-328
O2 - BHO: Class - {9402C8B6-4907-B268-996F-9EEF8A3BE369} - C:\WINDOWS\lykeh1.dll (file missing)
backup-20060815-220157-293
O2 - BHO: Class - {9402C8B6-4907-B268-996F-9EEF8A3BE369} - C:\WINDOWS\lykeh1.dll (file missing)
backup-20060815-220157-376
R3 - Default URLSearchHook is missing
backup-20060813-161311-892
O2 - BHO: Class - {9402C8B6-4907-B268-996F-9EEF8A3BE369} - C:\WINDOWS\lykeh1.dll (file missing)
backup-20060813-161311-924
O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\mfcmt.exe (file missing)
backup-20060813-161311-112
R3 - Default URLSearchHook is missing
backup-20060813-161311-101
O4 - HKLM\..\Run: [lesv1.exe] C:\WINDOWS\TEMP\lesv1.exe
backup-20060813-161311-287
O4 - HKLM\..\Run: [sysmt.exe] C:\WINDOWS\system32\sysmt.exe
backup-20060813-161311-132
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20060812-185023-423
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} -
http://zllin.info/ihr/us091/ihr.cab
backup-20060812-185022-903
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} -
http://deposito.trafficredlight.net/10257-23.exe
backup-20060812-185021-947
O16 - DPF: {3C07C100-8745-4522-A398-361D1BF695D4} -
http://xearl.com/5ef68ad4/52128/1/xp/FreeAccess.ocx
backup-20060812-184856-900
O15 - Trusted Zone:
http://www.skymasters.biz
backup-20060812-184856-868
O15 - Trusted Zone:
http://www.new-access.biz
backup-20060812-184856-557
O15 - Trusted Zone:
http://www.contentcooler.biz
backup-20060812-184856-263
O15 - Trusted Zone:
http://www.redfunny.com
backup-20060812-184856-640
O15 - Trusted Zone:
http://www.archiviosex.net
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\MP Scheduled Scan.job
Completion time: 06-11-03 17:12:09.90
C:\ComboFix.txt ... 06-11-03 17:12
-----------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 17.14.32, on 03/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network ICE\BlackICE\blackd.exe
C:\Programmi\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmi\Logitech\Video\LogiTray.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre1.5.0_08\bin\jusched.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {036F8A56-0BC8-4607-8F98-D3231E6FF5ED} (CentraUpdaterAxCtl Class) -
http://aulavirtuale.metid.polimi.it/Sit ... aterAx.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex ... 0-3-30.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F309C8-1ABF-4E45-966F-9459F1EEDD79}: NameServer = 85.37.17.4 85.38.28.70
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programmi\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Programmi\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\RapApp.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programmi\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programmi\Symantec AntiVirus\Rtvscan.exe