nostrafrancos Posted September 26, 2010 Report Share Posted September 26, 2010 Dear Sirs,I was advised to do the following but still cannot open IE options." How To Post An Otl Log, Easy to Follow Guide Create a new thread and post the required logs in the following section of the forums.Malware RemovalPlease wait patiently for the experts to read your logs and guide you on removing your malware. "Here is the the Malwarebytes' logMalwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4572Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.1870226/09/2010 13:00:56mbam-log-2010-09-26 (13-00-56).txtScan type: Quick scanObjects scanned: 142433Time elapsed: 13 minute(s), 43 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Thanks a lot for your kind supportfrn Link to post Share on other sites
TheTerrorist_75 Posted September 28, 2010 Report Share Posted September 28, 2010 Please read these directions and post all of the required logs.How To Post An Otl Log, Easy to Follow Guide Link to post Share on other sites
nostrafrancos Posted October 1, 2010 Author Report Share Posted October 1, 2010 Please read these directions and post all of the required logs.How To Post An Otl Log, Easy to Follow Guide Hello and sorry for bothering you againI'm not sure about what I should do next. I followed the instructions up to the MBAM scan ( I posted it as you said) which didn't show any infection but I still cannot access IE options. I'm a bit confused now... What should I do ? Move to step 2 even if there was no infection? Thanks in advance for your kind supportfrn Link to post Share on other sites
TheTerrorist_75 Posted October 1, 2010 Report Share Posted October 1, 2010 You need to follow the directions in the link I provided. It shows step by step what programs to download, install and run. Once all of them have been completed you need to post all of the log files generated. Link to post Share on other sites
nostrafrancos Posted October 7, 2010 Author Report Share Posted October 7, 2010 You need to follow the directions in the link I provided. It shows step by step what programs to download, install and run. Once all of them have been completed you need to post all of the log files generated.Hello,I have done the 1st part of the scan again and will carry on with the following steps and post them hereThank you very much for your kind supportRegardsMalwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4572Windows 5.1.2600 Service Pack 2Internet Explorer 8.0.6001.1870208/09/2010 19:19:09mbam-log-2010-09-08 (19-19-09).txtScan type: Quick scanObjects scanned: 141888Time elapsed: 16 minute(s), 11 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 6Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\CLSID\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{e2ee5c44-c66d-499d-beae-a2a79189a63a} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. Link to post Share on other sites
nostrafrancos Posted October 8, 2010 Author Report Share Posted October 8, 2010 Dear Sirs,I'd be really grateful if you could check my logs. I was infected with spywares/malwares before but I'm still having some problems ( pc slow, problems downloading updates, no access to IE options both from the browser and the Control Panel).I'd like to thank you in advance for your kind helpBest Regardsfrn-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4742Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.1870207/10/2010 23:22:18mbam-log-2010-10-07 (23-22-18).txtScan type: Quick scanObjects scanned: 144669Time elapsed: 18 minute(s), 43 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Rooter.exe (v1.0.2) by Eric_71.SeDebugPrivilege granted successfully ....Windows XP Home Edition (5.1.2600) Service Pack 3[32_bits] - x86 Family 15 Model 2 Stepping 7, GenuineIntel.[wscsvc] (Security Center) RUNNING (state:4)[sharedAccess] RUNNING (state:4)Windows Firewall -> Enabled.Internet Explorer 8.0.6001.18702.C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:17 Go )D:\ [CD_Rom].Scan : 11:30.27Path : C:\Documents and Settings\Fran\Desktop\Rooter.exeUser : Fran ( Administrator -> YES ).----------------------\\ Processes.Locked [system Process] (0)______ System (4)______ \SystemRoot\System32\smss.exe (480)______ \??\C:\WINDOWS\system32\csrss.exe (536)______ \??\C:\WINDOWS\system32\winlogon.exe (560)______ C:\WINDOWS\system32\services.exe (604)______ C:\WINDOWS\system32\lsass.exe (616)______ C:\WINDOWS\system32\svchost.exe (772)______ C:\WINDOWS\system32\svchost.exe (832)______ c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (900)______ C:\WINDOWS\System32\svchost.exe (940)______ C:\WINDOWS\System32\svchost.exe (1016)______ C:\WINDOWS\system32\svchost.exe (1120)______ C:\WINDOWS\Explorer.EXE (1300)______ C:\WINDOWS\system32\spoolsv.exe (1332)______ C:\Programmi\Microsoft Security Essentials\msseces.exe (1568)______ C:\WINDOWS\System32\svchost.exe (1708)______ C:\WINDOWS\system32\svchost.exe (1832)______ C:\Programmi\Java\jre6\bin\jqs.exe (1852)______ C:\WINDOWS\System32\svchost.exe (1900)______ C:\WINDOWS\System32\svchost.exe (192)______ C:\WINDOWS\system32\slserv.exe (240)______ C:\WINDOWS\System32\svchost.exe (400)______ C:\WINDOWS\system32\wuauclt.exe (520)______ C:\WINDOWS\System32\wbem\wmiapsrv.exe (2512)______ C:\WINDOWS\System32\alg.exe (2604)______ C:\Programmi\internet explorer\iexplore.exe (3176)______ C:\Programmi\internet explorer\iexplore.exe (3360)______ C:\Programmi\Hide My IP\HideMyIpSrv.exe (3556)______ C:\Documents and Settings\Fran\Desktop\Rooter.exe (1060).----------------------\\ Device\Harddisk0\.\Device\Harddisk0 [sectors : 63 x 512 Bytes].\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:39999504384).----------------------\\ Scheduled Tasks.C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).jobC:\WINDOWS\Tasks\desktop.iniC:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.jobC:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.jobC:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.jobC:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.jobC:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.jobC:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1450960922-839522115-1004.jobC:\WINDOWS\Tasks\SA.DATC:\WINDOWS\Tasks\WebReg HP Photosmart C4400 series.job.----------------------\\ Registry..----------------------\\ Files & Folders.----------------------\\ Scan completed at 11:31.21.C:\Rooter$\Rooter_1.txt - (08/10/2010 | 11:31.21) Log created at 11:55 on 08/10/2010 (Fran)Scanning C:\C:\pagefile.sys--------------------------=E.O.F=-_____________________________________________________________________________________________________CKScanner - Additional Security Risks - These are not necessarily badscanner sequence 3.RP.11 ----- EOF ----- _____________________________________________________________________________________________________OTL logfile created on: 08/10/2010 13:42:08 - Run 1OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Fran\DesktopWindows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy511.00 Mb Total Physical Memory | 215.00 Mb Available Physical Memory | 42.00% Memory free1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File freePaging file location(s): C:\pagefile.sys 0 0 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\ProgrammiDrive C: | 37.25 Gb Total Space | 17.45 Gb Free Space | 46.84% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: USER-BZPR251MPOCurrent User Name: FranLogged in as Administrator.Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OnSkip Microsoft Files: OnFile Age = 90 DaysOutput = MinimalQuick Scan========== Processes (SafeList) ==========PRC - C:\Documents and Settings\Fran\Desktop\OTL.exe (OldTimer Tools)PRC - C:\Programmi\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)PRC - C:\Programmi\Hide My IP\HideMyIpSrv.exe ()PRC - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)PRC - C:\WINDOWS\system32\slserv.exe ( )========== Modules (SafeList) ==========MOD - C:\Documents and Settings\Fran\Desktop\OTL.exe (OldTimer Tools)MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)========== Win32 Services (SafeList) ==========SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not foundSRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not foundSRV - (HideMyIpSRV) -- C:\Programmi\Hide My IP\HideMyIpSrv.exe ()SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)SRV - (CCALib8) -- C:\Programmi\Canon\CAL\CALMAIN.exe (Canon Inc.)SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )========== Driver Services (SafeList) ==========DRV - (ZDPSp50) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys File not foundDRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not foundDRV - (Lavasoft Kernexplorer) -- C:\Programmi\Lavasoft\Ad-Aware\KernExplorer.sys File not foundDRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project)DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)DRV - (ultra) -- C:\WINDOWS\System32\Ultra.dll ()DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)DRV - (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) -- C:\WINDOWS\system32\drivers\BLKWGU.sys (Belkin Corporation)DRV - (W8335XP) -- C:\WINDOWS\system32\drivers\MRV8335XP.sys (Marvell Semiconductor, Inc)DRV - (odysseyIM4) -- C:\WINDOWS\system32\drivers\odysseyIM4.sys (Funk Software, Inc.)DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link)DRV - (CBTNDIS5) -- C:\WINDOWS\system32\CBTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software)DRV - (VIAudio) VIA AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\viaudios.sys (VIA Technologies, Inc.)DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)DRV - (FA312) -- C:\WINDOWS\system32\drivers\FA312nd5.sys (NETGEAR Corp.)DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blankIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/23 21:02:40 | 000,000,000 | ---D | M]O1 HOSTS File: ([2010/09/08 22:26:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.O4 - HKLM..\Run: [MSSE] c:\Programmi\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\HMIPCore.dll (My Privacy Tools, Inc.)O15 - HKCU\..Trusted Domains: ([]msn in My Computer)O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab (BDSCANONLINE Control)O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181300875687 (WUWebControl Class)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181300844156 (MUWebControl Class)O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5014/mcfscan.cab (McFreeScan Class)O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Pagina iniziale corrente) - About:HomeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2007/03/19 22:08:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*NetSvcs: 6to4 - File not foundNetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not foundNetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)NetSvcs: WmdmPmSp - File not foundDrivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)MsConfig - Services: "Ati HotKey Poller"MsConfig - Services: "ose"MsConfig - Services: "NICSer_WPC54G"MsConfig - Services: "aspnet_state"MsConfig - Services: "CCALib8"MsConfig - Services: "BthServ"MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma Loader.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Speed Launch.lnk - Reg Error: Value error. - File not foundMsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Belkin Wireless Networking Utility.lnk - C:\Programmi\Belkin\F6D4050\v1\Belkinwcui.exe - (Belkin International, Inc.)MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^WinZip Quick Pick.lnk - Reg Error: Value error. - File not foundMsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Wireless-G Notebook Adapter.lnk - Reg Error: Value error. - File not foundMsConfig - StartUpFolder: C:^Documents and Settings^Fran^Menu Avvio^Programmi^Esecuzione automatica^ERUNT AutoBackup.lnk - C:\Programmi\ERUNT\AUTOBACK.EXE - ()MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)MsConfig - StartUpReg: ATIModeChange - hkey= - key= - File not foundMsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= - File not foundMsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not foundMsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - C:\Programmi\eMule\emule.exe (http://www.emule-project.net)MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe (Google Inc.)MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programmi\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)MsConfig - StartUpReg: hpqSRMon - hkey= - key= - C:\Programmi\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not foundMsConfig - StartUpReg: NeroCheck - hkey= - key= - File not foundMsConfig - StartUpReg: RegDoctor - hkey= - key= - C:\Programmi\RegDoctor\RegDoctor.exe (RegDoctor)MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Programmi\File comuni\Real\Update_OB\realsched.exe (RealNetworks, Inc.)MsConfig - State: "system.ini" - 0MsConfig - State: "win.ini" - 0MsConfig - State: "bootini" - 0MsConfig - State: "services" - 2MsConfig - State: "startup" - 2SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not foundSafeBootMin: Base - Driver GroupSafeBootMin: Boot Bus Extender - Driver GroupSafeBootMin: Boot file system - Driver GroupSafeBootMin: File system - Driver GroupSafeBootMin: Filter - Driver GroupSafeBootMin: MsMpSvc - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)SafeBootMin: PCI Configuration - Driver GroupSafeBootMin: PNP Filter - Driver GroupSafeBootMin: Primary disk - Driver GroupSafeBootMin: SCSI Class - Driver GroupSafeBootMin: sermouse.sys - DriverSafeBootMin: System Bus Extender - Driver GroupSafeBootMin: vds - ServiceSafeBootMin: vga.sys - DriverSafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copySafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not foundSafeBootNet: Base - Driver GroupSafeBootNet: Boot Bus Extender - Driver GroupSafeBootNet: Boot file system - Driver GroupSafeBootNet: File system - Driver GroupSafeBootNet: Filter - Driver GroupSafeBootNet: MsMpSvc - c:\Programmi\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)SafeBootNet: NDIS Wrapper - Driver GroupSafeBootNet: NetBIOSGroup - Driver GroupSafeBootNet: NetDDEGroup - Driver GroupSafeBootNet: Network - Driver GroupSafeBootNet: NetworkProvider - Driver GroupSafeBootNet: PCI Configuration - Driver GroupSafeBootNet: PNP Filter - Driver GroupSafeBootNet: PNP_TDI - Driver GroupSafeBootNet: Primary disk - Driver GroupSafeBootNet: SCSI Class - Driver GroupSafeBootNet: sermouse.sys - DriverSafeBootNet: Streams Drivers - Driver GroupSafeBootNet: System Bus Extender - Driver GroupSafeBootNet: TDI - Driver GroupSafeBootNet: vga.sys - DriverSafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VMActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for JavaActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering grafica vettoriale (VML)ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShowActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimationActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Binding dati Dynamic HTML per JavaActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing PackActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - UniscribeActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Creazione avanzataActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /installActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NTActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShowActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawExActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer HelpActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classi Java DirectAnimationActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Aggiornamento della protezione per Windows XP (KB923789)ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUserActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICWActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup ToolsActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing EnhancementsActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media PlayerActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site AccessActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET FrameworkActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web FoldersActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /installActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dllActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettingsActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,InstallActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data BindingActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET FrameworkActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core FontsActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Utilità di pianificazioneActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash PlayerActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML HelpActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service InterfaceActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exeActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMPActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIEActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUPActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUPActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOECREATERESTOREPOINTRestore point Set: OTL Restore Point (16902109354000384)========== Files/Folders - Created Within 90 Days ==========[2010/10/08 13:29:04 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe[2010/10/08 11:31:21 | 000,000,000 | ---D | C] -- C:\Rooter$[2010/10/08 11:24:39 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe[2010/10/07 22:44:52 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe[2010/10/07 22:32:45 | 000,000,000 | ---D | C] -- C:\Programmi\ERUNT[2010/10/05 23:30:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF[2010/10/03 16:25:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fran\Recent[2010/09/22 14:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Mozilla[2010/09/17 16:30:26 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys[2010/09/17 16:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\Sunbelt Software[2010/09/15 18:38:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch[2010/09/15 17:41:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it[2010/09/10 15:09:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it[2010/09/10 15:09:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas[2010/09/09 22:56:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2010/09/08 22:20:24 | 000,000,000 | RHSD | C] -- C:\cmdcons[2010/09/08 22:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2010/09/08 19:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Dati applicazioni\Malwarebytes[2010/09/08 19:01:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys[2010/09/08 19:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes[2010/09/08 19:01:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2010/09/08 19:01:14 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware[2010/09/03 19:13:07 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro[2010/08/28 18:56:21 | 000,000,000 | ---D | C] -- C:\Programmi\Microsoft Security Essentials[2010/08/26 19:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Documenti\Downloads[2010/08/26 18:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy[2010/08/18 12:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\CA[2010/08/16 13:09:14 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys[2010/08/13 12:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software[2010/08/11 22:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9[2010/08/04 15:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Sun[2010/08/04 14:45:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\IECompatCache[2010/08/04 14:29:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\PrivacIE[2010/08/04 14:22:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fran\IETldCache[2010/08/04 14:19:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates[2010/08/04 14:15:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM[2010/08/04 14:13:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8[2010/07/21 18:17:17 | 000,000,000 | ---D | C] -- C:\Programmi\Windows Live Safety Center[2007/03/19 23:12:09 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys[2003/04/24 19:20:00 | 000,521,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys[2003/04/24 19:20:00 | 000,085,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys[2003/04/24 19:19:00 | 001,295,336 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys[2003/04/24 19:19:00 | 000,210,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys[2003/04/24 19:19:00 | 000,162,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys========== Files - Modified Within 90 Days ==========[2010/10/08 13:34:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\WebReg HP Photosmart C4400 series.job[2010/10/08 13:31:35 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.job[2010/10/08 13:31:34 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1450960922-839522115-1004.job[2010/10/08 13:29:43 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe[2010/10/08 13:16:00 | 000,001,236 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.job[2010/10/08 12:45:01 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job[2010/10/08 12:38:33 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\gmer.zip[2010/10/08 12:36:49 | 003,514,115 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe[2010/10/08 12:29:22 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe[2010/10/08 11:54:58 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe[2010/10/08 11:25:06 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe[2010/10/08 11:10:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010/10/08 11:10:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010/10/07 23:34:28 | 000,000,306 | -HS- | M] () -- C:\Documents and Settings\Fran\ntuser.ini[2010/10/07 23:34:27 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.dat[2010/10/07 22:45:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe[2010/10/07 22:33:04 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\NTREGOPT.lnk[2010/10/07 22:33:04 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ERUNT.lnk[2010/10/07 22:25:18 | 000,567,670 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat[2010/10/07 22:25:18 | 000,512,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010/10/07 22:25:18 | 000,099,318 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat[2010/10/07 22:25:17 | 001,235,246 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010/10/07 22:25:17 | 000,085,146 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010/10/06 22:59:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010/10/01 19:26:20 | 000,002,505 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office Outlook 2003.lnk[2010/10/01 19:16:00 | 000,001,184 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.job[2010/10/01 17:10:03 | 000,002,467 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office PowerPoint 2003.lnk[2010/10/01 16:30:01 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job[2010/09/29 17:45:31 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job[2010/09/29 13:16:29 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\html.doc[2010/09/28 16:21:23 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\HKEY_CURRENT_USER.reg[2010/09/27 18:51:04 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Nuovo Microsoft Word Document.doc[2010/09/27 18:23:59 | 000,000,978 | ---- | M] () -- C:\WINDOWS\win.ini[2010/09/27 18:23:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini[2010/09/27 18:23:59 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2010/09/27 14:01:12 | 006,418,432 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.bak[2010/09/24 23:03:29 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\HiJackThis.lnk[2010/09/22 14:19:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat[2010/09/19 16:34:27 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ben abroad.doc[2010/09/17 16:30:25 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys[2010/09/16 16:34:55 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2010/09/13 23:05:16 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk[2010/09/13 22:06:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb[2010/09/13 22:06:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb[2010/09/11 13:54:17 | 000,046,392 | ---- | M] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT[2010/09/10 20:19:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Ÿ9Ÿ9[2010/09/10 14:54:43 | 000,251,600 | RHS- | M] () -- C:\ntldr[2010/09/10 13:52:25 | 000,552,345 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\ProtectYourComputer.pdf[2010/09/08 22:26:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2010/09/08 19:01:27 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2010/09/07 19:35:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak[2010/08/28 18:56:24 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk[2010/08/28 18:37:47 | 000,002,885 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2010/08/25 18:07:37 | 006,951,964 | -H-- | M] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\IconCache.db[2010/08/04 13:55:43 | 000,089,805 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\bookmarks.htm[2010/08/04 13:49:27 | 000,090,471 | ---- | M] () -- C:\Documents and Settings\Fran\Documenti\bookmark.htm[2010/07/15 11:57:49 | 000,002,537 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\Microsoft Office Access 2003.lnk========== Files Created - No Company Name ==========[2010/10/08 12:38:30 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\gmer.zip[2010/10/08 12:36:31 | 003,514,115 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe[2010/10/08 12:29:19 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe[2010/10/08 11:53:34 | 000,032,653 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe[2010/10/07 22:33:04 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\NTREGOPT.lnk[2010/10/07 22:33:04 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ERUNT.lnk[2010/09/29 13:15:59 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\html.doc[2010/09/28 16:21:22 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\HKEY_CURRENT_USER.reg[2010/09/27 13:36:51 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Fran\ntuser.tmp.LOG[2010/09/25 10:49:43 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\Nuovo Microsoft Word Document.doc[2010/09/22 14:19:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat[2010/09/19 16:33:34 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ben abroad.doc[2010/09/17 16:32:48 | 000,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job[2010/09/13 23:05:16 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk[2010/09/10 20:19:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ÿ9Ÿ9[2010/09/10 13:52:25 | 000,552,345 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\ProtectYourComputer.pdf[2010/09/09 14:06:41 | 006,418,432 | ---- | C] () -- C:\Documents and Settings\Fran\ntuser.bak[2010/09/09 14:06:41 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\Fran\ntuser.dat[2010/09/08 22:20:33 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2010/09/08 22:20:29 | 000,260,272 | RHS- | C] () -- C:\cmldr[2010/09/08 19:01:27 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2010/09/03 19:13:12 | 000,002,423 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\HiJackThis.lnk[2010/08/28 18:56:24 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk[2010/08/26 19:11:55 | 000,001,236 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004UA.job[2010/08/26 19:11:54 | 000,001,184 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1450960922-839522115-1004Core.job[2010/08/12 22:52:53 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1450960922-839522115-1004.job[2010/08/04 13:55:42 | 000,089,805 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\bookmarks.htm[2010/08/04 13:49:17 | 000,090,471 | ---- | C] () -- C:\Documents and Settings\Fran\Documenti\bookmark.htm[2010/01/12 17:59:23 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv[2010/01/12 17:59:21 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll[2009/09/11 12:57:51 | 000,000,126 | ---- | C] () -- C:\WINDOWS\PRLTP_USBdrv.ini[2009/03/12 20:29:10 | 005,645,312 | ---- | C] () -- C:\Programmi\USB PC Cam Plus.msi[2009/03/12 20:29:10 | 000,031,744 | ---- | C] () -- C:\Programmi\1040.MST[2009/03/12 20:29:10 | 000,005,186 | ---- | C] () -- C:\Programmi\0x0410.ini[2009/02/14 15:23:10 | 000,000,022 | ---- | C] () -- C:\WINDOWS\cdplayer.ini[2008/12/21 19:10:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini[2008/12/21 19:10:36 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini[2008/12/12 22:40:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll[2008/05/23 00:22:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2008/05/23 00:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest[2008/05/23 00:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest[2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll[2007/11/09 22:44:55 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI[2007/06/02 14:40:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\init.ini[2007/05/05 13:05:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI[2007/03/27 23:04:57 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wininit.ini[2007/03/23 19:11:53 | 000,004,654 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI[2007/03/21 22:39:47 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Fran\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2007/03/21 22:33:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2007/03/19 23:32:40 | 000,000,772 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2007/03/19 23:12:09 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll[2007/03/19 23:12:09 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll[2007/03/19 23:05:35 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll[2005/07/11 23:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL[2005/03/01 16:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini[2005/01/25 16:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL[2004/03/23 01:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll[2003/04/24 19:20:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll[2003/04/24 19:20:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll[2003/04/24 19:19:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys========== LOP Check ==========[2010/08/13 12:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software[2007/05/19 00:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg7[2010/08/13 10:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9[2010/08/18 12:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CA[2010/01/12 18:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\pdf995[2008/06/11 23:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ulead Systems[2007/05/18 09:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\AVG7[2008/12/10 22:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1[2010/04/11 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\Hide IP NG[2007/03/20 00:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\LimeWire[2007/04/05 14:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Dati applicazioni\Ulead Systems[2010/10/01 16:30:01 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job========== Purity Check ==================== Custom Scans ==========< %SYSTEMDRIVE%\*.* >[2007/03/19 22:08:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT[2010/09/07 19:35:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak[2010/09/27 18:23:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini[2002/09/10 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr[2007/03/19 22:08:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS[2007/03/19 22:08:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS[2007/03/19 22:08:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS[2007/03/23 20:08:29 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM[2010/09/10 14:54:43 | 000,251,600 | RHS- | M] () -- C:\ntldr[2010/10/08 11:10:08 | 804,298,752 | -HS- | M] () -- C:\pagefile.sys< %systemroot%\Fonts\*.com >[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont< %systemroot%\Fonts\*.dll >< %systemroot%\Fonts\*.ini >[2010/09/13 22:06:17 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini< %systemroot%\Fonts\*.ini2 >< %systemroot%\Fonts\*.exe >< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll[2007/12/17 19:05:32 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll[2008/07/06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe< %systemroot%\REPAIR\*.bak1 >< %systemroot%\REPAIR\*.ini >< %systemroot%\system32\*.jpg >< %systemroot%\*.jpg >< %systemroot%\*.png >< %systemroot%\*.scr >< %systemroot%\*._sy >< %APPDATA%\Adobe\Update\*.* >< %ALLUSERSPROFILE%\Favorites\*.* >< %APPDATA%\Microsoft\*.* >< %PROGRAMFILES%\*.* >[2009/03/12 20:34:26 | 000,005,186 | ---- | M] () -- C:\Programmi\0x0410.ini[2009/03/12 20:34:32 | 000,031,744 | ---- | M] () -- C:\Programmi\1040.MST[2009/03/12 20:34:36 | 005,645,312 | ---- | M] () -- C:\Programmi\USB PC Cam Plus.msi< %APPDATA%\Update\*.* >< %systemroot%\*. /mp /s >< %systemroot%\System32\config\*.sav >[2007/03/19 21:52:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav[2007/03/19 21:52:12 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav[2007/03/19 21:52:12 | 000,401,408 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav< %PROGRAMFILES%\bak. /s >< %systemroot%\system32\bak. /s >< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >< %systemroot%\system32\config\systemprofile\*.dat /x >< %systemroot%\*.config >< %systemroot%\system32\*.db >< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2010/09/13 22:09:11 | 000,000,181 | -HS- | M] () -- C:\Documents and Settings\Fran\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\desktop.ini[2007/03/19 22:48:57 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Fran\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Mostra Desktop.scf< %USERPROFILE%\Desktop\*.exe >[2010/10/08 12:29:22 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\CKScanner.exe[2010/10/08 11:54:58 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\LockSearch.exe[2010/10/08 13:29:43 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\OTL.exe[2010/10/08 11:25:06 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Fran\Desktop\Rooter.exe[2010/10/07 22:45:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fran\Desktop\TFC.exe[2010/10/08 12:36:49 | 003,514,115 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\WVCheck.exe< %PROGRAMFILES%\Common Files\*.* >< %systemroot%\*.src >< %systemroot%\install\*.* >< %systemroot%\system32\DLL\*.* >< %systemroot%\system32\HelpFiles\*.* >< %systemroot%\system32\rundll\*.* >< %systemroot%\winn32\*.* >< %systemroot%\Java\*.* >< %systemroot%\system32\test\*.* >< %systemroot%\system32\Rundll32\*.* >< %systemroot%\AppPatch\Custom\*.* >< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >< %PROGRAMFILES%\Internet Explorer\*.tmp >< %PROGRAMFILES%\Internet Explorer\*.dat >< %USERPROFILE%\My Documents\*.exe >< %USERPROFILE%\*.exe >< %systemroot%\ADDINS\*.* >< %systemroot%\assembly\*.bak2 >< %systemroot%\Config\*.* >< %systemroot%\REPAIR\*.bak2 >< %systemroot%\SECURITY\Database\*.sdb /x >< %systemroot%\SYSTEM\*.bak2 >< %systemroot%\Web\*.bak2 >< %systemroot%\Driver Cache\*.* >< %PROGRAMFILES%\Mozilla Firefox\0*.exe >< %ProgramFiles%\Microsoft Common\*.* >< %ProgramFiles%\TinyProxy. >< %USERPROFILE%\Favorites\*.url /x >< %systemroot%\system32\*.bk >< %systemroot%\*.te >< %systemroot%\system32\system32\*.* >< %ALLUSERSPROFILE%\*.dat /x >< %systemroot%\system32\drivers\*.rmv >< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >< dir /b "%systemroot%\*.exe" | find /i " " /c >< %PROGRAMFILES%\Microsoft\*.* >< %systemroot%\System32\Wbem\proquota.exe >< %PROGRAMFILES%\Mozilla Firefox\*.dat >< %USERPROFILE%\Cookies\*.txt /x >[2010/10/08 13:31:33 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Fran\Cookies\index.dat< %SystemRoot%\system32\fonts\*.* >< %systemroot%\system32\winlog\*.* >< %systemroot%\system32\Language\*.* >< %systemroot%\system32\Settings\*.* >< %systemroot%\system32\*.quo >< %SYSTEMROOT%\AppPatch\*.exe >< %SYSTEMROOT%\inf\*.exe >[2007/06/27 17:48:40 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe< %SYSTEMROOT%\Installer\*.exe >< %systemroot%\system32\config\*.bak2 >< %systemroot%\system32\Computers\*.* >< %SystemRoot%\system32\Sound\*.* >< %SystemRoot%\system32\SpecialImg\*.* >< %SystemRoot%\system32\code\*.* >< %SystemRoot%\system32\draft\*.* >< %SystemRoot%\system32\MSSSys\*.* >< %ProgramFiles%\Javascript\*.* >< %systemroot%\pchealth\helpctr\System\*.exe /s >< %systemroot%\Web\*.exe >< %systemroot%\system32\msn\*.* >< %systemroot%\system32\*.tro >< %AppData%\Microsoft\Installer\msupdates\*.* >< %ProgramFiles%\Messenger\*.exe >[2008/04/13 19:14:14 | 001,695,232 | -HS- | M] (Microsoft Corporation) -- C:\Programmi\Messenger\msmsgs.exe[2002/08/20 17:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Messenger\msmsgsin.exe< %systemroot%\system32\systhem32\*.* >< %systemroot%\system\*.exe >< %USERPROFILE%\Templates\*.tmp >< %SYSTEMDRIVE%\explorexxx.exe\*.* >< %Windir%\Installer\*.tmp >[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]< %systemroot%\System32\*.xco >< %ProgramFiles%\system32\*.* >< %systemroot%\System32\windos\*.* >< %SystemRoot%\system32\sandbox\*.* >< %SystemRoot%\system32\*.amo >< %SystemRoot%\system32\Windows Live\*.* >< %ProgramFiles%\logs\*.* >< %ProgramFiles%\Bifrost\*.* >< %SystemRoot%\system32\*.goo >< %systemroot%\system32\IME\*.* >< %systemroot%\BackUp\*.* >< %systemroot%\system32\*.ico >[2007/05/18 20:09:16 | 000,001,406 | ---- | M] () -- C:\WINDOWS\system32\Help.ico[2007/05/18 20:09:16 | 000,002,550 | ---- | M] () -- C:\WINDOWS\system32\Uninstall.ico< %systemroot%\system\*.dat >< %systemroot%\system\*.exe >< %AppData%\Macromedia\Common\*.* >< %SYSTEMDRIVE%\dir\*.* /s >< %systemroot%\system32\ras\*.exe >< %SYSTEMDRIVE%\MFILES\*.* >< %SYSTEMDRIVE%\mDNSRespon.exe\*.* >< %systemroot%\system32\services\*.* >< %systemroot%\Spooler\*.* >< %ProgramFiles%\system32\*.* >< %systemroot%\system32\Setup\*.dll /x >< %systemroot%\system32\*.mine >< %SYSTEMDRIVE%\cleansweep.exe\*.* >< %systemroot%\system32\ras\*.dll >< %systemroot%\system32\ras\*.drv >< %systemroot%\*.iq >< %systemroot%\system32\XP\*.* >< %SYSTEMDRIVE%\Extracted\*.* >< %systemroot%\system32\windows\*.* >< %systemroot%\logs\*.* >< %SYSTEMDRIVE%\Win.Msi\*.* >< %systemroot%\regedit\*.* >< %systemroot%\system32\skype\*.* >< %AppData%\Adobe\dlluplwin25\*.* >< %UserProfile%\*.dat >[2010/10/07 23:34:27 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Fran\ntuser.dat< %UserProfile%\*.dll >< %systemroot%\system32\*.sxo >< %SYSTEMDRIVE%\Gazma\*.* /s >< %systemroot%\system32\spynet\*.* >< %systemroot%\system32\System\*.* >< %appdata%\Microsoft\Windows\*.* >< %systemroot%\system32\WinDir\*.* >< %systemroot%\_\*.* >< %systemroot%\system32\windows32\*.* >< %ProgramFiles%\win\*.* >< %AppData%\Microsoft\CD Burning\*.* >< %systemroot%\*.cab >< %systemroot%\K.Backup\*.* >< %ProgramFiles%\Massenger\*.* >< %systemroot%\System32\*.doc >< %systemroot%\Office12\*.* >< %systemroot%\System32\Rundl32.exe\*.* >< %ProgramFiles%\yahoo.net\*.* >< %systemroot%\system32\*.igo >< %systemroot%\*.rew >< %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe >< %USERPROFILE%\.COMMgr\*.* >< %USERPROFILE%\Desktop\*.bat >< %PROGRAMFILES%\Common Files\Real\visualizations\*.* >< %PROGRAMFILES%\Internet Explorer\*.Jmp >< %PROGRAMFILES%\Windows NT\system\*.dll >< %systemroot%\system32\*.ext >< %systemroot%\system32\Com\*.cfg >< %systemroot%\system32\btz\*.* >< %systemroot%\system32\EMP\*.* >< %systemroot%\system32\expo\*.* >< %systemroot%\system32\inet2\*.* >< %systemroot%\system32\xrem\*.* >< %ProgramFiles%\Microsoft\*.* >< %systemroot%\usgwmt\*.* >< %ProgramFiles%\B\*.* >< %SYSTEMDRIVE%\lspp\*.* >< %systemroot%\Kral\*.* >< %SYSTEMDRIVE%\windowsdvd.exe\*.* >< %systemroot%\system32\*.ipo >< %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* >< %systemroot%\system32\*.mof >< %systemroot%\*.atm >< %systemroot%\system32\svhost\*.* >< %ProgramFiles%\system32\*.* >< %ProgramFiles%\Docmentt\*.* >< %systemroot%\Help\*.vbs >< %ProgramFiles%\Windows WinSxs\*.* /s >< %ProgramFiles%\Outlook Express\IDT\*.* /s >< %ProgramFiles%\Microsoft Office\365\*.* /s >< %ProgramFiles%\Windows Live\*.* >< %systemroot%\system32\win32\*.* >< %SYSTEMDRIVE%\RECYCLER\*.* >< %systemroot%\Fresh1\*.* >< %ProgramFiles%\Kekj\*.* /s >< %systemroot%\GDU\*.* >< %systemroot%\KA\*.* >< %systemroot%\R\*.* >< %systemroot%\system32\*.fyo >< %USERPROFILE%\System\*.* >< %systemroot%\Source\*.* >< %systemroot%\system32\ac\*.* >< %ProgramFiles%\MSDN\*.* >< %AppData%\AdobeUM\winvcldll54\*.* /s >< %ProgramFiles%\Internet Explorer\*.ico >< %systemroot%\system32\*.ojo >< %systemroot%\system32\d323s\*.* >< %systemroot%\system32\re\*.* >< %UserProfile%\Microsoft\*.dll >< %UserProfile%\Microsoft\*.log >< %systemroot%\Bios\*.* >< %ProgramFiles%\Spool\*.* >< %ProgramFiles%\promp3\*.* >< %SYSTEMDRIVE%\Driver\*.* /s >< %SYSTEMDRIVE%\inetserver.exe\*.* >< %systemroot%\java\trustlib\*.* >< %ProgramFiles%\Common Files\designer\*.exe >< %ProgramFiles%\*. >[2008/07/04 21:53:33 | 000,000,000 | ---D | M] -- C:\Programmi\AC3File[2008/07/04 21:57:51 | 000,000,000 | ---D | M] -- C:\Programmi\AC3Filter[2010/09/13 23:02:39 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe[2008/12/12 14:55:27 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe(2)[2008/12/12 14:46:58 | 000,000,000 | ---D | M] -- C:\Programmi\Adobe(3)[2007/03/29 13:18:51 | 000,000,000 | ---D | M] -- C:\Programmi\Ahead[2008/12/12 14:58:06 | 000,000,000 | ---D | M] -- C:\Programmi\Apple Software Update[2007/03/23 17:21:06 | 000,000,000 | ---D | M] -- C:\Programmi\ArtisanDVDPlayer[2009/09/14 18:37:18 | 000,000,000 | ---D | M] -- C:\Programmi\Belkin[2007/05/11 14:37:45 | 000,000,000 | ---D | M] -- C:\Programmi\BHODemon 2[2007/08/19 21:11:15 | 000,000,000 | ---D | M] -- C:\Programmi\Canon[2009/10/17 11:52:09 | 000,000,000 | ---D | M] -- C:\Programmi\CCleaner[2007/03/19 22:03:26 | 000,000,000 | ---D | M] -- C:\Programmi\ComPlus Applications[2009/02/26 00:33:43 | 000,000,000 | ---D | M] -- C:\Programmi\CramMaster[2008/06/08 19:53:05 | 000,000,000 | ---D | M] -- C:\Programmi\DivX[2009/09/30 14:40:56 | 000,000,000 | ---D | M] -- C:\Programmi\eMule[2010/10/07 22:33:19 | 000,000,000 | ---D | M] -- C:\Programmi\ERUNT[2010/09/08 22:24:19 | 000,000,000 | ---D | M] -- C:\Programmi\File comuni[2009/02/01 12:49:10 | 000,000,000 | ---D | M] -- C:\Programmi\Freeware PDF Unlocker[2009/11/14 22:51:34 | 000,000,000 | ---D | M] -- C:\Programmi\Google[2007/03/20 23:42:49 | 000,000,000 | ---D | M] -- C:\Programmi\Hewlett-Packard[2010/04/12 14:03:56 | 000,000,000 | ---D | M] -- C:\Programmi\Hide My IP[2009/09/15 19:44:34 | 000,000,000 | ---D | M] -- C:\Programmi\HP[2009/09/14 18:37:14 | 000,000,000 | -H-D | M] -- C:\Programmi\InstallShield Installation Information[2007/03/19 23:09:45 | 000,000,000 | ---D | M] -- C:\Programmi\Intel[2010/09/16 12:04:34 | 000,000,000 | ---D | M] -- C:\Programmi\Internet Explorer[2010/09/13 21:38:33 | 000,000,000 | ---D | M] -- C:\Programmi\Java[2008/12/13 21:49:03 | 000,000,000 | ---D | M] -- C:\Programmi\Lead Pursuit[2010/09/08 19:01:30 | 000,000,000 | ---D | M] -- C:\Programmi\Malwarebytes' Anti-Malware[2010/09/15 23:36:40 | 000,000,000 | ---D | M] -- C:\Programmi\Messenger[2007/10/12 19:09:21 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft ActiveSync[2007/03/19 22:08:11 | 000,000,000 | ---D | M] -- C:\Programmi\microsoft frontpage[2008/11/04 13:28:30 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Office[2010/08/28 18:57:15 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Security Essentials[2007/04/27 20:52:10 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Works[2007/04/25 22:25:53 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft Works Suite 2003[2007/10/12 19:09:32 | 000,000,000 | ---D | M] -- C:\Programmi\Microsoft.NET[2010/09/16 11:59:33 | 000,000,000 | ---D | M] -- C:\Programmi\Movie Maker[2010/04/09 16:47:45 | 000,000,000 | ---D | M] -- C:\Programmi\MSBuild[2008/11/04 13:28:06 | 000,000,000 | ---D | M] -- C:\Programmi\MSECache[2007/03/19 22:02:43 | 000,000,000 | ---D | M] -- C:\Programmi\MSN[2007/03/19 22:02:27 | 000,000,000 | ---D | M] -- C:\Programmi\MSN Gaming Zone[2009/09/16 17:04:54 | 000,000,000 | ---D | M] -- C:\Programmi\MSXML 4.0[2010/04/09 16:41:11 | 000,000,000 | ---D | M] -- C:\Programmi\MSXML 6.0[2010/09/15 17:33:52 | 000,000,000 | ---D | M] -- C:\Programmi\NetMeeting[2010/04/11 18:51:18 | 000,000,000 | ---D | M] -- C:\Programmi\OpenVPN[2010/09/15 23:31:12 | 000,000,000 | ---D | M] -- C:\Programmi\Outlook Express[2007/05/27 00:28:34 | 000,000,000 | ---D | M] -- C:\Programmi\Panicware[2008/12/01 01:01:46 | 000,000,000 | ---D | M] -- C:\Programmi\Pass4Side[2009/02/08 00:29:00 | 000,000,000 | ---D | M] -- C:\Programmi\Pass4sure[2010/09/22 14:56:35 | 000,000,000 | ---D | M] -- C:\Programmi\PcBugDoctor[2009/09/11 12:58:00 | 000,000,000 | ---D | M] -- C:\Programmi\Pirelli[2007/05/27 00:28:33 | 000,000,000 | ---D | M] -- C:\Programmi\PopupPopper[2008/12/12 14:58:04 | 000,000,000 | ---D | M] -- C:\Programmi\QuickTime[2010/05/23 21:01:58 | 000,000,000 | ---D | M] -- C:\Programmi\Real[2007/03/22 23:09:52 | 000,000,000 | ---D | M] -- C:\Programmi\RealVNC[2010/04/09 16:47:27 | 000,000,000 | ---D | M] -- C:\Programmi\Reference Assemblies[2008/12/12 22:33:00 | 000,000,000 | ---D | M] -- C:\Programmi\RegDoctor[2007/03/19 22:06:28 | 000,000,000 | ---D | M] -- C:\Programmi\Servizi in linea[2007/05/07 14:10:37 | 000,000,000 | ---D | M] -- C:\Programmi\Skype[2010/07/06 19:17:06 | 000,000,000 | ---D | M] -- C:\Programmi\SpeedFan[2010/09/03 19:13:07 | 000,000,000 | ---D | M] -- C:\Programmi\Trend Micro[2010/04/08 11:47:32 | 000,000,000 | ---D | M] -- C:\Programmi\UltraVPN[2007/03/19 22:48:42 | 000,000,000 | -H-D | M] -- C:\Programmi\Uninstall Information[2007/03/19 23:05:34 | 000,000,000 | ---D | M] -- C:\Programmi\VIA Technologies, Inc[2010/08/18 13:18:22 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Live Safety Center[2007/04/05 14:41:26 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Components[2007/12/08 21:26:32 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Connect 2[2010/09/15 17:33:44 | 000,000,000 | ---D | M] -- C:\Programmi\Windows Media Player[2010/09/15 17:33:42 | 000,000,000 | ---D | M] -- C:\Programmi\Windows NT[2007/03/20 23:34:39 | 000,000,000 | -H-D | M] -- C:\Programmi\WindowsUpdate[2008/12/12 20:51:10 | 000,000,000 | ---D | M] -- C:\Programmi\WinRAR[2007/03/19 22:08:11 | 000,000,000 | ---D | M] -- C:\Programmi\xerox[2009/10/13 13:35:07 | 000,000,000 | ---D | M] -- C:\Programmi\Yahoo!< %systemroot%\system32\*.tso >< %ALLUSERSPROFILE%\Documents\Server\*.* >< %systemroot%\*.pif >[2002/09/10 14:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif< %systemroot%\system32\n7533\*.* >< %systemroot%\Us18336\*.* >< %systemroot%\system32\*.zip >< %systemroot%\system32\*.wgo >< %ProgramFiles%\Microsoft Office\OFFICE11\*.* >[2002/11/29 19:03:34 | 000,001,652 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACCESS.PIP[2010/05/21 09:51:38 | 000,165,712 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ACCWIZ.DLL[2003/07/12 15:07:42 | 006,438,912 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZDAT.MDT[2007/03/21 00:06:08 | 001,728,512 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZLIB.MDE[2007/03/21 00:06:10 | 005,533,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZMAIN.MDE[2003/07/12 15:07:44 | 002,359,296 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ACWZUSR.MDT[2007/03/22 19:07:56 | 000,091,488 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ADDRPARS.DLL[2007/04/19 15:10:18 | 000,045,920 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\AUTHZAX.DLL[2007/03/22 20:29:56 | 000,099,160 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\AW.DLL[2002/07/29 16:32:10 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\BIDI32.DLL[2007/04/19 15:07:38 | 000,066,400 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\BLNMGR.DLL[2007/04/19 15:07:34 | 000,052,064 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\BLNMGRPS.DLL[2007/03/22 20:06:08 | 000,355,168 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\CDLMSO.DLL[1999/01/15 15:20:40 | 000,112,351 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\CLIPPIT.ACG[1999/01/15 15:20:42 | 002,904,417 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\CLIPPIT.ACS[2008/08/11 12:52:46 | 000,080,392 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DLGSETP.DLL[1999/01/15 15:20:14 | 000,032,191 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\DOT.ACG[2007/03/22 20:23:32 | 000,019,800 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DSITF.DLL[2007/05/10 14:44:02 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\DSSM.EXE[2008/01/14 21:51:06 | 000,137,736 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\ENVELOPE.DLL[2010/06/23 17:14:32 | 010,354,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE[2003/03/20 00:23:56 | 000,001,652 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\EXCEL.PIP[2005/03/01 15:27:48 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXCHCSP.DLL[2009/12/11 13:50:58 | 000,079,660 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\EXLPRTID.XML[2009/06/15 16:43:00 | 000,350,024 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\EXSEC32.DLL[1999/01/15 15:20:42 | 000,162,709 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\F1.ACG[2007/03/22 20:06:34 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FINDER.EXE[2007/06/06 13:46:12 | 001,961,312 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FPCUTL.DLL[2007/04/19 15:15:26 | 000,192,344 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\FPDTC.DLL[2009/06/22 21:14:58 | 001,700,168 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\GDIPLUS.DLL[2007/04/19 14:57:32 | 002,152,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\GRAPH.EXE[1998/12/08 20:53:54 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\HLP95EN.DLL[2007/04/19 15:10:30 | 000,116,576 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\IEAWSDC.DLL[2008/02/06 22:33:38 | 000,127,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\IMPMAIL.DLL[2007/03/20 19:35:08 | 000,000,619 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\INTLBAND.HTM[2007/03/22 20:25:44 | 000,067,424 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\INTLDATE.DLL[1999/01/15 15:20:46 | 000,127,537 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\LOGO.ACG[2007/04/19 15:00:16 | 000,103,256 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MCPS.DLL[2007/12/14 19:46:54 | 000,182,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MIMEDIR.DLL[2007/03/22 19:06:46 | 000,033,120 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MLSHEXT.DLL[1999/01/15 15:20:46 | 000,104,616 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MNATURE.ACG[2003/07/30 13:35:36 | 000,422,456 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSACC.OLB[2010/01/14 17:53:24 | 006,700,888 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSACCESS.EXE[2007/01/16 21:32:54 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSAEXP30.DLL[1997/07/11 01:00:00 | 000,003,819 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.CNT[2002/09/17 07:47:36 | 000,000,335 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.DEP[1997/07/11 16:37:00 | 000,068,359 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.HLP[2007/03/22 20:15:56 | 000,120,152 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSCAL.OCX[2007/03/22 20:16:44 | 000,134,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSJSPP40.DLL[2000/04/03 14:13:40 | 000,003,638 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSN.ICO[2007/04/19 15:10:34 | 000,127,840 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOAUTH.DLL[2007/03/22 20:04:52 | 000,109,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOCF.DLL[2007/03/22 20:04:52 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOCFU.DLL[2007/03/22 20:29:22 | 000,031,072 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSODCW.DLL[2003/07/14 23:52:58 | 000,067,128 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOHEV.DLL[2007/04/19 15:07:38 | 000,061,280 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOHTMED.EXE[2007/04/19 15:07:24 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOSTYLE.DLL[2007/04/19 15:07:32 | 000,045,408 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOSVFBR.DLL[2007/03/22 20:08:34 | 000,203,104 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOUTL.OLB[2003/04/09 17:20:56 | 000,001,900 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\MSOUTLO.PIP[2000/11/09 11:49:16 | 001,200,177 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSOWCW.DLL[2007/03/22 20:05:32 | 000,251,224 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSPPT.OLB[2007/03/22 20:15:52 | 000,076,128 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSRTEDIT.DLL[2007/04/19 15:00:30 | 000,637,792 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORDB.EXE[2007/04/19 15:00:22 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORE.EXE[2007/04/19 15:00:30 | 000,489,824 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSTORES.DLL[2001/01/23 13:41:10 | 000,831,562 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSUSP.DLL[2007/04/19 15:09:02 | 000,157,024 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSWEBCAP.DLL[2007/03/22 20:05:50 | 000,668,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MSWORD.OLB[2003/03/04 17:57:20 | 000,141,952 | ---- | M] (Microsoft) -- C:\Programmi\Microsoft Office\OFFICE11\MULTIMGR.DLL[2001/01/29 21:03:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\MULTIQ.DLL[2007/04/19 15:10:26 | 000,080,216 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\NAME.DLL[2001/01/23 12:15:48 | 000,001,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISECHS.TXT[2001/01/23 12:15:48 | 000,001,696 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISECHT.TXT[2001/01/23 12:15:50 | 000,149,848 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEDEU.TXT[2001/01/23 12:15:50 | 000,000,755 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEENG.TXT[2001/01/23 12:15:50 | 000,000,755 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEENU.TXT[2001/01/23 12:15:50 | 000,019,684 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEESN.TXT[2001/01/23 12:15:50 | 000,049,196 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEFRA.TXT[2001/01/23 12:15:50 | 000,019,618 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEITA.TXT[2001/01/23 12:15:50 | 000,002,060 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEJPN.TXT[2001/01/23 12:15:50 | 000,001,486 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISEKOR.TXT[2001/01/23 12:15:50 | 000,000,745 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISENEU.TXT[2001/01/23 12:15:50 | 000,013,256 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISENLD.TXT[2001/01/23 12:15:50 | 000,013,730 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISESVE.TXT[2001/01/23 12:15:50 | 000,000,697 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\NOISETHA.TXT[2007/03/22 20:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\NPOFFICE.DLL[1999/01/15 15:20:46 | 000,136,869 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OFFCAT.ACG[2007/03/22 20:06:22 | 000,287,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OIS.EXE[2003/04/25 18:27:54 | 000,000,420 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OIS.PIP[2007/04/19 14:50:52 | 000,837,472 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OISAPP.DLL[2007/03/22 20:06:08 | 000,046,432 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\oisctrl.dll[2007/03/22 20:06:22 | 000,245,600 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OISGRAPH.DLL[2007/11/19 20:38:52 | 000,236,040 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OLKFSTUB.DLL[2009/12/11 13:50:58 | 000,079,692 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OLKPRTID.XML[2007/04/19 15:09:46 | 001,061,720 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OMFC.DLL[2003/07/12 04:59:46 | 000,016,504 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OPW11USR.INI[2007/04/19 14:52:16 | 000,030,560 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLACCT.DLL[2009/08/05 10:45:04 | 000,106,312 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\OUTLCTL.DLL[2010/07/29 12:29:38 | 003,609,408 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLFLTR.DAT[2005/11/04 14:36:46 | 000,307,440 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLFLTR.DLL[2010/05/20 15:19:18 | 007,627,608 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLLIB.DLL[2009/04/10 16:47:34 | 000,102,744 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLMIME.DLL[2010/05/20 15:19:06 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLOOK.EXE[2007/11/19 20:38:32 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLPH.DLL[2009/02/09 21:28:22 | 000,066,904 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLRPC.DLL[2007/04/19 13:52:54 | 000,050,016 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLVBS.DLL[2007/03/22 20:07:28 | 000,052,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OUTLWAB.DLL[2007/04/19 15:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OWSCLT.DLL[2007/04/19 15:10:18 | 000,099,680 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\OWSSUPP.DLL[2010/04/17 00:14:14 | 006,418,776 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\POWERPNT.EXE[2003/03/20 00:23:38 | 000,001,532 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\POWERPOI.PIP[2009/12/11 13:50:58 | 000,079,716 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\PPTPRTID.XML[2010/01/14 17:48:00 | 001,790,808 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\PPTVIEW.EXE[2007/03/22 20:18:32 | 000,116,576 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\PROFLWIZ.EXE[2007/03/22 19:07:10 | 000,041,824 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\RECALL.DLL[2003/03/25 12:45:28 | 000,005,974 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REFBAR.ICO[2003/03/25 12:45:28 | 000,005,974 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REFBARH.ICO[2007/06/06 13:07:40 | 000,100,192 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\REFEDIT.DLL[2007/04/19 15:10:18 | 000,063,840 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL[2003/02/19 14:05:30 | 000,108,800 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\REMINDER.WAV[2002/12/14 00:30:44 | 000,002,664 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\RESETO11.OPS[1999/01/15 15:20:14 | 000,123,149 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\ROCKY.ACG[2007/03/22 20:09:02 | 000,394,080 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\RTFHTML.DLL[2007/03/22 20:25:58 | 000,218,456 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SAEXT.DLL[2007/03/22 20:07:40 | 000,069,984 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SENDTO.DLL[2007/04/19 15:10:20 | 000,065,888 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SEQCHK10.DLL[2007/04/19 15:04:10 | 000,390,496 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SETLANG.EXE[2003/06/02 13:58:08 | 000,262,216 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\SMSW.CHM[2007/05/10 14:42:52 | 000,450,392 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\SOA.DLL[2007/05/10 14:42:52 | 002,839,904 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\STSLIST.DLL[2007/04/19 15:10:28 | 000,185,696 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\STSUPLD.DLL[2007/03/22 20:25:44 | 000,079,200 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\UCSCRIBE.DLL[2002/10/30 13:21:18 | 000,246,424 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\UNICOWS.DLL[2001/01/23 12:46:56 | 000,013,576 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPDAT10.XML[2001/01/23 12:46:58 | 000,113,911 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPMAP.XML[2001/01/23 12:46:56 | 000,167,035 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\USPTYPES.XML[2008/04/15 21:13:57 | 000,479,232 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\UTILITY.MDA[2003/04/02 12:21:12 | 000,111,632 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WAVTOASF.EXE[2003/01/13 16:04:18 | 000,092,752 | ---- | M] (Indicus Pvt. Ltd for Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WDBIMP.DLL[2010/06/23 17:07:02 | 012,315,992 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE[2003/06/06 12:25:46 | 000,001,764 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WORD.PIP[2002/12/02 16:54:08 | 000,001,532 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WORDMAIL.PIP[2009/12/11 13:51:00 | 000,079,676 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\WRDPRTID.XML[2000/09/27 12:27:48 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\WWPAB.CNV[2000/03/07 23:45:34 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\XL5EN32.OLB[1999/12/09 22:21:30 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\OFFICE11\XLCALL32.DLL[2003/05/29 13:22:08 | 000,010,217 | ---- | M] () -- C:\Programmi\Microsoft Office\OFFICE11\XML2WORD.XSL< %systemroot%\system32\dllcache\*.com >< %systemroot%\system32\dllchache\*.* >< %systemroot%\system32\038840\*.* >< %systemroot%\system32\13E92A\*.* >< %systemroot%\system32\1CB5AD\*.* >< %systemroot%\system32\52682A\*.* >< %USERPROFILE%\My Documents\*.htm >< %SYSTEMDRIVE%\Mr_CF\*.* >< %USERPROFILE%\My Documents\*.dll >< %USERPROFILE%\My Documents\*.ccc >< %systemroot%\system32\Sis\*.* >< %systemroot%\Microsft\*.* >< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-07 21:37:20< End of report >_____________________________________________________________________________________________________Windows Validation CheckVersion: 1.8.8.3Log Created On: 1237_08-10-2010-----------------------Windows Information-----------------------Windows Version: Windows XP Service Pack 3 Windows Mode: NormalWVCheck's Auto Update Check-----------------------Auto-Update Option: Download updates and install them automatically.-----------------------Last Success Time for Update Detection: 2010-10-07 20:54:50Last Success Time for Update Download: 2010-10-08 09:16:59Last Success Time for Update Installation: 2010-10-07 21:37:20WVCheck's Registry Check Check-----------------------Antiwpa: Not Found-----------------------Chew7Hale: Not Found-----------------------WVCheck's File Dump-----------------------WVCheck found no known bad files.WVCheck's Dir Dump-----------------------WVCheck found no known bad files.WVCheck's Missing File Check-----------------------WVCheck found no missing Windows files.WVCheck's MBAM Quarantine Check-----------------------There were no bad files quarantined by MBAM.WVCheck's HOSTS File Check-----------------------WVCheck found no bad lines in the hosts file.WVCheck's MD5 CheckEXPERIMENTAL!!-----------------------user32.dll - fa94696c0727bd59e517c674cd6e7c72-------- End of File, program close at 1237_08-10-2010 --------______________________________________________________________________________________________________GMER 1.0.15.15281 - http://www.gmer.netRootkit scan 2010-10-08 13:20:46Windows 5.1.2600 Service Pack 3Running: gmer.exe; Driver: C:\DOCUME~1\Fran\IMPOST~1\Temp\agpiyaoc.sys---- Registry - GMER 1.0.15 ----Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00158307c65a (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307c65a Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158307c65a (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158307c65a@0024034c5deb 0xB0 0x50 0x53 0x23 ...---- EOF - GMER 1.0.15 ----______________________________________________________________________________________________________________________ Link to post Share on other sites
Recommended Posts