ECCO IL REPORT DI COMBO FIX
ComboFix 08-05-01.3 - Stefano 2008-05-04 11:23:55.1 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1040.18.176 [GMT 2:00]
Eseguito da: C:\Users\Stefano\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Condizioni generali.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Disinstalla.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Riservatezza.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Website.url
C:\Users\Stefano\AppData\Local\qohany.dat
c:\users\stefano\appdata\local\qohany.exe
C:\Users\Stefano\AppData\Local\qohany_nav.dat
C:\Users\Stefano\AppData\Local\qohany_navps.dat
C:\Windows\Downloaded Program Files\setup.inf
C:\Windows\system32\x64
.
((((((((((((((((((((((((( Files Creati Da 2008-04-04 al 2008-05-04 )))))))))))))))))))))))))))))))))))
.
Nessun nuovo file creato in questo arco di tempo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-04 01:04 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-03 10:22 --------- d-----w C:\Program Files\Microsoft Works
2008-05-03 10:20 --------- d-----w C:\Program Files\Microsoft.NET
2008-05-03 09:39 --------- d-----w C:\Program Files\SlySoft
2008-05-02 15:25 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-05-02 11:25 --------- d-----w C:\Program Files\CCleaner
2008-05-02 11:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-02 11:20 39,808 ----a-w C:\Windows\system32\drivers\VIRAGTLT.SYS
2008-05-02 08:59 --------- d-----w C:\Program Files\Panerai
2008-05-01 10:42 --------- d-----w C:\Users\Stefano\AppData\Roaming\LimeWire
2008-04-25 15:22 --------- d-----w C:\Users\Stefano\AppData\Roaming\Azureus
2008-04-25 15:10 --------- d-----w C:\ProgramData\Azureus
2008-04-19 13:05 --------- d-----w C:\Users\Stefano\AppData\Roaming\PeerNetworking
2008-04-19 08:24 --------- d-----w C:\Program Files\Microsoft FrontPage
2008-04-19 08:22 --------- d-----w C:\Users\Stefano\AppData\Roaming\Microsoft Web Folders
2008-04-13 14:31 --------- d-----w C:\Users\Stefano\AppData\Roaming\Panasonic
2008-04-13 01:14 --------- d-----w C:\Program Files\Windows Mail
2008-04-12 09:36 --------- d-----w C:\ProgramData\Lavasoft
2008-04-12 09:33 --------- d-----w C:\Program Files\Lavasoft
2008-04-12 09:32 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-05 16:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-03 17:56 --------- d-----w C:\Program Files\iTunes
2008-04-03 17:56 --------- d-----w C:\Program Files\iPod
2008-04-03 17:51 --------- d-----w C:\Program Files\QuickTime
2008-04-02 18:25 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-04-02 18:25 67,080 ----a-w C:\Windows\system32\drivers\avgwfpx.sys
2008-04-02 18:25 12,424 ----a-w C:\Windows\system32\drivers\avgrkx86.sys
2008-04-02 18:25 10,520 ----a-w C:\Windows\System32\avgrsstx.dll
2008-04-02 18:24 --------- d-----w C:\ProgramData\avg8
2008-04-02 18:24 --------- d-----w C:\Program Files\AVG
2008-04-02 17:52 --------- d---a-w C:\ProgramData\TEMP
2008-03-29 15:38 --------- d-----w C:\Program Files\Java
2008-03-25 08:01 --------- d-----w C:\ProgramData\Symantec
2008-03-10 19:46 --------- d-----w C:\Program Files\AliveMedia
2008-03-09 09:49 --------- d-----w C:\Program Files\Panasonic
2008-03-08 10:52 --------- d-----w C:\Program Files\JetAudio
2008-03-08 10:31 --------- d-----w C:\Program Files\KaraFont 1.1
2008-03-08 10:28 74,752 ----a-w C:\Windows\ST6UNST.EXE
2008-03-08 10:28 290,816 ------w C:\Windows\Setup1.exe
2008-03-07 18:02 --------- d-----w C:\Program Files\LimeWire
2008-03-06 18:30 --------- d-----w C:\Program Files\Silvercrest OM1007 driver
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-15 19:34 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 17:42 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 17:42 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 17:41 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 17:41 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 17:41 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 17:40 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 17:40 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 17:40 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 17:40 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-14 17:40 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 17:40 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 17:40 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2007-08-31 11:25 174 --sha-w C:\Program Files\desktop.ini
2007-05-27 14:22 92,064 ----a-w C:\Users\Stefano\mqdmmdm.sys
2007-05-27 14:22 9,232 ----a-w C:\Users\Stefano\mqdmmdfl.sys
2007-05-27 14:22 79,328 ----a-w C:\Users\Stefano\mqdmserd.sys
2007-05-27 14:22 66,656 ----a-w C:\Users\Stefano\mqdmbus.sys
2007-05-27 14:22 6,208 ----a-w C:\Users\Stefano\mqdmcmnt.sys
2007-05-27 14:22 5,936 ----a-w C:\Users\Stefano\mqdmwhnt.sys
2007-05-27 14:22 4,048 ----a-w C:\Users\Stefano\mqdmcr.sys
2007-05-27 14:22 25,600 ----a-w C:\Users\Stefano\usbsermptxp.sys
2007-05-27 14:22 22,768 ----a-w C:\Users\Stefano\usbsermpt.sys
2007-12-19 20:19 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-12-19 20:19 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-12-19 20:19 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 20:44 1232896]
"TOSCDSPD"="TOSCDSPD.EXE" []
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"Simple Star PhotoShow Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 15:18 202024]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [ ]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 09:20 222080]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-14 11:28 1006264]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-14 20:07 411768]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2006-12-07 17:49 55416]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2006-12-14 20:09 493688]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-11 18:27 530552]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-12-07 21:25 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-07 21:25 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-12-07 21:25 81920]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-15 08:03 1021224]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-07 15:50 3772416 C:\Windows\RtHDVCpl.exe]
"NDSTray.exe"="NDSTray.exe" []
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2006-12-15 18:11 577536]
"snpstd"="C:\Windows\vsnpstd.exe" [2005-10-11 20:54 339968]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-08-24 19:54 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-08-24 19:54 154136]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-08-24 19:54 129560]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 06:31 102400]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 11:22 517768]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"KMCONFIG"="C:\Program Files\Silvercrest OM1007 driver\StartAutorun.exe" [2007-03-06 15:51 212992]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2006-12-16 08:29 77824]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-04-02 20:46 1177368]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21 57344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Avvio veloce di Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2008-03-09 11:46:30 63696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"midi1"= rdsmidnt.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{62799672-ABC3-40FE-9013-7B2BAA4EC904}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E8E9BF80-574F-45AA-8A4A-8845825FC0A9}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{B51E4DC0-19DA-47A8-8DB5-3EF0D9FF0A7E}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{3A1AB719-49E3-4AA8-8DBC-34C11A3EF517}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{108B461C-275E-4AC2-AEC4-6B9185D773F7}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{1DCBEA6F-AD6F-4B14-8D26-5CC27CF42D95}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{3E640610-CF37-4373-8235-F79FA722B685}C:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:C:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{AE1446FE-C1CB-4546-A3B8-DE20B057EB3A}C:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:C:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"{4AB6D633-C0AC-402A-827B-33E0C370029B}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager
"{391AE585-405A-4E09-B6DA-E93D9BE3E7B1}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager
"{8790CB98-BD22-4D64-948A-852E3BDB9C97}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager
"{A72B10AE-BABC-4C4D-87AB-585AE00D019F}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager
"{C230ED38-09C1-4156-A254-C8E2BA92DEBF}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application
"{6A6B7ED7-2052-48BE-B61B-14677AF8AE02}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application
"{2FA34528-04D3-4036-80AD-5C7634F0FE5B}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service
"{A58F976F-2C78-4FD8-8F31-AEC1F7EA43D7}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager
"{F46F41A7-6AED-4008-AF53-BA62D5A6E569}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager
"{13C3FC43-E2AC-4121-B355-F10F037B15CE}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager
"{163DA05B-6EAB-421F-8E38-A02EAAD600B9}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager
"{04BC7B1D-BC60-4ADB-B06C-4D5E7BBB887E}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application
"{F1EA5E5D-381A-43DD-BB9E-5C3C526E42DD}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application
"{81DA6686-FE93-4EE8-8CAC-184697AE95E4}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service
"TCP Query User{0BD4E43F-73E4-4BE4-910B-9B0E7509D9E9}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{3DD0CA6A-A0B9-4E20-8B09-2D83DA6BC190}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{67266DC1-A3EB-47AB-A9C5-D7F3AF3FC58F}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{BB151EC9-DCA5-4C77-BD87-829374369C38}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"{A8A606DC-A70A-496C-8F2B-92D8C4B08D60}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{B0792EC4-98C9-48FD-B05B-87464E291198}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{B1B78C87-A792-4806-8CA2-E97FC3672D15}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{D24E1CED-986F-44A5-9185-A9199D8D0ADC}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{7865449B-5676-420A-B0D5-5C4FE419ED32}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{BF482A60-576F-4FA9-A4E8-59BA9FAB3954}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{E2D238C4-8A18-41D3-8794-011F23A74871}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{AAA01B04-E221-4A07-81B1-360F204A08DA}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{011F0FFD-2EE7-4972-9AE1-3EFFDC7114AE}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7E74AF3F-271F-4BD2-9C58-2B1C362DFD7A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{9AE79233-7A7C-4916-8AD8-71E0F3B82E5D}C:\\program files\\kazaa lite k++\\kazaalite.kpp"= UDP:C:\program files\kazaa lite k++\kazaalite.kpp:KazaaLite.kpp
"UDP Query User{3B692057-C806-4296-9966-654149E60640}C:\\program files\\kazaa lite k++\\kazaalite.kpp"= TCP:C:\program files\kazaa lite k++\kazaalite.kpp:KazaaLite.kpp
"TCP Query User{9CFD45AC-30D0-4AA3-A68F-E469B64D59B4}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{2F2672A6-AD32-45AE-BB2E-A840942893A0}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"{3E03E645-C6E7-4163-9928-9D99C624E13E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9495132F-6889-40D3-91E1-51A51183CE16}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{17951486-EFE3-4A0E-8CA3-D2779810DAAC}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{58DD4D98-9439-4834-8430-5A9D61EF9486}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{AFA3511E-A17D-432B-9DC7-05467AF85B60}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{DA866D46-108E-47B6-81E7-E0E86847BBB2}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{F4BFB824-B08B-4236-AC10-58B00048974D}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{5C23B377-2FAA-45DE-BA83-FC55E988E0B9}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{16991E23-BDA5-451C-80B1-BB9B0AAC80E2}C:\\program files\\adunanza\\emule_adnza.exe"= UDP:C:\program files\adunanza\emule_adnza.exe:eMule
"UDP Query User{60CE0AA8-3918-4D25-A3BA-1BA065226DC7}C:\\program files\\adunanza\\emule_adnza.exe"= TCP:C:\program files\adunanza\emule_adnza.exe:eMule
"{FC4D9ABD-8E55-42C1-AB7C-F0CE472BE69E}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\avgrkx86.sys [2008-04-02 20:25]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-04-02 20:25]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-04-02 20:24]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-04-02 20:24]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-04-02 20:24]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files\Silvercrest OM1007 driver\KMWDSrv.exe [2007-06-16 10:30]
R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 23:40]
R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-04-02 20:25]
R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-19 23:11]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 19:39]
R3 KMWDFilter;KMWDFilter;C:\Windows\System32\Drivers\KMWDFilter.SYS [2007-06-13 12:09]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 12:50]
S3 btwaudio;Periferica audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-04-02 10:25]
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2007-04-02 10:25]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-02 10:26]
S3 tosrfec;Bluetooth ACPI;C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 17:32]
S4 KR10I;KR10I;C:\Windows\system32\drivers\kr10i.sys [2006-02-14 19:50]
S4 KR10N;KR10N;C:\Windows\system32\drivers\kr10n.sys [2006-02-14 19:41]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
*Newly Created Service* - CATCHME
.
Contenuto della cartella 'Scheduled Tasks'
"2008-05-02 15:14:34 C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
"2008-05-03 16:05:31 C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-04 11:37:53
Windows 6.0.6000 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2008-05-04 11:39:37
ComboFix-quarantined-files.txt 2008-05-04 09:39:07
Impossibile trovare il testo del messaggio per il numero di messaggio 0x2379 nel file di messaggio per Application.
Impossibile trovare il testo del messaggio per il numero di messaggio 0x2379 nel file di messaggio per Application.
269 --- E O F --- 2008-05-04 01:04:08
ECCO IL LOG FILE DI HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 11.47.59, on 04/05/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Silvercrest OM1007 driver\StartAutorun.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Silvercrest OM1007 driver\KMConfig.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Silvercrest OM1007 driver\KMProcess.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\Stefano\AppData\Local\Temp\Rar$EX00.556\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Silvercrest OM1007 driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Simple Star PhotoShow Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
http://game05.zylom.com/activex/zylomgamesplayer.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{FF7B8048-CF03-498F-9612-87A824345111}: NameServer = 212.216.112.112,80.20.6.36
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest OM1007 driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
GRAZIE...
