Fantuccio

Hi guys, I'm new around here and I want to apologize first for the bad english (not my language :P). My antivirus keep spamming a "threat found" message, which directs to the system32/cewmd.dll file. This file cannot be deleted or moved in any way, though. Also, I'm having an issue with an icon in the lower right corner that sometimes pops out an ad (which opens an IE page, blocked by my antivir) that says "Warning Spyware detected" and random bullshits.

I got the logs requested in the instructions, here they are.

I'm sorry if I've done something wrong. I also have an Hijackthis log, but since it is not requested in the instructions thread I've not posted it. Just ask if you need it :)

log.exe

Logfile of random's system information tool 1.04 (written by random/random)
Run by Enrico Fantini at 2008-11-01 11:59:42
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 21 GB (14%) free of 150 GB
Total RAM: 2046 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.59.47, on 01/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe
C:\Programmi\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\vsnpstd.exe
C:\Programmi\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\Microsoft LifeChat\LifeChat.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Programmi\QuickTime\qttask.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Programmi\Logitech\SetPoint\KEM.exe
C:\Programmi\Logitech\SetPoint\KHALMNPR.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programmi\Spyware Doctor\sdhelp.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Enrico Fantini\Desktop\gmer.exe
C:\Programmi\Symantec_Client_Security\Symantec AntiVirus\vpc32.exe
C:\Documents and Settings\Enrico Fantini\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programmi\HijackThis\Enrico Fantini.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.finderg.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0E00AB23-3C82-4C02-B18F-40F44636EE49} - C:\WINDOWS\system32\cewmd.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Programmi\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Programmi\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeChat] "C:\Programmi\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [advap32] C:\WINDOWS\system32\~.exe/r
O4 - HKLM\..\Run: [lphcghqj0er1l] C:\WINDOWS\system32\lphcghqj0er1l.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Programmi\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Clean Traces - C:\Programmi\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://labirreriadifantom.spaces.liv...d/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/.../GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://labirreriadifantom.spaces.liv...d/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: AutorunsDisabled - C:\WINDOWS\
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmi\Spyware Doctor\sdhelp.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: wampapache - Apache Software Foundation - M:\WoWServer\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - M:\WoWServer\wamp\mysql\bin\mysqld-nt.exe

--
End of file - 11379 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\LifeChatTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E00AB23-3C82-4C02-B18F-40F44636EE49}]
C:\WINDOWS\system32\cewmd.dll [2006-10-18 93184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
PCTools Site Guard - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll [2006-08-01 825528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
PCTools Browser Monitor - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll [2006-08-01 850104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Programmi\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"SunJavaUpdateSched"=C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
""= []
"ATIPTA"=C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-25 339968]
"DVDLauncher"=C:\Programmi\CyberLink\PowerDVD\DVDLauncher.exe []
"DMXLauncher"=C:\Programmi\Dell\Media Experience\DMXLauncher.exe [2005-01-27 86016]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035]
"ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe [2004-11-13 114800]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2004-06-08 29696]
"DAEMON Tools"=C:\Programmi\DAEMON Tools\daemon.exe [2005-11-08 128920]
"LogonStudio"=C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe /RANDOM []
"BootSkin Startup Jobs"=C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe [2004-04-26 270336]
"iTunesHelper"=C:\Programmi\iTunes\iTunesHelper.exe [2005-12-20 278528]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-05-10 286720]
"WinampAgent"=C:\Programmi\Winamp\winampa.exe [2007-05-14 35328]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"StartCCC"=C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"LifeChat"=C:\Programmi\Microsoft LifeChat\LifeChat.exe [2008-08-21 267296]
"QuickTime Task"=C:\Programmi\QuickTime\qttask.exe [2006-07-29 155648]
"advap32"=C:\WINDOWS\system32\~.exe/r []
"lphcghqj0er1l"=C:\WINDOWS\system32\lphcghqj0er1l.exe []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"UnlockerAssistant"=C:\Programmi\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Programmi\BitTorrent\bittorrent.exe --force_start_minimized []

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
Logitech SetPoint.lnk - C:\Programmi\Logitech\SetPoint\KEM.exe
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Enrico Fantini\Menu Avvio\Programmi\Esecuzione automatica
Adobe Gamma.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-07-04 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32]
C:\WINDOWS\system32\WinCtrl32.dll [2008-10-31 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-19 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winac71.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winaw10.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbv25.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wincp30.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windg73.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winev41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winfi22.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winfw16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wingl60.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winin31.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winka47.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winka81.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winkd12.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winkm50.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winll36.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winmc18.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winmj70.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winnd42.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winoj67.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winpa76.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winpf74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winro43.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winsk41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winsl22.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winuc41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winuf68.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winus47.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winye65.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winac71.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winaw10.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winbv25.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wincp30.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Windg73.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winev41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winfi22.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winfw16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wingl60.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winin31.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winka47.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winka81.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winkd12.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winkm50.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winll36.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winmc18.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winmj70.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winnd42.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winoj67.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winpa76.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winpf74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winro43.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winsk41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winsl22.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winuc41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winuf68.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winus47.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Winye65.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\Messenger\msmsgs.exe"="C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programmi\Skype\Skype.exe"="C:\Programmi\Skype\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\SYSTEM32\LEXPPS.EXE"="C:\WINDOWS\SYSTEM32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Programmi\Call of Duty\CoDMP.exe"="C:\Programmi\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\NeverwinterNights\NWN\nwmain.exe"="C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights"
"C:\Programmi\GameSpy Arcade\Aphex.exe"="C:\Programmi\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\WINDOWS\EXPLORER.EXE"="C:\WINDOWS\EXPLORER.EXE:*:Enabled:Esplora risorse"
"C:\Programmi\Save\Save.exe"="C:\Programmi\Save\Save.exe:*:Disabled:Save!"
"C:\Programmi\Internet Explorer\IEXPLORE.EXE"="C:\Programmi\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Programmi\Google\Google Earth Pro\GoogleEarth.exe"="C:\Programmi\Google\Google Earth Pro\GoogleEarth.exe:*:Enabled:Google Earth Pro"
"C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX02.922\nwserver.exe"="C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX02.922\nwserver.exe:*:Enabled:Neverwinter Nights Server"
"C:\Programmi\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Programmi\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\NeverwinterNights\NWN\nwserver.exe"="C:\NeverwinterNights\NWN\nwserver.exe:*:Enabled:Neverwinter Nights Server"
"C:\Programmi\EA Sports\Superbike 2001\SBK2001.exe"="C:\Programmi\EA Sports\Superbike 2001\SBK2001.exe:*:Enabled:SBK2001"
"C:\Programmi\Teamspeak2_RC2\server_windows.exe"="C:\Programmi\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server"
"C:\Programmi\Teamspeak2\server_windows.exe"="C:\Programmi\Teamspeak2\server_windows.exe:*:Enabled:Server"
"C:\Programmi\BitTorrent\btdownloadgui.exe"="C:\Programmi\BitTorrent\btdownloadgui.exe:*:Enabled:btdownloadgui"
"C:\Programmi\EA GAMES\Need for Speed Most Wanted\speed.exe"="C:\Programmi\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed"
"C:\Programmi\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Programmi\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Programmi\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd"="C:\Programmi\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Enabled:Age of Empires II Expansion"
"C:\Programmi\DAP\DAP.exe"="C:\Programmi\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Programmi\BitComet\BitComet.exe"="C:\Programmi\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Programmi\Xfire\Xfire.exe"="C:\Programmi\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Programmi\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Programmi\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Documents and Settings\Enrico Fantini\Desktop\RPGONLINE\RPGONLINE\RPGOnline.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\RPGONLINE\RPGONLINE\RPGOnline.exe:*:Enabled:RPGOnline PbC"
"C:\Programmi\Vietcong\vietcong.exe"="C:\Programmi\Vietcong\vietcong.exe:*:Enabled:vietcong"
"C:\Programmi\SHOUTcast\sc_serv.exe"="C:\Programmi\SHOUTcast\sc_serv.exe:*:Enabled:sc_serv"
"C:\Programmi\File comuni\Synacast\SynaLive\PE.exe"="C:\Programmi\File comuni\Synacast\SynaLive\PE.exe:*:Enabled:SynacastPE"
"C:\Programmi\Mediacenter\Mediacenter0.4-by Coolstreaming.exe"="C:\Programmi\Mediacenter\Mediacenter0.4-by Coolstreaming.exe:*:Enabled:Mediacenter"
"C:\Programmi\StreamerOne\streamerone.exe"="C:\Programmi\StreamerOne\streamerone.exe:*:Enabled:streamerone"
"C:\Programmi\Mozilla Firefox\firefox.exe"="C:\Programmi\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programmi\YVD\n00b-IRC.exe"="C:\Programmi\YVD\n00b-IRC.exe:*:Enabled:n00b-IRC"
"C:\Programmi\YVD\YGO Virtual Desktop V086.exe"="C:\Programmi\YVD\YGO Virtual Desktop V086.exe:*:Enabled:YGO Virtual Desktop Executable"
"C:\Programmi\iTunes\iTunes.exe"="C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programmi\BitTorrent\bittorrent.exe"="C:\Programmi\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Programmi\LimeWire\LimeWire.exe"="C:\Programmi\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programmi\FantasyGrounds\FantasyGrounds.exe"="C:\Programmi\FantasyGrounds\FantasyGrounds.exe:*:Enabled:FantasyGrounds"
"C:\Programmi\VoipStunt\VoipStunt\VoipStunt.exe"="C:\Programmi\VoipStunt\VoipStunt\VoipStunt.exe:*:Enabled:VoipStunt"
"C:\Program Files\Apprentice\Appr.exe"="C:\Program Files\Apprentice\Appr.exe:*:Enabled:Appr"
"C:\Programmi\WarRock\WRLauncher.exe"="C:\Programmi\WarRock\WRLauncher.exe:*:Enabled:WarRock"
"C:\Programmi\uTorrent\utorrent.exe"="C:\Programmi\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Programmi\THQ\Dawn of War\W40k.exe"="C:\Programmi\THQ\Dawn of War\W40k.exe:*:Enabled:W40K"
"C:\Documents and Settings\Enrico Fantini\Desktop\Desctozz\RPGONLINE\RPGONLINE\RPGOnline.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\Desctozz\RPGONLINE\RPGONLINE\RPGOnline.exe:*:Enabled:RPGOnline PbC"
"C:\UT2003\System\UT2003.exe"="C:\UT2003\System\UT2003.exe:*:Disabled:UT2003"
"C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX00.422\ut2k3gwbrowser.exe"="C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX00.422\ut2k3gwbrowser.exe:*:Disabled:ut2k3gwbrowser"
"C:\Programmi\WinMX\WinMX.exe"="C:\Programmi\WinMX\WinMX.exe:*:Disabled:WinMX Application"
"C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX00.877\WinMX.exe"="C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Rar$EX00.877\WinMX.exe:*:Disabled:WinMX Application"
"C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Directory temporanea 2 per winmx354beta4.zip\WinMX.exe"="C:\Documents and Settings\Enrico Fantini\Impostazioni locali\Temp\Directory temporanea 2 per winmx354beta4.zip\WinMX.exe:*:Disabled:WinMX Application"
"C:\Programmi\Atari\Neverwinter Nights 2\nwn2main.exe"="C:\Programmi\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"C:\Programmi\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\Programmi\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"C:\Programmi\Atari\Neverwinter Nights 2\nwupdate.exe"="C:\Programmi\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"C:\Programmi\Atari\Neverwinter Nights 2\nwn2server.exe"="C:\Programmi\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"M:\CoD2\CoD2MP_s.exe"="M:\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"M:\NeverWinterNights\nwmain.exe"="M:\NeverWinterNights\nwmain.exe:*:Enabled:Neverwinter Nights"
"M:\NeverwinterNights\NWN\nwmain.exe"="M:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights"
"M:\FEAR\FEAR.exe"="M:\FEAR\FEAR.exe:*:Enabled:FEAR"
"C:\Programmi\mIRC\mirc.exe"="C:\Programmi\mIRC\mirc.exe:*:Enabled:mIRC"
"M:\Neverwinter Nights 2\nwn2main.exe"="M:\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"M:\Neverwinter Nights 2\nwn2main_amdxp.exe"="M:\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"M:\Neverwinter Nights 2\nwupdate.exe"="M:\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"M:\Neverwinter Nights 2\nwn2server.exe"="M:\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"M:\RF Online\RF.exe"="M:\RF Online\RF.exe:*:Enabled:RFLauncher"
"C:\WINDOWS\SYSTEM32\RTCSHARE.EXE"="C:\WINDOWS\SYSTEM32\RTCSHARE.EXE:*:Enabled:Condivis. App. RTC"
"C:\Programmi\NetMeeting\CONF.EXE"="C:\Programmi\NetMeeting\CONF.EXE:*:Enabled:Windows® NetMeeting®"
"C:\Programmi\Pando Networks\Pando\pando.exe"="C:\Programmi\Pando Networks\Pando\pando.exe:*:Disabled:pando"
"C:\Programmi\Winamp\winamp.exe"="C:\Programmi\Winamp\winamp.exe:*:Enabled:Winamp"
"M:\ijji\ENGLISH\U_KwonHoOnline\KwonHoClient.exe"="M:\ijji\ENGLISH\U_KwonHoOnline\KwonHoClient.exe:*:Enabled:KwonHo"
"C:\WINDOWS\SYSTEM32\PnkBstrA.exe"="C:\WINDOWS\SYSTEM32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\SYSTEM32\PnkBstrB.exe"="C:\WINDOWS\SYSTEM32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\Programmi\Morpheus\Morpheus.exe"="C:\Programmi\Morpheus\Morpheus.exe:*:Enabled:Morpheus"
"C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HelpCtr.exe"="C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HelpCtr.exe:*:Enabled:Assistenza remota - Windows Messenger e conversazione"
"C:\Programmi\MessengerDiscovery\MessengerDiscovery Live.exe"="C:\Programmi\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\Programmi\Last.fm\LastFM.exe"="C:\Programmi\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"M:\WoWprivato\Apache2\bin\httpd.exe"="M:\WoWprivato\Apache2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"M:\WoWServer\wamp\Apache2\bin\httpd.exe"="M:\WoWServer\wamp\Apache2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\ascent1722\Ascent1722\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\ascent1722\Ascent1722\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent Rev2355\Ascent Rev2355\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent Rev2355\Ascent Rev2355\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Rev2902\Rev2902\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Rev2902\Rev2902\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\AC WEB REPACK 7.4\Ascent\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\AC WEB REPACK 7.4\Ascent\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\AC WEB REPACK 7.4\Ascent\ascent.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\AC WEB REPACK 7.4\Ascent\ascent.exe:*:Enabled:ascent"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent3361\Ascent 3361\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent3361\Ascent 3361\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent3361\Ascent 3361\voicechat.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\WoWprivato\Ascent3361\Ascent 3361\voicechat.exe:*:Enabled:voicechat"
"C:\Documents and Settings\Enrico Fantini\Desktop\Wowbis\Ascent v2.3.0 Repack [COMPLETE]\logonserver.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\Wowbis\Ascent v2.3.0 Repack [COMPLETE]\logonserver.exe:*:Enabled:logonserver"
"C:\Documents and Settings\Enrico Fantini\Desktop\Wowbis\Ascent v2.3.0 Repack [COMPLETE]\ascent.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\Wowbis\Ascent v2.3.0 Repack [COMPLETE]\ascent.exe:*:Enabled:ascent"
"C:\Programmi\Shareaza\Shareaza.exe"="C:\Programmi\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Programmi\World of Warcraft\BackgroundDownloader.exe"="C:\Programmi\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"M:\Assassin's Creed\AssassinsCreed_Dx9.exe"="M:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"M:\Assassin's Creed\AssassinsCreed_Dx10.exe"="M:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"M:\Assassin's Creed\AssassinsCreed_Launcher.exe"="M:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Programmi\TmNationsForever\TmForever.exe"="C:\Programmi\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Programmi\Shareaza Applications\Shareaza\Shareaza.exe"="C:\Programmi\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"M:\Call of Duty 2\CoD2MP_s.exe"="M:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Programmi\The All-Seeing Eye\eye.exe"="C:\Programmi\The All-Seeing Eye\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:FTP - fájlátviteli program"
"C:\Documents and Settings\Enrico Fantini\Desktop\eMulev0.49a.-MorphXTv11.0-bin\emule\eMule.exe"="C:\Documents and Settings\Enrico Fantini\Desktop\eMulev0.49a.-MorphXTv11.0-bin\emule\eMule.exe:*:Enabled:eMule"
"C:\Programmi\eMule\emule.exe"="C:\Programmi\eMule\emule.exe:*:Enabled:eMule Plus"
"C:\Programmi\SecondLife\SLVoice.exe"="C:\Programmi\SecondLife\SLVoice.exe:*:Enabled:SLVoice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\NCsoft\Exteel (US)\System\Exteel.exe"="C:\Programmi\NCsoft\Exteel (US)\System\Exteel.exe:*:Enabled:Exteel"
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programmi\Windows Live\Messenger\livecall.exe"="C:\Programmi\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-11-01 11:59:42 ----D---- C:\rsit
2008-11-01 11:27:00 ----A---- C:\WINDOWS\gmer.ini
2008-11-01 11:26:59 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-11-01 11:26:59 ----A---- C:\WINDOWS\gmer.exe
2008-11-01 11:26:59 ----A---- C:\WINDOWS\gmer.dll
2008-11-01 10:57:25 ----D---- C:\Programmi\Unlocker
2008-11-01 10:55:11 ----D---- C:\Programmi\FileASSASSIN
2008-10-29 13:35:39 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-10-24 22:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-18 18:43:16 ----A---- C:\WINDOWS\system32\cewmd.dll
2008-10-18 17:21:18 ----D---- C:\Programmi\HijackThis
2008-10-15 21:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 21:40:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 21:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 21:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 21:39:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 21:39:10 ----A---- C:\WINDOWS\system32\MRT.INI
2008-10-15 21:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-14 13:43:23 ----A---- C:\WINDOWS\system32\WinCtrl32.dll
2008-10-09 16:09:39 ----D---- C:\Programmi\World of Warcraft Public Test
2008-10-09 16:00:55 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Blizzard
2008-10-09 01:47:12 ----A---- C:\WINDOWS\system32\xfcodec.dll
2008-10-03 21:52:49 ----D---- C:\WINDOWS\SQLTools9_KB948109_ENU
2008-10-03 21:49:40 ----D---- C:\WINDOWS\SQL9_KB948109_ENU
2008-10-02 21:50:47 ----D---- C:\Programmi\Microsoft CAPICOM 2.1.0.2
2008-10-02 13:11:55 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-02 13:11:55 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-02 13:11:55 ----A---- C:\WINDOWS\system32\mucltui.dll

======List of files/folders modified in the last 1 months======

2008-11-01 11:27:11 ----D---- C:\WINDOWS\system32\DRIVERS
2008-11-01 11:27:00 ----D---- C:\WINDOWS
2008-11-01 11:19:07 ----D---- C:\WINDOWS\Prefetch
2008-11-01 11:11:21 ----SHD---- C:\WINDOWS\SYSTEM32
2008-11-01 11:11:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 11:09:58 ----D---- C:\Programmi\Mozilla Firefox
2008-11-01 11:08:21 ----RD---- C:\WINDOWS\Temp
2008-11-01 11:05:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-01 10:57:25 ----D---- C:\Programmi
2008-11-01 10:41:36 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2008-11-01 10:41:26 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-01 10:30:01 ----D---- C:\Programmi\eMule
2008-10-28 22:56:22 ----SHD---- C:\WINDOWS\Installer
2008-10-28 22:56:22 ----SHD---- C:\Config.Msi
2008-10-27 17:00:08 ----D---- C:\Documents and Settings\Enrico Fantini\Dati applicazioni\uTorrent
2008-10-26 21:02:06 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-24 22:05:19 ----HD---- C:\WINDOWS\INF
2008-10-24 22:04:22 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 10:19:56 ----SD---- C:\Programmi\Xfire
2008-10-22 18:42:58 ----D---- C:\Documents and Settings\Enrico Fantini\Dati applicazioni\Xfire
2008-10-22 13:10:31 ----D---- C:\Programmi\World of Warcraft
2008-10-22 12:36:53 ----SHD---- C:\System Volume Information
2008-10-22 12:36:53 ----D---- C:\WINDOWS\system32\Restore
2008-10-20 20:30:24 ----D---- C:\WINDOWS\system32\CONFIG
2008-10-18 17:00:46 ----D---- C:\Program Files
2008-10-17 13:05:30 ----D---- C:\Documents and Settings\Enrico Fantini\Dati applicazioni\Skype
2008-10-15 21:40:19 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 21:36:41 ----D---- C:\Programmi\Internet Explorer
2008-10-15 17:57:30 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 12:56:22 ----D---- C:\Programmi\NCSoft
2008-10-13 1537 ----RSD---- C:\WINDOWS\Fonts
2008-10-13 13:51:30 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-10-13 13:48:18 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-10-09 16:58:11 ----D---- C:\Programmi\File comuni\Blizzard Entertainment
2008-10-09 16:03:36 ----D---- C:\Programmi\ThriXXX
2008-10-07 20:35:04 ----D---- C:\Documents and Settings\Enrico Fantini\Dati applicazioni\teamspeak2
2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-05 17:56:55 ----A---- C:\WINDOWS\WIN.INI
2008-10-03 21:53:06 ----D---- C:\Programmi\Microsoft SQL Server
2008-10-03 21:52:58 ----D---- C:\WINDOWS\Registration
2008-10-03 12:45:31 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-03 12:45:30 ----RSD---- C:\WINDOWS\ASSEMBLY
2008-10-02 13:28:26 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-02 13:28:26 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ikhfile;File Security Kernel Anti-Spyware Driver; C:\WINDOWS\system32\drivers\ikhfile.sys [2006-07-10 30592]
R1 ikhlayer;Kernel Anti-Spyware Driver; C:\WINDOWS\system32\drivers\ikhlayer.sys [2006-08-24 51072]
R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40192]
R1 kbdhid;Driver di tastiera HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2002-11-08 17217]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 NAVAPEL;NAVAPEL; \??\C:\Programmi\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS []
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-07-04 3230720]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-03 223128]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408]
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2004-06-08 24637]
R3 LHidUsbK;Logitech SetPoint USB Receiver Device Driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2004-06-08 38081]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2004-06-08 71533]
R3 LUsbKbd;Logitech SetPoint USB Keyboard Filter; C:\WINDOWS\System32\Drivers\LUsbKbd.Sys [2004-06-08 14975]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-30 12160]
R3 NAVAP;NAVAP; \??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FILECO~1\SYMANT~1\VIRUSD~1\20081031.007\NAVENG.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FILECO~1\SYMANT~1\VIRUSD~1\20081031.007\NAVEX15.sys []
R3 RXG350XP;Roper 802.11g XG350 Driver; C:\WINDOWS\system32\DRIVERS\WlanCTG.sys [2005-05-26 481664]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
R3 SymEvent;SymEvent; \??\C:\Programmi\Symantec\SYMEVENT.SYS []
R3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-19 26624]
R3 usbhub;Driver hub USB standard Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Driver Miniport Controller Universal Host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Winaw10;Winaw10; \??\C:\WINDOWS\System32\drivers\Winaw10.sys []
S1 oreans32;oreans32; []
S1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys []
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\zntport.sys []
S3 adxapie;adxapie; \??\C:\DOCUME~1\ENRICO~1\IMPOST~1\Temp\adxapie.sys []
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 E100B;Driver scheda Intel(R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-30 117760]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-01 85969]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2005-10-30 10345]
S3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Driver di Network Monitor; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-19 40320]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 npkcrypt;npkcrypt; \??\M:\Lineage II\system\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\M:\Lineage II\system\npkcusb.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 snpstd;Trust 150 Spacecam Portable; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2004-05-17 302720]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Driver audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 Winac71;Winac71; \??\C:\WINDOWS\System32\drivers\Winac71.sys []
S3 Winbv25;Winbv25; \??\C:\WINDOWS\System32\drivers\Winbv25.sys []
S3 Wincp30;Wincp30; \??\C:\WINDOWS\System32\drivers\Wincp30.sys []
S3 Winev41;Winev41; \??\C:\WINDOWS\System32\drivers\Winev41.sys []
S3 Winfi22;Winfi22; \??\C:\WINDOWS\System32\drivers\Winfi22.sys []
S3 Winfw16;Winfw16; \??\C:\WINDOWS\System32\drivers\Winfw16.sys []
S3 Wingl60;Wingl60; \??\C:\WINDOWS\System32\drivers\Wingl60.sys []
S3 Winin31;Winin31; \??\C:\WINDOWS\System32\drivers\Winin31.sys []
S3 Winka47;Winka47; \??\C:\WINDOWS\System32\drivers\Winka47.sys []
S3 Winka81;Winka81; \??\C:\WINDOWS\System32\drivers\Winka81.sys []
S3 Winkd12;Winkd12; \??\C:\WINDOWS\System32\drivers\Winkd12.sys []
S3 Winkm50;Winkm50; \??\C:\WINDOWS\System32\drivers\Winkm50.sys []
S3 Winll36;Winll36; \??\C:\WINDOWS\System32\drivers\Winll36.sys []
S3 Winmc18;Winmc18; \??\C:\WINDOWS\System32\drivers\Winmc18.sys []
S3 Winmj70;Winmj70; \??\C:\WINDOWS\System32\drivers\Winmj70.sys []
S3 Winnd42;Winnd42; \??\C:\WINDOWS\System32\drivers\Winnd42.sys []
S3 Winoj67;Winoj67; \??\C:\WINDOWS\System32\drivers\Winoj67.sys []
S3 Winpa76;Winpa76; \??\C:\WINDOWS\System32\drivers\Winpa76.sys []
S3 Winpf74;Winpf74; \??\C:\WINDOWS\System32\drivers\Winpf74.sys []
S3 Winsk41;Winsk41; \??\C:\WINDOWS\System32\drivers\Winsk41.sys []
S3 Winsl22;Winsl22; \??\C:\WINDOWS\System32\drivers\Winsl22.sys []
S3 Winuc41;Winuc41; \??\C:\WINDOWS\System32\drivers\Winuc41.sys []
S3 Winuf68;Winuf68; \??\C:\WINDOWS\System32\drivers\Winuf68.sys []
S3 Winus47;Winus47; \??\C:\WINDOWS\System32\drivers\Winus47.sys []
S3 Winye65;Winye65; \??\C:\WINDOWS\System32\drivers\Winye65.sys []
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc2B.tmp []
S4 WS2IFSL;Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-19 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe [2008-07-09 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-07-04 561152]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 DefWatch;DefWatch; C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe [2004-11-13 32884]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-03-04 311296]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 Norton AntiVirus Server;Symantec AntiVirus Client; C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe [2004-11-13 688250]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-13 66872]
R2 SDhelper;PC Tools Spyware Doctor; C:\Programmi\Spyware Doctor\sdhelp.exe [2006-11-02 895088]
R2 SQLBrowser;SQL Server Browser; C:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R3 iPodService;iPodService; C:\Programmi\iPod\bin\iPodService.exe [2005-12-20 323584]
R3 ServiceLayer;ServiceLayer; C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S2 ATI Smart;ATI Smart; C:\WINDOWS\SYSTEM32\ati2sgag.exe [2008-07-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268288]
S3 Adobe LM Service;Adobe LM Service; C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-19 72704]
S3 aspnet_state;Servizio stato di ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Programmi\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 usnjsvc;Servizio Messenger Sharing Folders USN Journal Reader; C:\Programmi\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
S3 wampapache;wampapache; M:\WoWServer\wamp\apache2\bin\httpd.exe [2007-09-05 24635]
S3 wampmysqld;wampmysqld; M:\WoWServer\wamp\mysql\bin\mysqld-nt.exe [2007-07-06 5730304]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Servizio di condivisione in rete Windows Media Player; C:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-02 918528]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Programmi\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

-----------------EOF-----------------

Attached Files

	info.txt (39.9 KB, 1 views)
	Gmer.txt (121.7 KB, 4 views)