ComboFix 09-02-06.04 - VINCENZO 2009-02-08 0.24.18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1023.545 [GMT 1:00]
Eseguito da: c:\documents and settings\VINCENZO\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: PC Tools Firewall Plus *disabled*
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dati applicazioni\Services
c:\documents and settings\All Users\Dati applicazioni\vlc-0.9.6-win32.exe
c:\documents and settings\VINCENZO\Dati applicazioni\inst.exe
c:\windows\config.ini
c:\windows\msvrc20.dll
c:\windows\system32\mfc45.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASC3550P
((((((((((((((((((((((((( Files Creati Da 2009-01-07 al 2009-02-07 )))))))))))))))))))))))))))))))))))
.
2009-02-07 22:18 . 2009-02-07 22:18 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-02-07 22:18 . 2009-02-07 22:18 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-02-07 22:18 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-07 22:18 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-07 00:38 . 2009-02-07 00:38 <DIR> d-------- c:\programmi\Trend Micro
2009-02-03 00:39 . 2009-02-03 12:47 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-03 00:04 . 2009-02-03 00:04 <DIR> d-------- c:\programmi\Windows Defender
2009-02-02 23:08 . 2009-02-07 00:14 <DIR> d-------- c:\programmi\RegSeeker
2009-02-02 13:23 . 2009-02-07 13:35 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-02 13:23 . 2009-02-02 13:23 <DIR> d-------- c:\programmi\AVG
2009-02-02 13:23 . 2009-02-02 13:23 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-02-02 13:23 . 2009-02-02 13:23 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-02 13:23 . 2009-02-02 13:23 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-02 13:23 . 2009-02-02 13:23 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-02 13:11 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2009-02-02 13:11 . 2009-01-20 14:12 130,928 --a------ c:\windows\system32\drivers\PCTCore.sys
2009-02-02 13:11 . 2008-12-18 12:16 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2009-02-02 13:10 . 2009-02-02 13:20 <DIR> d-------- c:\programmi\PC Tools Firewall Plus
2009-02-02 13:10 . 2009-02-02 13:10 <DIR> d-------- c:\programmi\File comuni\PC Tools
2009-02-02 13:10 . 2008-09-22 12:29 97,408 --a------ c:\windows\system32\drivers\pctfw.sys
2009-02-02 13:10 . 2009-01-21 10:38 95,640 --a------ c:\windows\system32\drivers\pctplfw.sys
2009-02-01 22:54 . 2009-02-01 23:13 <DIR> d-------- c:\programmi\File comuni\AVSMedia
2009-02-01 22:54 . 2009-02-01 22:54 <DIR> d-------- c:\documents and settings\VINCENZO\Dati applicazioni\AVS4YOU
2009-02-01 22:54 . 2009-02-01 22:54 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-02-01 22:54 . 2008-06-19 11:53 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-01-29 22:18 . 2009-01-29 22:18 <DIR> d-------- c:\documents and settings\NetworkService\Dati applicazioni\PCToolsSpamMonitorPlus
2009-01-29 22:18 . 2009-01-29 22:18 <DIR> d-------- c:\documents and settings\NetworkService\Dati applicazioni\PCToolsFirewallPlus
2009-01-29 17:29 . 2009-01-29 17:29 <DIR> d-------- c:\documents and settings\VINCENZO\Dati applicazioni\Babylon
2009-01-29 17:29 . 2009-01-29 17:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Babylon
2009-01-29 17:28 . 2009-02-08 00:29 79,570 --a------ c:\windows\system32\drivers\6d082a8e.sys
2009-01-27 14:54 . 2009-01-27 14:55 267 --a------ c:\windows\phedit.ini
2009-01-26 23:01 . 2009-01-26 23:01 <DIR> d-------- c:\documents and settings\NetworkService\Dati applicazioni\iolo
2009-01-26 22:33 . 2009-01-26 22:33 <DIR> d-------- c:\documents and settings\LocalService\Dati applicazioni\iolo
2009-01-26 22:33 . 2009-01-26 22:33 406 --a------ c:\windows\system32\ioloBootDefrag.cfg
2009-01-26 22:29 . 2009-01-26 22:54 <DIR> d-------- c:\documents and settings\VINCENZO\Dati applicazioni\iolo
2009-01-26 22:29 . 2009-01-26 22:33 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\iolo
2009-01-25 23:04 . 2009-01-25 23:04 <DIR> d-------- C:\Program Files
2009-01-25 22:25 . 2009-01-25 22:25 <DIR> d-------- c:\programmi\Infogrames
2009-01-25 21:10 . 2009-01-25 21:10 <DIR> d-------- c:\programmi\Alcohol Soft
2009-01-25 18:58 . 2009-01-25 18:58 <DIR> d-------- c:\programmi\EA Sports
2009-01-24 14:32 . 2009-01-24 14:32 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\CyberLink
2009-01-24 14:15 . 2009-01-24 14:15 <DIR> d-------- c:\documents and settings\VINCENZO\Dati applicazioni\CyberLink
2009-01-24 14:15 . 2009-01-24 14:15 <DIR> d-------- c:\documents and settings\All Users\CyberLink
2009-01-24 14:13 . 2009-01-24 14:14 <DIR> d-------- c:\programmi\CyberLink
2009-01-23 23:25 . 2009-01-23 23:26 <DIR> d-------- c:\programmi\CDex_150
2009-01-22 00:00 . 2009-01-22 00:00 <DIR> d-------- c:\documents and settings\VINCENZO\Dati applicazioni\MAGIX
2009-01-21 23:54 . 2009-01-24 22:43 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MAGIX
2009-01-21 23:54 . 2007-04-27 10:43 120,200 --a------ c:\windows\system32\DLLDEV32i.dll
2009-01-21 23:53 . 2009-01-24 22:43 <DIR> d-------- c:\windows\system32\MAGIX
2009-01-21 23:53 . 2008-04-15 16:14 700,416 --a------ c:\windows\system32\mgxoschk.dll
2009-01-21 23:53 . 2009-01-21 23:58 6,330 --a------ c:\windows\mgxoschk.ini
2009-01-18 19:40 . 2009-01-18 19:40 <DIR> d-------- C:\Kinder
2009-01-18 18:46 . 2006-05-31 10:22 62,232 --a------ c:\windows\system32\GameuxInstallHelper.dll
2009-01-16 15:26 . 2008-02-01 15:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys
2009-01-16 15:26 . 2008-02-01 15:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys
2009-01-16 15:19 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-01-16 15:19 . 2009-01-16 15:19 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-16 15:19 . 2009-01-16 15:19 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-01-16 15:13 . 2009-01-16 15:13 <DIR> d-------- c:\programmi\File comuni\PCSuite
2009-01-16 15:12 . 2009-01-16 15:12 <DIR> d-------- c:\programmi\PC Connectivity Solution
2009-01-16 15:12 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2009-01-16 15:11 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2009-01-16 15:11 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2009-01-16 15:11 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2009-01-16 15:11 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2009-01-16 15:11 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-01-16 15:11 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2009-01-11 14:37 . 2009-01-11 14:37 <DIR> d-------- c:\programmi\Ubi Soft
2009-01-10 19:15 . 2009-01-10 19:15 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\vsosdk
2009-01-09 23:21 . 2009-01-09 23:21 <DIR> d-------- c:\programmi\Terminal Reality
2009-01-08 23:56 . 2006-05-20 16:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2009-01-08 23:56 . 2006-05-11 19:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2009-01-08 23:56 . 2002-12-10 02:20 102,439 --a------ c:\windows\system32\sipr3260.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-07 23:28 --------- d---a-w c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-02-06 23:14 --------- d-----w c:\programmi\Mozilla Thunderbird
2009-02-06 22:54 --------- d-----w c:\programmi\Ashampoo
2009-02-03 09:37 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\Vso
2009-02-02 12:05 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\PC Tools
2009-01-30 20:34 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\OpenOffice.org2
2009-01-30 14:00 --------- d-----w c:\programmi\Unlocker
2009-01-29 15:00 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-01-26 13:57 --------- d-----w c:\programmi\File comuni\Apple
2009-01-26 13:57 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-01-25 20:06 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-01-24 13:15 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-01-21 22:34 20 ---h--w c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2009-01-21 22:31 20 ---h--w c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2009-01-19 22:20 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\Ashampoo
2009-01-19 12:22 --------- d-----w c:\programmi\IObit
2009-01-19 12:22 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\IObit
2009-01-16 14:27 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Installations
2009-01-16 14:24 --------- d-----w c:\programmi\Nokia
2009-01-16 14:24 --------- d-----w c:\programmi\File comuni\Nokia
2009-01-06 13:15 --------- d-----w c:\programmi\File comuni\Sonic Shared
2009-01-06 13:13 --------- d-----w c:\programmi\File comuni\Roxio Shared
2009-01-05 16:16 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\Roxio
2009-01-04 22:26 --------- d-----w c:\documents and settings\LocalService\Dati applicazioni\Roxio
2009-01-04 22:21 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\InstallShield
2009-01-04 22:19 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Sonic
2009-01-04 22:12 --------- d-----w c:\programmi\File comuni\SightSpeed
2009-01-04 22:10 --------- d-----w c:\programmi\DivX
2009-01-03 12:49 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\Software Informer
2008-12-30 00:19 --------- d-----w c:\programmi\CCleaner
2008-12-29 23:34 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\KC Softwares
2008-12-29 23:13 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\UDL
2008-12-29 23:11 --------- d-----w c:\programmi\EPSON
2008-12-27 18:18 --------- d-----w c:\programmi\UnderCoverXP
2008-12-17 13:53 --------- d-----w c:\programmi\VSO
2008-12-16 14:28 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\Canneverbe_Limited
2008-12-14 21:55 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\PCToolsSpamMonitorPlus
2008-12-14 21:39 --------- d-----w c:\programmi\File comuni\Nero
2008-12-14 21:31 --------- d-----w c:\programmi\Windows Sidebar
2008-12-14 21:14 --------- d-----w c:\programmi\Motive
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-08 22:21 --------- d-----w c:\documents and settings\VINCENZO\Dati applicazioni\uTorrent
2008-12-08 21:55 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\ashampoo
2008-09-14 20:27 47,360 ----a-w c:\documents and settings\VINCENZO\Dati applicazioni\pcouffin.sys
2008-10-11 19:50 32,768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008101120081012\index.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CTSysVol"="c:\programmi\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"EPSON Stylus Photo R240 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2009-01-21 2652056]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-02 1601304]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-02 13:23 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"CTRegRun"=c:\windows\CTRegRun.EXE
"EPSON Stylus Photo R240 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_04\bin\jusched.exe"
"AppleSyncNotifier"=c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"NeroFilterCheck"=c:\programmi\File comuni\Nero\Lib\NeroCheck.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-09-03 11264]
R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-02 325128]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-02 107272]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-02-02 159600]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-02 298264]
R2 pctappevent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-02-02 73840]
R2 windefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-02-02 95640]
S1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2009-01-04 241664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-01-16 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-01-16 8320]
.
Contenuto della cartella 'Scheduled Tasks'
2009-02-07 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe []
2009-02-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
2009-01-09 c:\windows\Tasks\Schedule Task Weekly.job
- c:\programmi\Registry Easy\RE.exe []
2009-01-26 c:\windows\Tasks\SmartDefrag.job
- c:\programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-01-14 13:15]
2009-01-26 c:\windows\Tasks\SmartDefrag.job
- c:\programmi\IObit\IObit SmartDefrag\ [2009-01-19 13:22]
2009-02-07 c:\windows\Tasks\Verifica e correzione automatica.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe []
.
.
------- Scansione supplementare -------
.
IE: scarica con free download manager - file://c:\programmi\Free Download Manager\dllink.htm
IE: scarica i video con free download manager - file://c:\programmi\Free Download Manager\dlfvideo.htm
IE: scarica selezionati con free download manager - file://c:\programmi\Free Download Manager\dlselected.htm
IE: scarica tutto con free download manager - file://c:\programmi\Free Download Manager\dlall.htm
FF - ProfilePath - c:\documents and settings\VINCENZO\Dati applicazioni\Mozilla\Firefox\Profiles\4yzoc5hd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\programmi\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 18
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.notify.interval - 750000
FF - user.js: content.switch.threshold - 750000
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
------- Associazioni dei file -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-08 00:29:24
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\6d082a8e]
"ImagePath"="\SystemRoot\System32\drivers\6d082a8e.sys"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\s-1-5-21-839522115-1715567821-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\CTSVCCDA.EXE
c:\programmi\PC Tools Firewall Plus\FWService.exe
c:\programmi\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\MsPMSPSv.exe
c:\programmi\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-02-08 0:33:02 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-02-07 23:32:58
Pre-Run: 24.776.904.704 byte disponibili
Post-Run: 24,677,892,096 byte disponibili
286 --- E O F --- 2009-02-07 13:27:55