ComboFix 09-06-15.04 - Administrator 16.06.2009 1:29.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.702.344 [GMT 2:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Impostazioni locali\Temporary Internet Files\ijjistarter_verinfo.dat
c:\windows\system32\drivers\SKYNETkuxjmvnr.sys
c:\windows\system32\SKYNETghhtnruf.dat
c:\windows\system32\SKYNETiepeudhv.dat
c:\windows\system32\SKYNETkoxoynqt.dll
c:\windows\system32\SKYNETuysveogn.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNETdpfmrtwp
((((((((((((((((((((((((( Files Creati Da 2009-05-15 al 2009-06-15 )))))))))))))))))))))))))))))))))))
.
2009-06-15 20:08 . 2009-06-15 20:09 117760 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-06-15 19:58 . 2009-06-15 19:58 3371383 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-15 18:32 . 2009-06-15 18:32 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2009-06-15 18:32 . 2009-06-15 18:32 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2009-06-15 18:32 . 2009-06-15 18:32 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-06-15 18:32 . 2009-06-15 21:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-15 19:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-15 19:04 -------- d-----w- c:\programmi\Spyware Terminator
2009-06-15 15:13 . 2009-06-15 15:13 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2009-06-15 13:46 . 2009-06-15 15:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\15151094
2009-06-15 11:41 . 2009-02-19 14:16 2309120 ----a-w- c:\windows\system32\pdftk.exe
2009-06-15 05:02 . 2009-06-15 05:02 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\cerasus.media
2009-06-15 04:40 . 2009-06-15 05:04 -------- d-----w- c:\programmi\Mystery Stories Berlin Nights
2009-06-15 04:09 . 2009-06-15 04:11 -------- d-----w- c:\programmi\Sky Taxi
2009-06-15 03:37 . 2009-06-15 04:06 -------- d-----w- c:\programmi\Mahjongg Ancient Mayas
2009-06-15 01:22 . 2009-06-15 01:25 -------- d-----w- c:\programmi\Setup Factory 8.0 Trial
2009-06-15 01:22 . 2009-06-15 01:22 -------- d-----w- c:\windows\Setup Factory 8.0 Trial
2009-06-12 21:46 . 2009-06-12 21:47 -------- d-----w- c:\programmi\FreeWareUpdater
2009-06-12 12:54 . 2009-06-12 12:54 971232 ----a-w- c:\windows\system32\drivers\tdrpm147.sys
2009-06-12 12:54 . 2009-06-12 12:54 540000 ----a-w- c:\windows\system32\drivers\timntr.sys
2009-06-12 12:54 . 2009-06-12 12:54 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2009-06-12 12:54 . 2009-06-12 12:54 134272 ----a-w- c:\windows\system32\drivers\snman380.sys
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\Acronis
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\File comuni\Acronis
2009-06-12 12:39 . 2001-11-29 06:57 110592 ----a-w- c:\windows\system32\ccrpbds6.dll
2009-06-10 17:19 . 2009-06-15 19:46 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MagicBall4
2009-06-10 08:27 . 2009-06-15 23:39 75591712 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-10 08:26 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\
05165413.sys
2009-06-09 00:21 . 2009-06-09 00:22 -------- d-----w- c:\programmi\Fleshatomale RedTube Downloader
2009-06-08 11:37 . 2009-06-08 11:37 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Thinstall
2009-06-07 12:06 . 2009-06-07 12:06 -------- d-----w- C:\Movie Label Databases
2009-06-07 12:05 . 2009-06-07 12:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Movie Label
2009-06-07 12:05 . 2009-06-11 09:06 -------- d-----w- c:\programmi\Movie Label 2009
2009-06-05 20:50 . 2009-06-05 20:50 -------- d-----w- c:\programmi\uTorrent
2009-06-05 20:50 . 2009-06-12 23:36 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2009-06-04 17:53 . 2009-06-04 17:56 -------- d-----w- c:\programmi\MegaLink
2009-06-04 17:39 . 2009-06-04 17:39 83456 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\SDCondition.dll
2009-06-04 17:36 . 2009-06-04 17:36 2169880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\spo3.exe
2009-06-04 17:36 . 2009-06-04 17:36 3530776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\VA23_DAPSO.exe
2009-06-04 17:35 . 2009-06-05 21:51 95744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Updates\Condition.dll
2009-06-04 17:34 . 2009-06-04 17:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit
2009-06-04 17:34 . 2009-06-04 17:34 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-04 17:34 . 2009-06-04 17:36 -------- d-----w- c:\programmi\DAP
2009-05-31 15:47 . 2009-05-31 15:57 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\WarRockDF
2009-05-28 19:10 . 2009-05-27 17:21 34447128 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_ita_web.exe
2009-05-28 19:10 . 2009-05-28 19:10 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-28 19:10 . 2009-05-28 19:10 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-28 19:10 . 2009-05-28 19:10 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-20 12:19 . 2009-06-15 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-05-20 12:19 . 2009-05-20 12:21 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\.clamwin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\programmi\ClamWin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\All Users\.clamwin
2009-05-17 15:45 . 2009-05-17 15:45 -------- d-----w- c:\programmi\File comuni\SWF Studio
2009-05-17 12:12 . 2009-06-08 20:40 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MessengerDiscovery 2
2009-05-17 12:03 . 2009-05-29 16:43 -------- d-----w- c:\documents and settings\Administrator\Tracing
2009-05-17 12:01 . 2009-05-18 10:17 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-05-17 12:00 . 2009-05-17 12:00 -------- d-----w- c:\programmi\Microsoft
2009-05-17 11:59 . 2009-05-17 11:59 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-05-17 11:51 . 2009-05-17 11:51 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-05-17 11:01 . 2009-05-17 11:01 -------- d-----w- c:\programmi\ImageShack Corp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 22:09 . 2008-09-03 16:35 -------- d-----w- c:\programmi\eMule
2009-06-15 19:59 . 2009-05-13 20:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-06-15 19:57 . 2009-05-01 14:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\GameHouse
2009-06-15 19:56 . 2009-05-01 13:42 -------- d-----w- c:\programmi\RealArcade
2009-06-15 19:05 . 2008-09-07 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-06-15 15:17 . 2008-04-14 12:00 85528 ----a-w- c:\windows\system32\perfc010.dat
2009-06-15 15:17 . 2008-04-14 12:00 492826 ----a-w- c:\windows\system32\perfh010.dat
2009-06-15 15:11 . 2009-06-10 08:27 879164 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-15 05:38 . 2009-05-02 11:56 -------- d-----w- c:\programmi\Poker Superstars III
2009-06-15 01:25 . 2009-04-29 15:31 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IndigoRose
2009-06-15 01:23 . 2009-04-29 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\IndigoRose
2009-06-15 01:02 . 2008-09-03 14:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-06-12 12:46 . 2008-09-03 23:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-08 18:04 . 2009-01-27 21:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Skype
2009-06-08 18:01 . 2009-01-27 21:08 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\skypePM
2009-06-07 17:35 . 2008-10-02 19:12 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TeraCopy
2009-06-07 00:59 . 2008-12-13 12:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-05 22:21 . 2009-05-16 11:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Nimi
2009-06-05 10:49 . 2009-03-30 17:17 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-06-04 17:49 . 2008-09-06 09:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Orbit
2009-05-31 13:52 . 2008-09-06 09:45 -------- d-----w- c:\programmi\Orbitdownloader
2009-05-31 09:07 . 2008-12-13 19:57 -------- d-----w- c:\programmi\RadarSync
2009-05-31 09:06 . 2009-01-14 14:47 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-05-31 09:06 . 2009-01-14 14:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2009-05-31 08:11 . 2009-04-19 00:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-05-26 11:20 . 2009-05-13 20:10 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-05-13 20:11 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-21 19:37 . 2009-04-15 10:56 -------- d-----w- c:\programmi\Google
2009-05-20 11:17 . 2009-05-02 06:35 1439488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.dll
2009-05-20 11:17 . 2009-05-02 06:35 755992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avginet.dll
2009-05-17 17:11 . 2008-09-04 14:16 -------- d--h--w- c:\documents and settings\Administrator\Dati applicazioni\ijjigame
2009-05-17 12:01 . 2008-09-03 13:58 -------- d-----w- c:\programmi\Windows Live
2009-05-16 14:46 . 2009-05-16 14:30 -------- d-----w- c:\programmi\Luxor
2009-05-16 14:35 . 2009-05-01 14:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MumboJumbo
2009-05-16 13:04 . 2009-05-16 13:04 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-05-16 13:04 . 2009-05-16 13:04 -------- d-----w- c:\programmi\Stardock
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\AWhiteu12.dat
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\ADarku12.dat
2009-05-15 16:12 . 2009-04-24 14:39 6 ----a-w- c:\windows\AExpou.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\Gain6.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\AOffsetu.dat
2009-05-15 16:04 . 2009-04-24 14:28 -------- d-----w- c:\programmi\TextBridge Classic 2.0
2009-05-15 16:03 . 2009-05-15 16:03 -------- d-----w- c:\programmi\MGI
2009-05-15 16:02 . 2009-04-24 12:41 -------- d-----w- c:\programmi\ScanEZ
2009-05-14 15:48 . 2008-09-03 14:21 3688176 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AMPSoft
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\programmi\AMP Font Viewer
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\KC Softwares
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\programmi\KC Softwares
2009-05-13 22:06 . 2009-04-27 19:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SolidDocuments
2009-05-13 20:11 . 2009-05-13 20:11 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2009-05-13 20:10 . 2009-05-13 20:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\USBSafelyRemove
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\USBSRService
2009-05-12 18:21 . 2009-05-01 14:25 -------- d-----w- c:\programmi\Luxor Quest For The Afterlife
2009-05-11 20:41 . 2009-05-11 20:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AlawarWrapper
2009-05-11 20:39 . 2009-05-11 20:39 -------- d-----w- c:\programmi\Alawar
2009-05-11 20:33 . 2009-05-11 20:33 -------- d-----w- c:\programmi\Virtual Families
2009-05-10 19:41 . 2009-05-10 19:41 -------- d-----w- c:\programmi\Ace Translator
2009-05-07 15:32 . 2008-04-14 12:00 347648 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 19:00 . 2008-09-03 16:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-05-04 16:26 . 2009-05-04 16:26 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-05-04 13:24 . 2009-05-04 13:24 -------- d-----w- c:\programmi\GIMP-2.0
2009-05-02 20:54 . 2009-05-02 00:54 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Alawar
2009-05-02 06:38 . 2008-09-03 16:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-02 06:38 . 2008-09-03 16:32 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 06:38 . 2008-09-03 16:32 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-02 06:37 . 2009-04-25 17:08 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-02 01:01 . 2009-05-02 01:01 -------- d-----w- c:\programmi\MSXML 4.0
2009-05-01 18:32 . 2009-05-01 18:32 -------- d-----w- c:\programmi\Rar Repair Tool
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-05-01 14:25 . 2009-05-01 14:25 -------- d-----w- c:\programmi\ReflexiveArcade
2009-05-01 14:08 . 2009-05-01 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\n7-89-o9-3r-4t-r9
2009-05-01 13:50 . 2009-05-01 13:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\rionix
2009-05-01 13:44 . 2009-05-01 13:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Trymedia
2009-05-01 00:51 . 2009-05-01 00:51 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2009-04-30 17:48 . 2009-04-30 17:48 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-04-30 17:48 . 2009-04-30 17:48 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TuneUp Software
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\programmi\TuneUp Utilities 2009
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-04-30 17:47 . 2009-04-30 17:47 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-30 16:40 . 2009-04-30 16:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Ulead Systems
2009-04-30 16:37 . 2009-04-30 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\programmi\File comuni\InterVideo
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InterVideo
2009-04-30 16:36 . 2008-10-16 21:02 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-04-30 16:35 . 2009-04-30 16:35 -------- d-----w- c:\programmi\Windows Media Components
2009-04-30 16:35 . 2009-04-30 16:34 -------- d-----w- c:\programmi\File comuni\Ulead Systems
2009-04-30 16:34 . 2009-04-24 15:38 -------- d-----w- c:\programmi\Ulead Systems
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\proDAD
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\programmi\proDAD
2009-04-30 15:34 . 2009-04-30 15:33 -------- d-----w- c:\programmi\Boris FX, Inc
2009-04-30 15:32 . 2009-04-30 15:22 -------- d-----w- c:\programmi\Pinnacle
2009-04-30 15:30 . 2009-04-30 15:30 29926 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2009-04-30 15:30 . 2009-04-30 15:30 -------- d-----w- c:\programmi\File comuni\Pinnacle
2009-04-30 15:29 . 2009-04-30 15:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\programmi\File comuni\Yahoo!
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Studio 12
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Plus
2008-09-04 00:19 . 2008-09-04 00:16 48 --sh--w- c:\windows\S92681E4D.tmp
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-05 1947928]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-07 148888]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2009-06-15 2174464]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2007-12-20 77824]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-09-30 200704]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-02 06:38 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\is-6O6IH.lnk
backup=c:\windows\pss\is-6O6IH.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Documents and Settings\\Administrator\\Dati applicazioni\\Mozilla\\Firefox\\Profiles\\awlaoj0w.default\\extensions\\SolidStateION@solidstatenetworks.com\\plugins\\solidnm.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Programmi\\Ace Translator\\AceTrans.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager
R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [12.06.2009 14:54 134272]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [12.06.2009 14:54 971232]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [24.04.2009 13:56 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [24.04.2009 13:56 53248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.09.2008 18:32 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.04.2009 19:08 108552]
R1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\drivers\
05165413.sys [10.06.2009 10:26 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [26.05.2009 10:05 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [26.05.2009 10:05 72944]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [15.06.2009 20:32 142592]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05.05.2009 21:02 298776]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [03.09.2008 15:10 45696]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [03.09.2008 15:10 56960]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [03.09.2008 15:10 601600]
S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]
S3 gwiopm;gwiopm;\??\c:\programmi\My Drivers\gwiopm.sys --> c:\programmi\My Drivers\gwiopm.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [26.05.2009 10:05 7408]
S4 Seekeen Service;Seekeen Service;"c:\programmi\Seekeen\seekeen.exe" "c:\programmi\Seekeen\seekeen.dll" Service --> c:\programmi\Seekeen\seekeen.exe [?]
S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [30.04.2009 19:48 603904]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'
2009-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-842925246-1177238915-500.job
- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-10-09 17:23]
2009-06-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
2009-06-15 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.smsveloce.it/ricerca/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\programmi\DAP\Privacy Package\dapcleanerie.htm
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Download with &DAP - c:\programmi\DAP\dapextie.htm
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download &all with DAP - c:\programmi\DAP\dapextie2.htm
IE: Download Link Using Mega Manager... - c:\programmi\Megaupload\Mega Manager\mm_file.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath -
.
**************************************************************************
disk not found C:\
please note that you need administrator rights to perform deep scan
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{796AABBB-44F5-67F7-D78C-CC9582F172EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abhiakgcmeobheckhanlgmjddhjlibhjbf"=hex:70,61,66,69,6b,6d,6c,6c,62,61,64,6c,
68,68,6c,63,6f,67,70,6d,64,70,6d,67,70,6c,64,69,69,6a,64,6d,00,40
"magijjcmkiaccnlnjhemjpmonm"=hex:6f,61,68,67,67,63,6a,67,66,6c,61,70,64,68,6a,
65,69,69,67,66,68,65,61,68,6a,70,6a,69,66,6b,00,6d
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,90,8b,56,f9,9d,
01,45,54,c8,28,51,af,b0,29,a3,98,39,53,20,d5,d1,b3,5a,c8,e2,63,26,f1,3f,c8,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,c0,b8,b4,06,14,
ca,dc,79,71,3b,04,66,8b,46,0d,96,7b,d9,7e,aa,2a,c2,db,b8,6a,9c,d6,61,af,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,10,54,87,88,e8,
1e,26,51,25,da,ec,7e,55,20,c9,26,ed,83,bf,89,6e,ec,c7,09,ff,7c,85,e0,43,d4,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,03,73,66,75,32,
23,6a,00,3e,1e,9e,e0,57,5a,93,61,e4,dd,c8,ba,d9,33,41,14,86,8c,21,01,be,91,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,ab,52,08,fd,23,
91,b8,64,cd,44,cd,b9,a6,33,6c,cd,09,44,29,f8,50,10,68,d9,f5,1d,4d,73,a8,13,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,09,9d,61,7e,f7,
4c,b0,0b,b0,18,ed,a7,3f,8d,37,a4,f3,32,d0,96,32,1f,8c,fc,df,20,58,62,78,6b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,cd,7c,81,bc,2d,
bb,7c,1f,31,77,e1,ba,b1,f8,68,02,72,88,b8,68,28,c4,de,fa,fb,a7,78,e6,12,2f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,d5,17,bd,ff,4a,
5e,4f,51,83,6c,56,8b,a0,85,96,ab,6e,c2,3e,c9,a3,bf,ae,4f,01,3a,48,fc,e8,04,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,10,5d,35,b3,1f,
2a,da,d3,51,fa,6e,91,28,9e,14,cc,b5,da,6e,83,4c,30,98,77,f6,0f,4e,58,98,5b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,fb,70,69,eb,b5,
fe,6e,83,b1,cd,45,5a,a8,c4,f8,b9,79,aa,ff,e7,96,34,e5,4a,3d,ce,ea,26,2d,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,38,42,55,b0,cb,
ad,22,40,e3,0e,66,d5,eb,bc,2f,6b,c7,6f,cd,81,72,5e,68,83,2a,b7,cc,b5,b9,7f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,2f,4c,d7,55,d3,
9a,98,1c,fa,ea,66,7f,d4,3b,6b,70,50,3b,a5,ee,81,8a,e2,02,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(808)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
Ora fine scansione: 2009-06-15 1:41
ComboFix-quarantined-files.txt 2009-06-15 23:41
Pre-Run: 68'239'122'432 byte disponibili
Post-Run: 68'320'993'280 byte disponibili
407 --- E O F --- 2009-06-15 01:03
Si uso una Stampante di quel tipo esattamente hpdeskjet 990cxi
Come antivirus uso AVG e funziona più che bene e insieme gli ho messo Spyware Terminator
Altri problemi, ogni tanto mi esce un errore di visual time debugger che premendo ok m ifa chiudere l'applicazione che sto usando, ma questo non accade sempre.
Qusto è l'errore che mi esce del visual time debugger
