ComboFix 09-11-28.01 - marco 28/11/2009 23.18.28.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1022.591 [GMT 1:00]
Eseguito da: d:\documenti\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091128-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\marco\Dati applicazioni\Desktopicon
c:\documents and settings\marco\Dati applicazioni\inst.exe
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\hrcowkp.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\hrcowkp_nav.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\hrcowkp_navps.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\oosgeou.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\oosgeou_nav.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\oosgeou_navps.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\wceaosu.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\wceaosu_nav.dat
c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\wceaosu_navps.dat
c:\windows\kb913800.exe
c:\windows\recover.reg
.
((((((((((((((((((((((((( Files Creati Da 2009-10-28 al 2009-11-28 )))))))))))))))))))))))))))))))))))
.
2009-11-28 22:05 . 2009-11-28 22:05 -------- d-----w- c:\programmi\CCleaner
2009-11-28 18:38 . 2009-11-28 18:38 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\Malwarebytes
2009-11-28 18:38 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-28 18:38 . 2009-11-28 18:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-28 18:38 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-28 18:38 . 2009-11-28 18:38 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-28 17:58 . 2009-11-28 17:58 -------- d-----w- c:\documents and settings\work\Dati applicazioni\3Dconnexion
2009-11-28 14:15 . 2009-11-28 14:15 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-11-26 23:56 . 2009-11-26 23:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-26 23:55 . 2009-11-26 23:55 -------- d-----w- c:\programmi\3Dconnexion
2009-11-26 23:55 . 2009-11-26 23:55 -------- d-----w- c:\programmi\Vodei
2009-11-26 23:55 . 2009-11-26 23:55 -------- d-----w- c:\programmi\DVD Decrypter
2009-11-25 23:53 . 2009-11-25 23:53 79488 ----a-w- c:\documents and settings\marco\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-24 21:56 . 2009-11-24 21:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-11-24 21:15 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-11-24 21:15 . 2009-11-24 21:15 -------- d-----w- c:\programmi\Panda Security
2009-11-24 18:42 . 2009-11-24 18:42 43008 ----a-w- c:\windows\system32\polddfr0.dll
2009-11-24 18:38 . 2009-11-24 18:38 43008 ----a-w- c:\windows\system32\jmfa9.dll
2009-11-23 19:45 . 2009-11-23 19:45 -------- d-----w- c:\programmi\Safer Networking
2009-11-23 19:35 . 2009-11-23 20:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-11-23 19:35 . 2009-11-23 19:40 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-11-23 14:53 . 2009-11-23 14:53 -------- d-sh--w- c:\documents and settings\work\IECompatCache
2009-11-23 14:41 . 2009-11-23 14:41 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-11-22 20:29 . 2009-11-22 20:29 43008 ----a-w- c:\windows\system32\ltnjumga.dll
2009-11-20 18:51 . 2004-08-03 23:52 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-11-20 18:51 . 2004-08-03 23:52 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-11-20 18:50 . 2004-08-03 23:44 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-11-20 18:50 . 2004-08-03 23:44 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-11-16 17:58 . 2009-11-16 17:58 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\3Dconnexion
2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-28 22:11 . 2009-01-14 22:29 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\DNA
2009-11-28 21:51 . 2006-11-01 08:01 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\Skype
2009-11-28 21:50 . 2009-01-14 22:29 -------- d-----w- c:\programmi\DNA
2009-11-28 20:59 . 2009-07-24 21:43 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\skypePM
2009-11-28 13:39 . 2009-01-14 22:30 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\BitTorrent
2009-11-24 22:00 . 2008-09-21 19:57 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-11-24 20:23 . 2008-02-18 19:38 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-24 18:30 . 2006-07-31 14:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-10-25 12:26 . 2009-10-24 19:59 -------- d-----w- c:\programmi\NeoBook 4
2009-10-25 08:13 . 2006-07-31 03:37 94712 ----a-w- c:\windows\system32\perfc010.dat
2009-10-25 08:13 . 2006-07-31 03:37 513388 ----a-w- c:\windows\system32\perfh010.dat
2009-10-24 20:05 . 2009-10-24 20:05 -------- d-----w- c:\programmi\NeoPaint per Windows
2009-10-23 08:05 . 2008-09-13 13:37 74704 ----a-w- c:\documents and settings\work\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-10-22 17:15 . 2009-10-22 17:14 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\U3
2009-10-17 13:00 . 2006-10-29 21:57 74704 ----a-w- c:\documents and settings\marco\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-10-17 08:34 . 2009-06-26 16:58 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\DVDFab
2009-10-17 08:32 . 2009-06-25 20:38 -------- d-----w- c:\documents and settings\marco\Dati applicazioni\Vso
2009-10-17 08:32 . 2009-06-25 20:38 47360 ----a-w- c:\documents and settings\marco\Dati applicazioni\pcouffin.sys
2009-10-17 08:32 . 2009-06-25 20:38 47360 ----a-w- c:\documents and settings\marco\Dati applicazioni\pcouffin.sys
2009-10-16 20:33 . 2007-05-01 15:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2009-10-16 19:43 . 2009-06-23 19:09 117760 ----a-w- c:\documents and settings\marco\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-10-16 19:40 . 2008-09-21 19:58 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-10-16 18:24 . 2006-09-02 07:43 -------- d-----w- c:\programmi\Microsoft Works
2009-10-16 16:26 . 2006-08-01 08:01 -------- d-----w- c:\programmi\Sony
2009-10-04 17:09 . 2009-01-09 18:03 -------- d-----w- c:\programmi\tele2
2009-09-15 11:59 . 2008-08-15 20:57 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 11:56 . 2008-08-15 20:57 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 11:56 . 2008-08-15 20:57 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 11:55 . 2008-08-15 20:57 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 11:55 . 2008-08-15 20:57 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-15 11:54 . 2008-08-15 20:57 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-15 11:54 . 2008-08-15 20:57 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 11:53 . 2008-08-15 20:57 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 11:53 . 2008-08-15 20:57 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-11 14:11 . 2006-07-31 03:36 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45 . 2006-07-31 03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1" [X]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2009-07-16 25604904]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2007-02-05 476728]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-16 2000112]
"BitTorrent DNA"="c:\programmi\DNA\btdna.exe" [2009-10-22 323392]
"TomTomHOME.exe"="c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"LDM"="c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-17 67128]
"OM2_Monitor"="c:\programmi\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-11-07 95536]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-04 68856]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VAIO Update 4"="c:\programmi\Sony\VAIO Update 4\VAIOUpdt.exe " [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7561216]
"Apoint"="c:\programmi\Apoint\Apoint.exe" [2004-11-17 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"VAIOCameraUtility"="c:\programmi\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"SonyPowerCfg"="c:\programmi\Sony\VAIO Power Management\SPMgr.exe" [2006-06-27 217088]
"ISBMgr.exe"="c:\programmi\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"Switcher.exe"="c:\programmi\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2007-01-01 169472]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"hpqSRMon"="c:\programmi\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-06-13 282624]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]
"Logitech Utility"="Logi_MwX.Exe" - c:\windows\LOGI_MWX.EXE [2003-11-07 19968]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-09-07 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-07 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"3DxAssociateFileExts"="c:\programmi\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe FileExts" [X]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio rapido HP Photosmart Premier.lnk - c:\programmi\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Logitech Desktop Messenger.lnk - c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-3-17 67128]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Start 3DxWare.lnk - c:\programmi\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe [2007-11-6 118272]
ymetray.lnk - c:\programmi\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-7-24 54512]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-09-21 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-16 19:40 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 12:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"c:\\Programmi\\Sony\\Click to DVD 2\\CtoDvd.exe"=
"c:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Programmi\\Sony\\VAIO Media 5.0\\Vc.exe"=
"c:\\Programmi\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"c:\\Programmi\\ANWSOFT\\CAMagic Mobile for Bluetooth\\LiveCheck.exe"=
"c:\\Programmi\\UGS\\NX 4.0\\UGII\\ugraf.exe"=
"c:\\UGSPLM\\I-DEAS11\\ideas\\ideast.exe"=
"c:\\UGSPLM\\I-DEAS11\\geo\\geomod.exe"=
"c:\\UGSPLM\\I-DEAS11\\oarun\\dpsmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\UGS\\NX 4.0\\UGFLEXLM\\lmgrd.exe"=
"c:\\Programmi\\NetMeeting\\conf.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=
"c:\\Programmi\\WinDS PRO\\DeSmuME\\desmume_sse2.exe"=
"c:\\Programmi\\Activision\\Demo di SHREK TERZO\\SHReK the THiRD.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24/11/2009 22.15.56 28552]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15/08/2008 21.57.31 114768]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 12.53.48 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [27/02/2007 11.39.26 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15/08/2008 21.57.31 20560]
R2 I-DEAS License Manager 11.0;I-DEAS License Manager 11.0;c:\ugsplm\I-DEAS11\sec\lmgrd.exe [09/11/2006 20.48.13 595456]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [27/08/2009 16.05.04 92008]
R2 UGNX4;UGNX4;c:\programmi\UGS\NX 4.0\UGFLEXLM\lmgrd.exe [27/10/2005 11.34.20 962560]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [31/07/2006 4.38.12 30080]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [31/07/2006 4.38.10 808448]
RUnknown IT iona_services.config_rep.nome-adab81b928 cfr-MyDomain;IT iona_services.config_rep.nome-adab81b928 cfr-MyDomain; [x]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [05/11/2008 0.17.56 716272]
S2 gupdate1ca0ca798b167ae;Servizio di Google Update (gupdate1ca0ca798b167ae);c:\programmi\Google\Update\GoogleUpdate.exe [24/07/2009 22.42.08 133104]
S3 rockusb;Driver for rockusb Device;c:\windows\system32\drivers\rockusb.sys [22/03/2006 19.57.44 73984]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16.51.08 4096]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3213A908-DD47-4AE2-AD09-8426D02506D1}]
rundll32 polddfr0.dll,laspi
.
Contenuto della cartella 'Scheduled Tasks'
2009-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-07-24 21:41]
2009-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-07-24 21:41]
2008-09-21 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\programmi\Spybot - Search & Destroy\SpybotSD.exe [2009-11-23 14:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost
IE: Aggiungi sito di supporto RSS a VAIO Information FLOW - c:\programmi\Sony\VAIO Information FLOW\aiesc.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Trasferimento tramite Image Converter 2 Plus - c:\programmi\Sony\Image Converter 2\menu.htm
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
Notify-WgaLogon - (no file)
AddRemove-NVIDIA Drivers - c:\windows\system32\nvudisp.exe UninstallGUI
AddRemove-{91810AFC-A4F8-4EBA-A5AA-B198BBC81144} - c:\programmi\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe REMOVEALL
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-28 23:28
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(892)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\VESWinlogon.dll
.
Ora fine scansione: 2009-11-28 23:32
ComboFix-quarantined-files.txt 2009-11-28 22:32
Pre-Run: 27.295.219.712 byte disponibili
Post-Run: 28.409.126.912 byte disponibili
- - End Of File - - 5204E92D3FA7D643134CC5695525789F