ComboFix 09-07-27.04 - Franco 28/07/2009 16.36.03.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1414 [GMT 2:00]
Eseguito da: c:\documents and settings\Franco\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programmi\Search Settings
c:\programmi\Search Settings\kb128\SearchSettings.dll
c:\programmi\Search Settings\kb128\SearchSettingsRes409.dll
c:\programmi\Search Settings\SearchSettings.exe
c:\windows\kb913800.exe
.
((((((((((((((((((((((((( Files Creati Da 2009-06-28 al 2009-07-28 )))))))))))))))))))))))))))))))))))
.
2009-07-28 13:56 . 2009-07-28 13:56 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Malwarebytes
2009-07-28 13:56 . 2009-03-26 14:49 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-28 13:56 . 2009-03-26 14:49 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-28 13:56 . 2009-07-28 13:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-07-28 13:56 . 2009-07-28 13:56 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-28 13:01 . 2009-07-28 13:03 -------- dc-h--w- c:\windows\ie8
2009-07-28 10:07 . 2009-07-28 10:07 -------- d-----w- c:\programmi\Trend Micro
2009-07-27 20:31 . 2009-07-27 20:31 -------- d-----w- c:\programmi\T-Mobile
2009-07-27 18:52 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\Franco\Dati applicazioni\Mozilla\Firefox\Profiles\n2o9f6dx.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-07-27 12:32 . 2009-07-27 12:32 3584 ----a-r- c:\documents and settings\Franco\Dati applicazioni\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-07-27 12:32 . 2009-07-27 12:32 -------- d-----w- c:\programmi\Windows Installer Clean Up
2009-07-27 12:32 . 2009-07-27 12:32 -------- d-----w- c:\programmi\MSECACHE
2009-07-26 19:10 . 2009-07-27 09:49 -------- d-----w- C:\BywifiShare
2009-07-26 19:10 . 2009-07-26 19:10 -------- d-----w- C:\BywifiSave
2009-07-26 19:09 . 2009-07-27 09:55 -------- d-----w- c:\programmi\Bywifi
2009-07-26 16:10 . 2009-07-26 16:10 -------- d-----w- c:\programmi\File comuni\Skype
2009-07-26 11:42 . 2009-07-26 11:42 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2009-07-26 11:42 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-07-26 11:42 . 2009-07-26 11:42 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-07-24 15:39 . 2009-07-24 15:39 -------- d-----w- C:\Sandbox
2009-07-24 15:31 . 2009-07-27 09:46 -------- d-----w- c:\programmi\DFX
2009-07-23 11:58 . 2009-07-23 11:58 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Apple Computer
2009-07-20 13:35 . 2009-07-20 13:35 -------- d-----w- c:\programmi\pdfsam
2009-07-20 13:15 . 2008-09-24 19:33 484352 ----a-w- c:\windows\system32\lame_enc.dll
2009-07-20 13:15 . 2009-07-20 13:15 -------- d-----w- c:\programmi\Free Audio Pack
2009-07-20 13:13 . 2009-07-20 13:13 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Search Settings
2009-07-19 20:42 . 2009-07-19 20:42 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Hagel Technologies
2009-07-19 20:42 . 2009-07-19 20:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Hagel Technologies
2009-07-19 20:42 . 2009-07-19 20:42 -------- d-----w- c:\programmi\DU Meter
2009-07-19 16:37 . 2009-07-19 16:37 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\GARMIN
2009-07-19 15:49 . 2009-07-19 15:50 -------- d-----w- C:\GarminPOIUpdater
2009-07-19 15:40 . 2009-07-19 15:40 -------- d-----w- c:\programmi\DIFX
2009-07-19 15:40 . 2009-07-19 15:40 -------- d-----w- c:\programmi\Garmin
2009-07-19 15:40 . 2009-07-19 17:24 -------- d-----w- C:\Garmin
2009-07-19 12:36 . 2009-07-19 12:36 -------- d--h--w- c:\windows\PIF
2009-07-19 11:22 . 2009-07-19 11:22 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-07-19 11:20 . 2009-07-19 11:21 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-07-19 11:20 . 2009-07-19 11:20 -------- d-----w- c:\windows\system32\LogFiles
2009-07-19 10:51 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-07-18 13:28 . 2009-07-18 13:28 -------- d-----w- c:\windows\l2schemas
2009-07-18 13:28 . 2009-07-18 13:28 -------- d-----w- c:\windows\system32\it
2009-07-18 13:28 . 2009-07-18 13:28 -------- d-----w- c:\windows\system32\bits
2009-07-18 13:25 . 2009-07-18 13:29 -------- d-----w- c:\windows\ServicePackFiles
2009-07-18 12:26 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-07-18 12:11 . 2009-07-18 12:11 -------- d-sh--w- c:\documents and settings\Franco\IECompatCache
2009-07-18 12:10 . 2009-07-18 12:10 -------- d-sh--w- c:\documents and settings\Franco\PrivacIE
2009-07-18 12:05 . 2009-07-18 12:05 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-18 12:03 . 2009-07-18 12:03 -------- d-sh--w- c:\documents and settings\Franco\IETldCache
2009-07-18 11:57 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-18 11:57 . 2009-07-28 14:15 -------- d-----w- c:\windows\ie8updates
2009-07-18 11:57 . 2009-04-30 21:13 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-18 11:57 . 2009-04-30 21:13 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-18 11:57 . 2009-04-30 21:13 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-18 11:57 . 2009-04-30 21:13 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-18 11:55 . 2009-07-28 13:02 -------- d-----w- c:\windows\system32\it-IT
2009-07-18 11:55 . 2009-01-07 16:21 1497088 -c--a-w- c:\windows\system32\dllcache\shdocvw.dll
2009-07-18 11:49 . 2009-07-18 11:49 -------- d-----w- c:\programmi\MSXML 4.0
2009-07-18 11:34 . 2009-07-18 11:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-07-18 11:07 . 2009-07-18 11:07 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-07-18 10:46 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-07-18 10:46 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-07-18 10:46 . 2008-06-18 03:03 2458112 -c----w- c:\windows\system32\dllcache\WMVCore.dll
2009-07-18 10:46 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-07-18 10:46 . 2008-05-01 14:34 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-07-18 10:46 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-07-18 10:44 . 2008-10-15 16:36 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-07-18 10:44 . 2008-09-04 17:15 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-07-18 10:38 . 2008-04-21 21:14 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-07-18 10:08 . 2009-07-19 10:50 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-18 10:08 . 2009-07-18 10:08 -------- d-----w- c:\programmi\Reference Assemblies
2009-07-18 10:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-18 10:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-18 10:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-07-18 10:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-18 10:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-07-18 10:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-07-18 10:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-18 10:07 . 2009-07-18 10:08 -------- d-----w- C:\7901fd005c000075efdb
2009-07-18 10:03 . 2009-07-18 10:03 -------- d-----w- c:\programmi\MSXML 6.0
2009-07-18 09:14 . 2009-07-18 09:14 -------- d-sh--w- c:\documents and settings\Franco\UserData
2009-07-17 14:45 . 2009-07-17 14:45 932368 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-07-17 14:45 . 2009-07-17 14:45 678416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-07-17 14:45 . 2009-07-17 14:45 604688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-07-17 14:45 . 2009-07-17 14:45 522768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-07-17 14:45 . 2009-07-17 14:45 1096208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-07-17 14:44 . 2009-07-17 14:44 296976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-07-17 14:44 . 2009-07-17 14:44 128016 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-07-17 14:44 . 2009-07-17 14:44 296976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-07-17 14:44 . 2009-07-17 14:44 128016 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-07-17 14:37 . 2009-07-17 14:37 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-07-17 14:34 . 2009-07-17 14:34 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-17 14:34 . 2009-07-17 14:34 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-17 14:33 . 2009-07-28 14:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-07-17 14:33 . 2009-07-17 14:33 -------- d-----w- c:\programmi\Kaspersky Lab
2009-07-17 13:43 . 2009-07-17 13:43 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Macrovision
2009-07-17 12:03 . 2008-04-14 02:13 26624 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-17 11:25 . 2009-07-17 12:03 -------- d-----w- c:\programmi\eMule
2009-07-17 11:20 . 2009-07-17 11:20 -------- d-----w- c:\programmi\File comuni\Adobe
2009-07-17 06:37 . 2009-07-17 06:37 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2009-07-17 06:28 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-07-17 06:28 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-07-17 06:28 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-07-17 06:28 . 2009-07-17 06:28 -------- d-----w- c:\programmi\File comuni\PC Tools
2009-07-17 06:28 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-07-17 06:27 . 2009-07-28 07:59 -------- d-----w- c:\programmi\Spyware Doctor
2009-07-17 06:27 . 2009-07-17 06:27 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\PC Tools
2009-07-17 06:27 . 2009-07-17 06:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Tools
2009-07-17 06:27 . 2009-07-28 14:43 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-07-17 06:25 . 2009-07-17 06:25 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2009-07-17 06:25 . 2009-07-17 06:53 -------- d-----w- c:\documents and settings\Franco\Impostazioni locali\Dati applicazioni\Google
2009-07-17 06:24 . 2009-07-24 15:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-07-17 06:24 . 2009-07-17 15:39 -------- d-----w- c:\programmi\Google
2009-07-16 21:42 . 2009-07-16 21:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2009-07-16 20:46 . 2009-07-16 20:46 1878984 ----a-w- c:\documents and settings\Franco\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-07-16 19:05 . 2009-07-16 19:06 -------- d-----w- C:\MSNCleaner
2009-07-16 18:20 . 2007-11-05 09:56 101120 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2009-07-16 18:18 . 2009-07-16 18:18 -------- d-----w- c:\documents and settings\Franco\Impostazioni locali\Dati applicazioni\Downloaded Installations
2009-07-16 12:53 . 2009-07-16 12:58 -------- d-----w- C:\Output Files
2009-07-16 10:30 . 2009-07-16 10:50 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\K-K-S-N
2009-07-16 10:21 . 2009-07-16 10:21 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\%#@_&^
2009-07-12 17:19 . 2009-07-12 17:19 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Canneverbe_Limited
2009-07-12 16:13 . 2009-07-12 16:13 422 ----a-w- c:\documents and settings\Franco\Dati applicazioni\Identities\socks32.exe
2009-07-12 16:13 . 2009-07-12 16:13 16141 ----a-w- c:\documents and settings\Franco\Dati applicazioni\Intel\megalon.exe
2009-07-12 16:13 . 2009-07-12 16:13 13221 ----a-w- c:\documents and settings\Franco\Dati applicazioni\AdobeUM\reniga.dll
2009-07-12 16:13 . 2009-07-12 16:13 131 ----a-w- c:\documents and settings\Franco\Dati applicazioni\InstallShield\horsi.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-27 20:35 . 2009-06-27 13:22 -------- d-----w- c:\programmi\Vodafone
2009-07-27 20:03 . 2009-06-27 17:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-07-27 13:32 . 2006-09-14 11:18 84354 ----a-w- c:\windows\system32\perfc010.dat
2009-07-27 13:32 . 2006-09-14 11:18 489648 ----a-w- c:\windows\system32\perfh010.dat
2009-07-27 12:43 . 2006-09-15 12:08 69224 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-07-26 19:12 . 2009-07-26 19:12 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-07-26 19:12 . 2006-09-14 11:18 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2009-07-26 17:26 . 2009-06-27 14:43 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Skype
2009-07-26 16:10 . 2009-06-27 14:43 -------- d-----r- c:\programmi\Skype
2009-07-26 16:10 . 2009-06-27 14:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-07-26 16:09 . 2009-06-27 14:45 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\skypePM
2009-07-26 11:42 . 2009-06-27 12:03 -------- d-----w- c:\programmi\TuneUp Utilities 2009
2009-07-22 12:50 . 2009-06-27 12:40 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-07-20 13:09 . 2009-06-27 12:14 -------- d-----w- c:\programmi\Free Video Converter
2009-07-18 13:32 . 2006-09-14 11:33 87479 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-17 14:44 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-17 14:20 . 2009-06-27 13:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-07-16 19:26 . 2009-06-27 13:28 344096 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-16 19:26 . 2009-06-27 13:28 2256 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-16 19:26 . 2009-06-27 13:28 1347616 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-16 19:26 . 2009-06-27 13:28 11608 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-16 12:52 . 2009-06-27 14:53 -------- d-----w- c:\programmi\All Office Converter Platinum
2009-07-12 16:13 . 2009-06-27 12:59 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\InstallShield
2009-07-12 16:13 . 2009-06-27 10:58 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Intel
2009-06-27 19:27 . 2006-09-18 09:38 -------- d-----w- c:\programmi\X10 Hardware
2009-06-27 19:27 . 2006-09-25 08:40 -------- d-----w- c:\programmi\Toshiba Connect
2009-06-27 19:25 . 2006-09-14 11:32 -------- d-----w- c:\programmi\Servizi in linea
2009-06-27 19:25 . 2006-09-15 12:34 -------- d-----w- c:\programmi\Realtek
2009-06-27 19:24 . 2006-09-14 11:35 -------- d-----w- c:\programmi\microsoft frontpage
2009-06-27 19:24 . 2006-09-15 12:39 -------- d-----w- c:\programmi\ltmoh
2009-06-27 19:22 . 2006-09-15 13:02 -------- d-----w- c:\programmi\File comuni\InterVideo
2009-06-27 19:22 . 2006-09-14 12:32 -------- d-----w- c:\programmi\File comuni\Java
2009-06-27 19:22 . 2006-09-15 12:03 -------- d-----w- c:\programmi\ATI Technologies
2009-06-27 19:14 . 2006-09-18 10:08 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\X10 Commander
2009-06-27 19:12 . 2009-06-27 19:13 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-27 19:12 . 2006-09-14 12:32 -------- d-----w- c:\programmi\Java
2009-06-27 19:12 . 2009-06-27 10:56 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Windows Desktop Search
2009-06-27 19:12 . 2009-06-27 10:56 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\toshiba
2009-06-27 19:12 . 2009-06-27 10:56 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\Sonic
2009-06-27 19:12 . 2009-06-27 10:55 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Windows Desktop Search
2009-06-27 19:12 . 2009-06-27 10:55 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\toshiba
2009-06-27 19:12 . 2009-06-27 10:55 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Symantec
2009-06-27 19:12 . 2009-06-27 10:55 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Sonic
2009-06-27 19:12 . 2006-09-18 09:56 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Windows Desktop Search
2009-06-27 19:12 . 2006-09-18 09:39 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Sonic
2009-06-27 19:12 . 2006-09-15 12:58 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\toshiba
2009-06-27 19:11 . 2009-06-27 19:11 152576 ----a-w- c:\documents and settings\Franco\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-27 17:57 . 2009-06-27 17:57 -------- d-----w- c:\programmi\Microsoft Works
2009-06-27 17:56 . 2009-06-27 17:56 -------- d-----w- c:\programmi\MSBuild
2009-06-27 17:55 . 2009-06-27 17:55 -------- d-----w- c:\programmi\Microsoft.NET
2009-06-27 17:53 . 2009-06-27 17:53 -------- d-----w- c:\programmi\Microsoft Visual Studio 8
2009-06-27 14:45 . 2009-06-27 14:45 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-27 13:41 . 2009-06-27 13:41 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\mioObjects
2009-06-27 13:41 . 2009-06-27 13:42 407047 ----a-w- c:\windows\system32\mioengine.exe
2009-06-27 13:22 . 2009-06-27 13:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Motive
2009-06-27 13:13 . 2009-06-27 13:13 -------- d-----w- c:\programmi\vodafonesam
2009-06-27 13:13 . 2006-09-18 09:38 -------- d-----w- c:\programmi\Common Files
2009-06-27 13:09 . 2006-09-15 12:03 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-27 13:08 . 2006-09-14 11:40 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-06-27 13:06 . 2009-06-27 13:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\UDL
2009-06-27 13:06 . 2009-06-27 12:56 -------- d-----w- c:\programmi\epson
2009-06-27 13:05 . 2009-06-27 13:04 -------- d-----w- c:\programmi\ABBYY FineReader 6.0 Sprint
2009-06-27 12:59 . 2009-06-27 12:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EPSON
2009-06-27 12:48 . 2009-06-27 12:48 -------- d-----w- c:\programmi\CCleaner
2009-06-27 12:37 . 2009-06-27 12:37 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-06-27 12:34 . 2009-06-27 12:34 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-27 12:33 . 2009-06-27 12:33 -------- d-----w- c:\programmi\KaraFun
2009-06-27 12:33 . 2009-06-27 12:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Recisio
2009-06-27 12:14 . 2009-06-27 12:14 0 ----a-w- c:\windows\nsreg.dat
2009-06-27 12:13 . 2009-06-27 12:13 -------- d-----w- c:\programmi\Sandboxie
2009-06-27 12:12 . 2009-06-27 12:11 -------- d-----w- c:\programmi\QuickTime
2009-06-27 12:11 . 2009-06-27 12:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-06-27 12:11 . 2009-06-27 12:11 -------- d-----w- c:\programmi\Apple Software Update
2009-06-27 12:11 . 2009-06-27 12:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-06-27 12:11 . 2009-06-27 12:11 -------- d-----w- c:\programmi\Smart Projects
2009-06-27 12:09 . 2009-06-27 12:09 -------- d-----w- c:\programmi\IObit
2009-06-27 12:07 . 2009-06-27 12:07 -------- d-----w- c:\programmi\CDBurnerXP
2009-06-27 12:03 . 2009-06-27 12:03 -------- d-----w- c:\documents and settings\Franco\Dati applicazioni\TuneUp Software
2009-06-27 12:03 . 2009-06-27 12:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-06-27 12:03 . 2009-06-27 12:03 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-06-27 11:40 . 2006-09-18 09:47 -------- d-----w- c:\programmi\File comuni\Symantec Shared
2009-06-27 11:40 . 2006-09-18 09:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Symantec
2009-06-27 11:34 . 2009-06-27 10:56 135 ----a-w- c:\documents and settings\Franco\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-06-27 11:32 . 2009-06-27 11:32 -------- d-----w- c:\programmi\VS Revo Group
2009-06-27 11:05 . 2009-06-27 11:05 -------- d-----w- c:\programmi\DVD-RAM
2009-06-27 10:58 . 2009-06-27 10:58 -------- d-----w- c:\documents and settings\NetworkService\Dati applicazioni\Intel
2009-06-27 10:58 . 2009-06-27 10:58 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Intel
2009-06-27 10:58 . 2009-06-27 10:58 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Intel
2009-06-27 10:58 . 2009-06-27 10:58 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-06-27 10:58 . 2009-06-27 10:58 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Intel
2009-06-27 10:58 . 2009-06-27 10:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Intel
2009-06-27 10:58 . 2006-09-14 14:16 -------- d-----w- c:\programmi\Intel
2009-06-27 10:57 . 2009-06-27 10:57 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_Satellite A100_04549-IT_PSAA8E-15T04.MRK
2009-06-27 10:57 . 2006-09-15 12:44 -------- d-----w- c:\programmi\Toshiba
2009-06-16 14:36 . 2006-09-14 11:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2006-09-14 11:17 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 13:24 . 2009-06-15 13:24 64088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.459\Italian\setup.exe
2009-06-03 19:09 . 2006-09-14 11:17 1296384 ------w- c:\windows\system32\quartz.dll
2009-05-25 03:21 . 2009-05-25 03:21 219664 ----a-w- c:\windows\system32\klogon.dll
2009-05-25 03:18 . 2009-05-25 03:18 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-07-15 23:27 . 2009-06-27 12:01 137208 ----a-w- c:\programmi\mozilla firefox\components\brwsrcmp.dll
.
------- Sigcheck -------
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\TCPIP.SYS
[-] 2009-07-26 19:12 361600 CBEEBEB899E31EF52B962CB31FC8CA5C c:\windows\system32\dllcache\TCPIP.SYS
[-] 2009-07-26 19:12 361600 CBEEBEB899E31EF52B962CB31FC8CA5C c:\windows\system32\drivers\TCPIP.SYS
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-17 39408]
"RegistryMechanic"="c:\programmi\Registry Mechanic\RegMech.exe" [2008-07-08 2828184]
"DU Meter"="c:\programmi\DU Meter\DUMeter.exe" [2008-06-08 2645528]
"ISUSPM"="c:\documents and settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2009-02-10 210192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-03-02 761948]
"THotkey"="c:\programmi\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 356352]
"IntelZeroConfig"="c:\programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"IntelWireless"="c:\programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"VodafoneWCM_McciTrayApp"="c:\programmi\Vodafone\WiFi Assistant\McciTrayApp.exe" [2008-05-29 1479168]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-27 148888]
"ISTray"="c:\programmi\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]
"VodafoneVMCLiteLauncher"="c:\programmi\Vodafone\VMCLite\\VodafoneVMCLiteLauncher.exe" [2007-11-07 102400]
"avp"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-05 16206848]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2005-12-13 88204]
"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2005-08-04 266240]
"NDSTray.exe"="NDSTray.exe" [BU]
"CFSServ.exe"="CFSServ.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
NewShortcut1.lnk - c:\programmi\Vodafone\VMCLite\VodafoneVMCLiteLauncher.exe [2007-11-7 102400]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2009-6-27 155648]
web'n'walk Manager.lnk - c:\programmi\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe [2007-11-7 794624]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" /nosplash /minimized
"SandboxieControl"="c:\programmi\Sandboxie\SbieCtrl.exe"
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
"Tvs"=c:\programmi\TOSHIBA\Tvs\TvsTray.exe
"TFncKy"=TFncKy.exe
"SmoothView"=c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
"ehTray"=c:\windows\ehome\ehtray.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
"igfxtray"=c:\windows\system32\igfxtray.exe
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"DLA"=c:\windows\System32\DLA\DLACTRLW.EXE
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20.41.32 33808]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [17/07/2009 8.28.21 130936]
R2 DUMeterSvc;DU Meter Service;c:\programmi\DU Meter\DUMeterSvc.exe [19/07/2009 22.42.07 1386008]
R2 GtDetectSc;GtDetectSc;c:\programmi\T-Mobile\web'n'walk Manager\GtDetectSc.exe [05/11/2007 14.28.10 204915]
R2 sdAuxService;PC Tools Auxiliary Service;c:\programmi\Spyware Doctor\pctsAuxs.exe [17/07/2009 8.28.01 348752]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [26/07/2009 13.42.35 604416]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17.46.52 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20.59.44 19472]
R3 SbieDrv;SbieDrv;c:\programmi\Sandboxie\SbieDrv.sys [13/04/2009 18.51.14 107520]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [18/09/2006 11.38.10 7040]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [09/07/2007 14.17.36 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [26/06/2007 13.38.46 51968]
S3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [30/03/2007 13.38.14 8064]
S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\hmvmdm.sys [29/06/2009 22.19.44 101120]
--- Altri Servizi/Drivers In Memoria ---
*Deregistered* - mchInjDrv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'
2009-06-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-07-28 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-17 06:24]
2009-07-28 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:55]
2009-07-28 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
2009-07-28 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
2009-07-28 c:\windows\Tasks\User_Feed_Synchronization-{7CD504D7-BFFB-417C-8CA8-5325AE547341}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
HKLM-Run-SearchSettings - c:\programmi\Search Settings\SearchSettings.exe
.
------- Scansione supplementare -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
IE: &MSN Search - c:\programmi\MSN Toolbar Suite\msntb.dll/search.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Franco\Dati applicazioni\Mozilla\Firefox\Profiles\n2o9f6dx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: network.proxy.type - 2
FF - component: c:\programmi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
**************************************************************************
driver loading error catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-28 16:43
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\programmi\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(1348)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3088)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\Toshiba\ConfigFree\CFSvcs.exe
c:\windows\system32\DVDRAMSV.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Common Files\Motive\McciCMService.exe
c:\programmi\CDBurnerXP\NMSAccessU.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\Sandboxie\SbieSvc.exe
c:\programmi\Spyware Doctor\pctsSvc.exe
c:\programmi\Toshiba\TOSHIBA Applet\TAPPSRV.exe
c:\progra~1\COMMON~1\X10\Common\X10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\Synaptics\SynTP\Toshiba.exe
c:\programmi\Toshiba\ConfigFree\NDSTray.exe
c:\windows\system32\TPSBattM.exe
c:\programmi\Toshiba\ConfigFree\CFWAN.exe
c:\programmi\Vodafone\VMCLite\PhoneConnectorVMC.exe
c:\programmi\Intel\Wireless\Bin\Dot1XCfg.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-07-28 16.47.29 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-07-28 14:47
Pre-Run: 72.720.113.664 byte disponibili
Post-Run: 72.710.619.136 byte disponibili
492 --- E O F --- 2009-07-28 14:16
