Salve kananga ho fatto tutta la sequenza, e questo è il log di Combofix.
Fammi sapere.
Ciao Massimo
Grazie.
ComboFix 09-05-31.06 - Massimo 02/06/2009 19.38.28.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.250 [GMT 2:00]
Eseguito da: c:\documents and settings\Massimo\Desktop\Protezione\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090601-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Massimo\real.txt
c:\documents and settings\Maurizio\Desktop\Videos.url
c:\documents and settings\Maurizio\Impostazioni locali\Dati applicazioni\utcahm.dat
c:\documents and settings\Maurizio\Impostazioni locali\Dati applicazioni\utcahm_nav.dat
c:\documents and settings\Maurizio\Impostazioni locali\Dati applicazioni\utcahm_navps.dat
c:\documents and settings\Maurizio\Menu Avvio\Programmi\Videos.url
c:\documents and settings\Maurizio\Preferiti\Videos.url
c:\documents and settings\Maurizio\real.txt
c:\programmi\GamesBar\oberontb.dll
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\setup.exe
c:\windows\system32\api.dat
c:\windows\system32\cncs32.dll
c:\windows\system32\Packet.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GRANDE48
((((((((((((((((((((((((( Files Creati Da 2009-05-02 al 2009-06-02 )))))))))))))))))))))))))))))))))))
.
2009-06-01 21:08 . 2009-06-02 08:17 -------- d-----w- c:\programmi\The Weather Channel FW
2009-06-01 21:05 . 2009-06-01 21:05 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Sammsoft
2009-06-01 21:04 . 2009-06-01 21:08 -------- d-----w- c:\programmi\Advanced Registry Optimizer
2009-06-01 21:03 . 2009-06-02 08:18 -------- d-----w- c:\documents and settings\Massimo\Impostazioni locali\Dati applicazioni\The Weather Channel
2009-06-01 17:45 . 2009-06-01 17:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GARMIN
2009-06-01 17:30 . 2009-06-01 17:46 -------- d-----w- C:\Garmin
2009-06-01 11:56 . 2009-06-01 15:43 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Download Manager
2009-06-01 11:37 . 2009-06-01 17:25 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\GARMIN
2009-06-01 11:34 . 2009-06-01 11:34 -------- d-----w- c:\programmi\Garmin GPS Plugin
2009-06-01 11:33 . 2009-06-01 11:33 -------- d-----w- c:\programmi\Garmin
2009-05-30 16:25 . 2009-05-30 16:25 -------- d-----w- c:\documents and settings\Massimo\Impostazioni locali\Dati applicazioni\PC_Drivers_Headquarters
2009-05-30 16:23 . 2009-05-30 16:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Drivers HeadQuarters
2009-05-30 16:22 . 2009-05-30 16:22 -------- d-----w- c:\programmi\PC Drivers HeadQuarters
2009-05-28 20:16 . 2009-05-28 20:16 -------- d-----w- c:\documents and settings\Maurizio\Dati applicazioni\Malwarebytes
2009-05-28 19:31 . 2009-05-28 19:31 -------- d-----w- c:\documents and settings\Maurizio\Impostazioni locali\Dati applicazioni\PCHealth
2009-05-27 18:58 . 2009-05-27 18:58 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Malwarebytes
2009-05-27 18:55 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-27 18:55 . 2009-05-27 18:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-05-27 18:55 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-27 18:55 . 2009-05-27 18:57 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-05-23 17:31 . 2009-05-23 17:31 -------- d-----w- c:\windows\Lhsp
2009-05-23 17:29 . 2009-05-23 17:30 -------- d-----w- c:\windows\speech
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-02 17:39 . 2008-02-18 09:31 -------- d-----w- c:\programmi\GamesBar
2009-06-02 17:11 . 2009-01-29 18:38 343896 ----a-w- c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\5swjmr5n.default\extensions\aidmakertoolbar@aidmaker.com\components\aidmff.dll
2009-06-02 17:11 . 2009-01-29 18:37 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\AidMaker
2009-06-01 22:06 . 2009-03-20 17:36 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Mpeg Lies Window
2009-06-01 11:34 . 2007-12-23 23:22 -------- d-----w- c:\programmi\DIFX
2009-05-31 23:11 . 2008-08-11 20:57 -------- d-----w- c:\programmi\eMule
2009-05-30 15:14 . 2009-02-08 16:16 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\U3
2009-05-30 15:11 . 2009-05-30 15:11 0 ----a-w- C:\LOGD.tmp
2009-05-28 21:17 . 2009-02-13 15:03 343896 ----a-w- c:\documents and settings\Maurizio\Dati applicazioni\Mozilla\Firefox\Profiles\f9cw3ou4.default\extensions\aidmakertoolbar@aidmaker.com\components\aidmff.dll
2009-05-28 21:17 . 2009-02-03 16:42 -------- d-----w- c:\documents and settings\Maurizio\Dati applicazioni\AidMaker
2009-05-28 19:16 . 2008-07-24 15:13 94032 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-27 19:11 . 2009-05-27 19:11 0 ----a-w- C:\LOGB.tmp
2009-05-27 18:51 . 2007-12-23 16:17 -------- d-----w- c:\programmi\CCleaner
2009-05-25 20:35 . 2009-05-25 20:35 0 ----a-w- C:\LOG86.tmp
2009-05-25 16:30 . 2009-05-25 16:30 0 ----a-w- C:\LOG10.tmp
2009-05-25 15:07 . 2009-05-25 15:07 0 ----a-w- C:\LOGA.tmp
2009-05-24 14:09 . 2008-07-20 15:04 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-05-24 12:44 . 2008-03-02 17:43 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Skype
2009-05-24 11:25 . 2008-03-02 17:46 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\skypePM
2009-05-24 07:19 . 2007-12-22 19:35 94032 ----a-w- c:\documents and settings\Massimo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-05-19 21:18 . 2008-05-29 19:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EmailNotifier
2009-05-19 21:18 . 2008-12-31 17:54 -------- d-----w- c:\programmi\AskTBar
2009-05-19 20:30 . 2008-07-07 22:18 -------- d-----w- c:\programmi\Circle Developement
2009-05-11 20:46 . 2008-03-21 21:41 -------- d-----w- c:\documents and settings\Maurizio\Dati applicazioni\Skype
2009-05-11 17:47 . 2008-05-20 19:25 -------- d-----w- c:\documents and settings\Maurizio\Dati applicazioni\skypePM
2009-04-30 21:11 . 2008-07-24 13:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-04-26 19:39 . 2007-12-23 14:26 -------- d-----w- c:\programmi\File comuni\Adobe
2009-04-26 12:15 . 2008-02-21 20:01 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-04-26 12:14 . 2007-12-23 16:19 -------- d-----w- c:\programmi\SpywareBlaster
2009-04-20 20:57 . 2009-04-20 20:57 116224 ----a-w- c:\windows\WD120TEST.DLL
2009-04-20 20:57 . 2009-04-20 20:57 856064 ----a-w- c:\windows\WD120IMG2.DLL
2009-04-20 20:57 . 2009-04-20 20:57 675840 ----a-w- c:\windows\WD120IMG.DLL
2009-04-20 20:57 . 2009-04-20 20:57 496640 ----a-w- c:\windows\WD120STD.DLL
2009-04-20 20:57 . 2009-04-20 20:57 397312 ----a-w- c:\windows\WD120CPL.DLL
2009-04-20 20:57 . 2009-04-20 20:57 901120 ----a-w- c:\windows\WD120COM.DLL
2009-04-20 20:57 . 2009-04-20 20:57 1745408 ----a-w- c:\windows\WD120VM.DLL
2009-04-20 20:32 . 2009-04-20 20:32 116224 ----a-w- c:\windows\RUN32TEST.DLL
2009-04-20 20:32 . 2009-04-20 20:32 856064 ----a-w- c:\windows\RUN327.DLL
2009-04-20 20:32 . 2009-04-20 20:32 675840 ----a-w- c:\windows\RUN326.DLL
2009-04-20 20:32 . 2009-04-20 20:32 397312 ----a-w- c:\windows\RUN325.DLL
2009-04-20 20:32 . 2009-04-20 20:32 496640 ----a-w- c:\windows\RUN324.DLL
2009-04-20 20:32 . 2009-04-20 20:31 2511872 ----a-w- c:\windows\RUN323.DLL
2009-04-20 20:31 . 2009-04-20 20:31 901120 ----a-w- c:\windows\RUN322.DLL
2009-04-20 20:31 . 2009-04-20 20:31 1745408 ----a-w- c:\windows\RUN321.DLL
2009-04-19 16:58 . 2009-04-19 16:58 0 ----a-w- C:\LOG9.tmp
2009-04-16 18:44 . 2003-04-08 12:00 446384 ----a-w- c:\windows\system32\perfh010.dat
2009-04-16 18:44 . 2003-04-08 12:00 72884 ----a-w- c:\windows\system32\perfc010.dat
2009-04-15 20:24 . 2009-04-15 20:24 0 ----a-w- C:\LOGC.tmp
2009-04-15 17:02 . 2009-04-15 17:02 0 ----a-w- C:\LOG8.tmp
2009-04-13 09:18 . 2009-04-13 09:18 0 ----a-w- C:\LOG2.tmp
2009-04-10 19:56 . 2009-04-10 19:56 0 ----a-w- C:\LOG7.tmp
2009-04-09 20:23 . 2009-04-09 20:23 0 ----a-w- C:\LOG24.tmp
2009-04-09 16:27 . 2009-04-09 16:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DriverScanner
2009-04-09 16:24 . 2009-04-09 16:21 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-04-09 16:23 . 2009-04-09 16:23 -------- d-----w- c:\programmi\Uniblue
2009-04-09 16:23 . 2009-04-09 16:23 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Uniblue
2009-04-04 19:28 . 2009-04-04 19:28 0 ----a-w- C:\LOG5.tmp
2009-04-03 19:37 . 2009-04-03 18:25 -------- d-----w- c:\documents and settings\Massimiliano\Dati applicazioni\AidMaker
2009-04-03 18:25 . 2008-05-14 18:25 87552 ----a-w- c:\documents and settings\Massimiliano\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-01 20:04 . 2009-04-01 20:04 152576 ----a-w- c:\documents and settings\Massimo\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-01 20:03 . 2009-04-01 20:03 0 ----a-w- C:\LOG4.tmp
2009-04-01 11:01 . 2009-04-09 16:24 2653056 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
2009-03-31 18:47 . 2009-03-31 18:47 0 ----a-w- C:\LOG40.tmp
2009-03-31 17:13 . 2009-03-31 17:13 0 ----a-w- C:\LOG1B.tmp
2009-03-30 17:07 . 2009-03-30 17:07 0 ----a-w- C:\LOGCE.tmp
2009-03-29 20:28 . 2009-03-29 20:28 0 ----a-w- C:\LOGB8.tmp
2009-03-29 07:58 . 2009-03-29 07:58 0 ----a-w- C:\LOG6.tmp
2009-03-27 21:19 . 2009-03-27 21:19 0 ----a-w- C:\LOG56.tmp
2009-03-26 17:36 . 2009-03-26 17:36 0 ----a-w- C:\LOG3.tmp
2009-03-09 03:19 . 2008-12-14 11:43 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-03-06 14:19 . 2003-04-08 12:00 286208 ----a-w- c:\windows\system32\pdh.dll
2009-03-01 15:03 . 2009-03-01 15:03 16434584 ----a-w- c:\programmi\jre-6u12-windows-i586-p-s.exe
2009-02-24 12:08 . 2008-06-29 19:21 357936 ----a-w- c:\programmi\RealPlayer11GOLD_it.exe
2009-02-18 06:52 . 2009-02-18 06:52 5078296 ----a-w- c:\programmi\Glary_Utilities.zip
2009-02-17 21:33 . 2009-02-17 21:32 5089890 ----a-w- c:\programmi\anfy210e.zip
2009-02-08 13:45 . 2009-02-08 13:44 487409 ----a-w- c:\programmi\SandboxieInstall.exe
2009-01-31 12:38 . 2009-01-31 12:38 4337967 ----a-w- c:\programmi\XviD_1.0alpha.dmg
2009-01-31 12:20 . 2008-06-29 15:17 21878064 ----a-w- c:\programmi\QuickTimeInstaller.exe
2009-01-29 13:55 . 2009-01-29 13:55 3930360 ----a-w- c:\programmi\spybotsd_includes.exe
2009-01-29 13:46 . 2009-01-29 17:46 16304771 ----a-w- c:\programmi\klcodec453f.exe
2009-01-29 13:40 . 2009-01-29 18:34 2500328 ----a-w- c:\programmi\setup_christv_online_3_20.exe
2009-01-28 08:32 . 2009-01-28 08:33 1128916 ----a-w- c:\programmi\pdf2wordsetup.exe
2009-01-24 14:39 . 2009-01-24 14:38 5938674 ----a-w- c:\programmi\ashampoo_burning.zip
2009-01-21 07:52 . 2009-01-21 07:41 156208384 ----a-w- c:\programmi\VideoSpin_1_1_Setup.exe
2008-12-12 20:44 . 2008-12-12 20:44 5628392 ----a-w- c:\programmi\gusetup.exe
2008-12-08 08:37 . 2008-11-21 16:24 2714680 ----a-w- c:\programmi\DefragSetup.exe
2008-12-08 00:21 . 2008-11-21 16:14 7515608 ----a-w- c:\programmi\asc-setup.exe
2008-12-04 15:18 . 2008-12-04 15:23 49786640 ----a-w- c:\programmi\Luxor_3-setup.exe
2008-11-08 18:35 . 2008-11-14 21:54 4865408 ----a-w- c:\programmi\Silverlight.2.0(2).exe
2008-10-26 10:11 . 2008-10-26 10:11 13306 ----a-w- c:\programmi\ora.zip
2008-10-24 18:24 . 2008-10-24 18:22 7328880 ----a-w- c:\programmi\Firefox Setup 3.0.3.exe
2008-10-01 16:39 . 2008-10-01 16:34 67110184 ----a-w- c:\programmi\iTunes8Setup.exe
2008-09-05 12:22 . 2008-09-05 22:26 243204 ----a-w- c:\programmi\unlocker1.8.7.exe
2008-09-03 20:40 . 2008-09-03 20:40 486152 ----a-w- c:\programmi\ChromeSetup.exe
2008-09-02 19:15 . 2008-09-02 19:15 2460160 ----a-w- c:\programmi\vnlt6301.exe
2008-08-14 21:36 . 2008-08-14 21:31 7340912 ----a-w- c:\programmi\SetupSwishmax2.exe
2008-08-11 20:44 . 2008-08-11 20:43 8256292 ----a-w- c:\programmi\eMulev0.49a.-MorphXTv11.0-installer.exe
2008-07-20 10:43 . 2008-07-20 10:41 19153264 ----a-w- c:\programmi\Lavasoft_Adaware_multi.exe
2008-07-18 21:05 . 2008-07-18 21:05 5152256 ----a-w- c:\programmi\WindowsDefender.msi
2008-07-18 21:02 . 2008-07-18 21:02 1478696 ----a-w- c:\programmi\GenuineCheck.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"SandboxieControl"="c:\programmi\Sandboxie\SbieCtrl.exe" [2009-01-05 336896]
"AdobeBridge"="c:\programmi\Adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-28 13145448]
"AROReminder"="c:\programmi\Advanced Registry Optimizer\aro.exe" [2008-04-01 2084480]
"DW4"="c:\programmi\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2007-12-20 715888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2006-10-22 86016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"AVFX Engine"="c:\programmi\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"tsnp2std"="c:\windows\tsnp2std.exe" [2005-11-14 110592]
"snp2std"="c:\windows\vsnp2std.exe" [2005-11-16 344064]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"AppleSyncNotifier"="c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"AidMakerDaemon"="c:\programmi\AidMaker\aidmaker.exe" [2009-01-29 387928]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-22 1622016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-23 110592]
Adobe Reader Speed Launch.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2007-12-22 217088]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\eMule0.47c-ScarAngel_v1.9-bin\\emule.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\SecondLife\\SLVoice.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\File comuni\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero MediaHome\\NMMediaServer.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07/04/2008 23.43.09 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [04/05/2008 21.29.29 20560]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys --> c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [?]
S3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys --> c:\windows\system32\DRIVERS\ONDAusbnet.sys [?]
S3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys --> c:\windows\system32\DRIVERS\ONDAusbnmea.sys [?]
S3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys --> c:\windows\system32\DRIVERS\ONDAusbser6k.sys [?]
S3 ONDAusbvoice;ONDA VoUSB Port;c:\windows\system32\DRIVERS\ONDAusbvoice.sys --> c:\windows\system32\DRIVERS\ONDAusbvoice.sys [?]
--- Altri Servizi/Drivers In Memoria ---
*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - aswUpdSv
*Deregistered* - AudioSrv
*Deregistered* - avast! Antivirus
*Deregistered* - avast! Mail Scanner
*Deregistered* - avast! Web Scanner
*Deregistered* - BITS
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - helpsvc
*Deregistered* - iPod Service
*Deregistered* - JavaQuickStarterService
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LightScribeService
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NMIndexingService
*Deregistered* - NVSvc
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCLEPCI
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - SbieDrv
*Deregistered* - SbieSvc
*Deregistered* - Schedule
*Deregistered* - Secdrv
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SoftFax
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - tifsfilter
*Deregistered* - timounter
*Deregistered* - Tones
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - upnphost
*Deregistered* - V124
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
.
Contenuto della cartella 'Scheduled Tasks'
2009-05-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-06-02 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-02-18 16:10]
2009-05-17 c:\windows\Tasks\SmartDefrag.job
- c:\programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2008-11-21 20:32]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
SafeBoot-procexp90.Sys
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uStart Page = hxxp://www.tiscali.it/nb/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} - hxxps://mpsnare.iesnare.com/StmOCX.cab
FF - ProfilePath - c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\5swjmr5n.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.tiscali.it/bb/
FF - component: c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\5swjmr5n.default\extensions\aidmakertoolbar@aidmaker.com\components\aidmff.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\programmi\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\programmi\Opera\program\plugins\npqtplugin8.dll
FF - plugin: c:\programmi\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\programmi\Real\RealArcade\Plugins\Mozilla\npracplug.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-02 20:09
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Block Senders]
@DACL=(02 0000)
"Version"=dword:00050000
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Columns]
@DACL=(02 0000)
"Mail Column Info (In)"=hex:10,00,00,00,06,00,00,00,0f,00,00,00,09,00,00,00,ff,
ff,ff,ff,10,00,00,00,09,00,00,00,ff,ff,ff,ff,14,00,00,00,09,00,00,00,ff,ff,\
"Mail Column Info (Out)"=hex:10,00,00,00,06,00,00,00,0f,00,00,00,09,00,00,00,
ff,ff,ff,ff,10,00,00,00,09,00,00,00,ff,ff,ff,ff,00,00,00,00,01,00,00,00,ff,\
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Mail]
@DACL=(02 0000)
"Welcome Message"=dword:00000000
"Accounts Checked"=dword:00000001
"ThreadArticles"=dword:00000000
"Saved Toolbar Settings"=hex:11,9e,00,00,f0,9c,00,00,f1,9c,00,00,f4,9c,00,00,
ff,ff,ff,ff,b4,9c,00,00,f2,9d,00,00,ff,ff,ff,ff,01,9d,00,00,ff,ff,ff,ff,07,\
"Saved Toolbar Settings Version"=dword:00000011
"ShowHybridView"=dword:00000001
"Show Header Info"=dword:00000001
"SplitDir"=dword:00000000
"SplitHorzPct"=dword:00000032
"SplitVertPct"=dword:00000032
"Default_CodePage"=dword:00006faf
"NotePosEx"=hex:2c,00,00,00,02,00,00,00,03,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,38,01,00,00,ae,00,00,00,c8,02,00,00,52,02,00,00
"Attach VCard"=dword:00000000
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\MailNote]
@DACL=(02 0000)
"Read Mail Toolbar Settings"=hex:f0,9c,00,00,f1,9c,00,00,f4,9c,00,00,ff,ff,ff,
ff,b4,9c,00,00,22,9e,00,00,ff,ff,ff,ff,d1,9c,00,00,d2,9c,00,00,ff,ff,ff,ff,\
"Saved Toolbar Settings Version"=dword:0000000f
"Send Mail Toolbar Settings"=hex:db,9d,00,00,ff,ff,ff,ff,26,9d,00,00,24,9e,00,
00,27,9d,00,00,25,9d,00,00,ff,ff,ff,ff,48,9d,00,00,47,9d,00,00,ff,ff,ff,ff,\
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\News]
@DACL=(02 0000)
"Accounts Checked"=hex:00,00,00,00
"ShowHybridView"=dword:00000001
"Show Header Info"=dword:00000001
"SplitDir"=dword:00000000
"SplitHorzPct"=dword:00000032
"SplitVertPct"=dword:00000032
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Recent Stationery List]
@DACL=(02 0000)
"File0"="Cielo blu.htm"
"File1"="Natura.htm"
"File2"="Giallo.htm"
"File3"="Girasole.htm"
"File4"="Agrumi.htm"
"File5"="Quadretti bianchi.htm"
"File6"="Foglie.htm"
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Recent Stationery Wide List]
@DACL=(02 0000)
"File0"="Cielo blu.htm"
"File1"="Natura.htm"
"File2"="Giallo.htm"
"File3"="Girasole.htm"
"File4"="Agrumi.htm"
"File5"="Quadretti bianchi.htm"
"File6"="Foglie.htm"
"File7"=""
"File8"=""
"File9"=""
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Rules]
@DACL=(02 0000)
"Messenger Auto logon"=dword:00000000
"MessengerWuzHere"=dword:00000000
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Shared Settings]
@DACL=(02 0000)
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\signatures]
@DACL=(02 0000)
[HKEY_USERS\S-1-5-21-1177238915-57989841-839522115-1004\Identities\{3F3175E3-5BEE-490E-B0C7-2CF5657F3470}\Software\Microsoft\Outlook Express\5.0\Trident]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\.wll\PersistentHandler]
@DACL=(02 0000)
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_LOCAL_MACHINE\software\Classes\Applications\Studio.exe\shell]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92}\InprocServer32]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{31345649-0000-0010-8000-00AA00389B71}\Pins]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,95,2f,71,4d,eb,
18,39,49,c8,28,51,af,b0,29,a3,98,41,13,8d,39,8d,da,c1,49,e2,63,26,f1,3f,c8,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,98,2c,53,96,34,
41,ff,23,71,3b,04,66,8b,46,0d,96,c6,f7,1f,5c,6d,61,d7,e7,6a,9c,d6,61,af,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,c3,16,80,98,12,
b3,15,75,25,da,ec,7e,55,20,c9,26,e0,8e,5f,8d,58,e0,ae,84,ff,7c,85,e0,43,d4,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,df,8e,3c,fa,87,
0e,28,6a,3e,1e,9e,e0,57,5a,93,61,8c,e3,21,b2,ef,ec,33,e0,86,8c,21,01,be,91,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,39,7d,96,3f,a5,
6c,f0,41,cd,44,cd,b9,a6,33,6c,cd,92,8e,fa,22,9e,e3,66,46,f5,1d,4d,73,a8,13,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,ca,c1,c3,cc,e5,
89,c1,b4,b0,18,ed,a7,3f,8d,37,a4,f6,99,10,f6,16,f2,94,05,df,20,58,62,78,6b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A2551F60-705F-11CF-A424-00AA003735BE}\Pins]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,28,4a,a3,81,48,
aa,10,d3,31,77,e1,ba,b1,f8,68,02,73,84,48,1b,32,cc,28,44,fb,a7,78,e6,12,2f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,c6,37,6f,59,69,
4a,bb,1c,83,6c,56,8b,a0,85,96,ab,fe,ee,3b,9f,2b,c4,31,ba,01,3a,48,fc,e8,04,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,f7,d0,1c,c9,af,
8c,91,40,51,fa,6e,91,28,9e,14,cc,09,b1,61,62,df,ea,f0,bc,f6,0f,4e,58,98,5b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,b0,b4,59,d8,1c,
fa,79,e4,b1,cd,45,5a,a8,c4,f8,b9,69,4e,a0,20,33,54,8e,29,3d,ce,ea,26,2d,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,9d,e2,3f,e2,43,
26,18,10,e3,0e,66,d5,eb,bc,2f,6b,44,4d,98,8b,02,30,b7,f3,2a,b7,cc,b5,b9,7f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,c0,53,ab,03,a5,
c8,10,a2,fa,ea,66,7f,d4,3b,6b,70,fb,fc,cd,c7,a5,39,5f,d4,6c,43,2d,1e,aa,22,\
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib]
@DACL=(02 0000)
@="{CA8A9783-280D-11CF-A24D-444553540000}"
"Version"="1.3"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib]
@DACL=(02 0000)
@="{CA8A9783-280D-11CF-A24D-444553540000}"
"Version"="1.3"
[HKEY_LOCAL_MACHINE\software\Classes\Symantec.NavSniff\CLSID]
@DACL=(02 0000)
@="{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}"
[HKEY_LOCAL_MACHINE\software\Classes\Symantec.NavSniff\CurVer]
@DACL=(02 0000)
@="Symantec.NavSniff.1"
[HKEY_LOCAL_MACHINE\software\Classes\Symantec.NavSniff.1\CLSID]
@DACL=(02 0000)
@="{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{10899776-0069-46C7-9F77-63D704CB0EA3}\1.0]
@DACL=(02 0000)
@="Ref Edit Control"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{251F45EE-7C3D-4D89-ADB8-974568419DBD}\1.0]
@DACL=(02 0000)
@="SkinScanSKS 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{2975FA55-CDD5-41AE-8120-EB82E1BF9826}\1.0]
@DACL=(02 0000)
@="7ZipBuilder 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{2BC66F43-93A8-11D3-BEB6-00105AA9B6AE}\1.0]
@DACL=(02 0000)
@="Norton Internet Security AntiVirus Scan 1.0 Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{607C3F69-850D-4413-A81A-CF1C849BF387}\1.0]
@DACL=(02 0000)
@="DocumentReader 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{6820AC10-8EE8-439B-9CB6-B17029025978}\1.0]
@DACL=(02 0000)
@="SWF Plugin 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{69A065D3-C03D-4FA2-9C43-CB38D2078567}\1.0]
@DACL=(02 0000)
@="RatDVDReader 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{6B3F5CE8-238C-4285-BE4B-EF7A9F71D1C2}\1.0]
@DACL=(02 0000)
@="MediaLibraryBuilder 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7B8046FF-0D3A-4D85-9424-7DFCCD1BCA45}\1.0]
@DACL=(02 0000)
@="GFLLibraryBuilder 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{C4AC9CE5-6FF3-4F7D-BB1F-A6A8B44C60F2}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{C523F390-9C83-11D3-9094-00104BD0D535}\2.0]
@DACL=(02 0000)
@="Acrobat Access 2.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{D65FD676-83A0-40F7-9BF8-867AFE337FE1}\1.0]
@DACL=(02 0000)
@="ZIPBuilder 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{E3481FE3-E062-4E1C-A23A-62A6D13CBFB8}\1.0]
@DACL=(02 0000)
@="Shareaza"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{EDB05406-0D3F-49F1-8ABC-9B53758008A0}\1.0]
@DACL=(02 0000)
@="RARBuilder 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{FCCC9C8C-45EF-4EB4-8AB1-5235585A631D}\1.0]
@DACL=(02 0000)
@="GFLImageServices 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{FD6EB3A2-CE8A-4A12-A065-0490816DF11F}\1.0]
@DACL=(02 0000)
@="MediaImageServices 1.0 Type Library"
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE6SETUP\RegBackup]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Pinnacle Systems\miroVIDEO Settings]
@DACL=(02 0000)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSIT.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\programmi\PC Connectivity Solution\ConnAPI.DLL
c:\programmi\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\Sandboxie\SbieSvc.exe
c:\programmi\Alwil Software\Avast4\ashMaiSv.exe
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\programmi\PC Connectivity Solution\ServiceLayer.exe
c:\programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\programmi\File comuni\Ahead\Lib\NMIndexingService.exe
c:\programmi\iPod\bin\iPodService.exe
c:\programmi\The Weather Channel FW\Framework\TheWeatherChannelSlnchr.exe
c:\programmi\Alice ti aiuta\bin\mpbtn.exe
.
**************************************************************************
.
Ora fine scansione: 2009-06-02 20.38.40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-06-02 18:38
Pre-Run: 16.537.067.520 byte disponibili
Post-Run: 16.414.113.792 byte disponibili
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
624 --- E O F --- 2009-06-01 17:38
