ComboFix 10-01-04.01 - Marcello 10/01/2010 14.33.20.1.2 - x86
ecco il log,adesso preparo Hjt,
al termine di combofix,mi ha avvisato che il cestino in C era danneggiato e di cancellare dei file,ho cliccato si,Ciao e grazie per la pazienza
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2038.709 [GMT 1:00]
Eseguito da: c:\users\Marcello\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-3526760867-2792838395-3531525154-1001
c:\$recycle.bin\S-1-5-21-3526760867-2792838395-3531525154-500
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk
c:\users\Marcello\AppData\Local\cecoy_nav.dat
c:\users\Marcello\AppData\Local\cecoy_navps.dat
c:\users\Marcello\AppData\Local\qwsqq_nav.dat
c:\users\Marcello\AppData\Local\vfucu.dat
c:\users\Marcello\AppData\Local\vfucu_nav.dat
c:\users\Marcello\AppData\Local\vfucu_navps.dat
c:\users\Marcello\Documents\iexplore.exe
----- BITS: Possibili siti infetti -----
hxxp://liveupdate.symantec.com
.
((((((((((((((((((((((((( Files Creati Da 2009-12-10 al 2010-01-10 )))))))))))))))))))))))))))))))))))
.
2010-01-10 13:42 . 2010-01-10 13:42 -------- d-----w- c:\users\Marcello\AppData\Local\temp
2010-01-10 09:56 . 2010-01-08 16:21 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\NAVENG32.DLL
2010-01-10 09:56 . 2010-01-08 16:21 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\NAVEX32A.DLL
2010-01-10 09:56 . 2010-01-08 16:21 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\NAVEX15.SYS
2010-01-10 09:56 . 2010-01-08 16:21 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\NAVENG.SYS
2010-01-10 09:56 . 2010-01-08 16:21 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\EECTRL.SYS
2010-01-10 09:56 . 2010-01-08 16:21 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\ECMSVR32.DLL
2010-01-10 09:56 . 2010-01-08 16:21 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\ERASER.SYS
2010-01-10 09:56 . 2010-01-08 16:21 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100109.006\CCERASER.DLL
2010-01-09 21:31 . 2010-01-09 21:31 -------- d-----w- c:\users\Marcello\AppData\Roaming\Malwarebytes
2010-01-09 21:31 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-09 21:31 . 2010-01-09 21:31 -------- d-----w- c:\programdata\Malwarebytes
2010-01-09 21:31 . 2010-01-09 21:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-09 21:31 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-09 17:14 . 2010-01-09 21:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-09 16:59 . 2010-01-09 17:04 -------- d-----w- c:\program files\SpywareBlaster
2010-01-08 21:34 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\IDSvix86.sys
2010-01-08 21:34 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\IDSXpx86.sys
2010-01-08 21:34 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\Scxpx86.dll
2010-01-08 21:34 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\IDSxpx86.dll
2010-01-08 21:34 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\IDSviA64.sys
2010-01-08 17:28 . 2010-01-08 17:28 -------- d-----w- c:\users\Marcello\AppData\Roaming\AnvSoft
2010-01-08 17:28 . 2010-01-08 17:28 -------- d-----w- c:\program files\AnvSoft
2010-01-08 17:18 . 2010-01-08 17:18 -------- d-----w- c:\users\Marcello\AppData\Roaming\Any Video Converter
2010-01-08 16:22 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSvix86.sys
2010-01-08 16:22 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSXpx86.sys
2010-01-08 16:22 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\Scxpx86.dll
2010-01-08 16:22 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.dll
2010-01-08 16:22 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSviA64.sys
2010-01-08 16:08 . 2009-10-29 02:31 784752 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll
2010-01-07 22:31 . 2009-10-09 02:54 466480 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\IDSVia64.sys
2010-01-07 22:31 . 2009-10-09 02:54 342576 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\IDSVix86.sys
2010-01-07 22:31 . 2009-10-09 02:54 329080 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\IDSxpx86.sys
2010-01-07 22:31 . 2009-10-09 02:54 732536 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\Scxpx86.dll
2010-01-07 22:31 . 2009-10-09 02:54 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\IDSxpx86.dll
2010-01-07 22:31 . 2009-10-05 17:34 929648 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\OCS\hsplayer.dll
2010-01-07 22:31 . 2009-10-01 09:19 164216 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll
2010-01-07 22:31 . 2009-11-07 01:10 893808 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\CLT\cltLMSx.dll
2010-01-04 20:53 . 2010-01-10 09:52 -------- d-----w- c:\users\Marcello\Tracing
2010-01-04 20:27 . 2010-01-04 20:33 -------- d-----w- c:\users\Guest\Tracing
2010-01-04 20:21 . 2010-01-04 20:21 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2010-01-04 20:17 . 2010-01-04 20:22 -------- d-----w- c:\program files\Microsoft
2010-01-04 20:17 . 2010-01-04 20:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-04 20:14 . 2010-01-04 20:14 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-04 18:55 . 2010-01-04 20:09 -------- d-----w- c:\users\Guest\AppData\Roaming\Skype
2010-01-03 17:01 . 2009-12-18 10:19 545280 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
2010-01-03 17:01 . 2009-12-18 10:19 103424 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
2010-01-03 17:01 . 2009-12-18 10:19 4726272 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\libs\cooliris190.dll
2010-01-03 17:01 . 2009-12-18 10:19 153600 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
2010-01-03 17:01 . 2009-12-18 10:19 57856 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
2010-01-03 17:01 . 2009-12-18 10:19 344064 ----a-w- c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
2009-12-15 09:00 . 2009-12-15 09:00 -------- d-----w- c:\users\Marcello\AppData\Local\Real
2009-12-15 08:51 . 2009-12-15 08:51 -------- d-----w- c:\program files\Common Files\xing shared
2009-12-15 08:32 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-15 08:31 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-15 08:31 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-10 09:50 . 2007-10-13 00:28 664522 ----a-w- c:\windows\system32\perfh010.dat
2010-01-10 09:50 . 2007-10-13 00:28 121042 ----a-w- c:\windows\system32\perfc010.dat
2010-01-10 00:47 . 2007-11-05 16:34 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-10 00:46 . 2009-01-10 19:37 -------- d-----w- c:\users\Marcello\AppData\Roaming\Vista Start Menu
2010-01-10 00:46 . 2009-05-29 07:56 -------- d-----w- c:\programdata\Norton
2010-01-09 23:00 . 2008-05-25 12:42 -------- d-----w- c:\programdata\Google Updater
2010-01-09 21:52 . 2009-01-20 21:59 91 ----a-w- c:\users\Marcello\AppData\Local\ciwkk.bat
2010-01-08 16:14 . 2008-04-12 20:47 680 ----a-w- c:\users\Marcello\AppData\Local\d3d9caps.dat
2010-01-07 22:32 . 2009-05-29 08:02 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-01-07 22:32 . 2009-05-29 08:02 -------- d-----w- c:\program files\Symantec
2010-01-07 22:32 . 2007-10-12 15:13 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-01-07 22:32 . 2007-10-12 15:13 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-01-06 22:57 . 2006-03-09 08:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2010-01-06 22:57 . 2007-09-07 10:56 192816 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-01-06 22:57 . 2007-09-07 10:56 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-01-06 22:57 . 2007-09-07 10:28 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-01-06 22:57 . 2007-09-07 10:20 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2010-01-06 22:57 . 2007-09-07 10:19 163840 ----a-w- c:\windows\system32\SynCOM.dll
2010-01-06 19:54 . 2009-12-08 12:03 -------- d-----w- c:\program files\JDownloader
2010-01-06 13:05 . 2008-02-16 11:32 151560 ----a-w- c:\users\Marcello\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-06 02:09 . 2007-10-12 15:25 -------- d-----w- c:\programdata\Microsoft Help
2010-01-06 02:07 . 2007-10-12 15:27 -------- d-----w- c:\program files\Microsoft Works
2010-01-05 00:52 . 2008-12-02 20:27 -------- d-----w- c:\users\Marcello\AppData\Roaming\Skype
2010-01-04 20:21 . 2008-03-01 13:53 -------- d-----w- c:\program files\Windows Live
2010-01-04 20:13 . 2009-12-08 12:25 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-15 08:54 . 2008-05-25 12:46 -------- d-----w- c:\program files\Common Files\Real
2009-12-15 08:38 . 2008-04-03 22:00 -------- d-----w- c:\program files\Google
2009-12-11 23:17 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 02:36 . 2009-12-09 02:36 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-09 02:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 02:35 . 2009-12-09 02:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-08 23:33 . 2009-12-08 23:33 125952 ----a-w- c:\programdata\ParetoLogic\UUS2\Temp\Update.exe
2009-12-08 12:01 . 2009-12-08 12:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-08 12:01 . 2008-02-16 14:55 -------- d-----w- c:\program files\Java
2009-12-05 04:54 . 2009-12-05 04:54 529456 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys
2009-12-05 04:54 . 2009-12-05 04:54 201616 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHRules.dll
2009-12-05 04:54 . 2009-12-05 04:54 1405840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHEngine.dll
2009-12-05 04:54 . 2009-12-05 04:54 668720 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx64.sys
2009-12-05 04:54 . 2009-12-05 04:54 610704 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\bbRGen.dll
2009-11-21 06:40 . 2009-12-11 00:08 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-11 00:08 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-11 00:08 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-11 00:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-29 09:17 . 2009-12-09 02:16 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSviA64.sys
2002-07-26 15:02 . 2009-02-21 20:44 153088 ----a-w- c:\program files\UNWISE.EXE
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"VistaStartMenu"="c:\program files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe" [2007-11-12 1702064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-25 68856]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-19 4702208]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-02 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-02 133656]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"Acecad.Wtxpload"="c:\windows\Acecad\Wtxpload.exe" [2002-03-22 45056]
"ZPOINT32"="c:\windows\system32\ZPOINT32.exe" [2002-07-04 20480]
"WTClient"="WTClient.exe" [2007-04-11 40960]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" [2006-01-23 196608]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-15 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2010-01-06 102400]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-12-16 3450608]
c:\users\Marcello\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-12-16 3450608]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-10-12 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Marcello^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StarOffice 8.lnk]
path=c:\users\Marcello\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
backup=c:\windows\pss\StarOffice 8.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
2007-06-11 13:54 1286144 ------w- c:\acer\Empowering Technology\eAudio\eAudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client]
2009-05-05 12:40 23179264 ----a-w- c:\program files\CounterPath\X-Lite\x-lite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-11-12 12:05 2474031 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen]
2008-12-09 11:08 495616 ----a-w- c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-05-25 12:42 29744 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 20:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-07-04 03:08 834056 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2007-05-24 12:38 206952 ----a-w- c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCRemote]
2007-02-12 18:12 253000 ----a-w- c:\program files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 12:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-03-11 09:24 24095528 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-05-25 12:42 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-01-06 22:57 1021224 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2010-01-06 22:57 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1a,d8,40,09,35,58,ca,01
R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\NIS\1101000.013\SymDS.sys [07/01/2010 23.31.31 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1101000.013\SymEFA.sys [07/01/2010 23.31.31 171056]
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys [05/12/2009 5.54.05 529456]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1101000.013\cchpx86.sys [07/01/2010 23.31.30 501888]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100106.001\IDSvix86.sys [08/01/2010 22.34.41 343088]
R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\NIS\1101000.013\Ironx86.sys [07/01/2010 23.31.31 114736]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\drivers\NIS\1101000.013\symtdiv.sys [07/01/2010 23.31.31 339504]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [05/11/2007 17.42.17 39408]
R2 NIS;Norton Internet Security.;c:\program files\Norton Internet Security\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [07/01/2010 23.31.19 126392]
R2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Service.exe [17/11/2008 10.22.16 185640]
R2 Tomcat5;Apache Tomcat;c:\piuprezzi\tomcat\bin\tomcat5.exe [29/08/2004 2.06.16 94208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [30/08/2009 9.00.00 102448]
R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\System32\drivers\PTSimBus.sys [07/06/2007 18.16.28 18944]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [25/01/2008 10.12.34 25088]
S2 Autorun CDROM Monitor;Autorun CDROM Monitor;c:\windows\System32\SupportAppXL\cdrom_mon.exe [16/02/2008 14.06.26 81920]
S2 Change Modem Device Service;Change Modem Device Service;c:\windows\System32\ChgService.exe [27/10/2009 23.55.41 135168]
S2 gupdate1ca7d6129ca7ca9;Servizio di Google Update (gupdate1ca7d6129ca7ca9);c:\program files\Google\Update\GoogleUpdate.exe [15/12/2009 9.32.07 133104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [08/02/2007 23.03.20 179712]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\System32\drivers\cmnsusbser.sys [27/10/2009 23.55.44 103424]
S3 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [20/09/2008 17.20.34 21504]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25/05/2008 13.42.59 29744]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\System32\drivers\ONDAusbmdm6k.sys [16/02/2008 14.07.43 100480]
S3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\System32\drivers\ONDAusbnet.sys [16/02/2008 14.07.43 87552]
S3 ONDAusbnmea;ONDA NMEA Port;c:\windows\System32\drivers\ONDAusbnmea.sys [16/02/2008 14.07.43 100480]
S3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\System32\drivers\ONDAusbser6k.sys [16/02/2008 14.07.43 100480]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\System32\drivers\PTSimHid.sys [23/04/2007 16.28.56 10752]
S3 u9usbser;MYWAVEU9 USB Device for Legacy Serial Communication;c:\windows\System32\drivers\u9usbser.sys [27/05/2009 12.54.22 99456]
S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [16/02/2008 16.27.24 544768]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [21/02/2009 21.50.16 80744]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenuto della cartella 'Scheduled Tasks'
2009-10-21 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]
2010-01-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-03 20:34]
2010-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-15 08:31]
2010-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-15 08:31]
2010-01-08 c:\windows\Tasks\Norton Internet Security - Scansione completa sistema - seriglia.job
- c:\program files\Norton Internet Security\Norton Internet Security\Engine\17.1.0.19\Navw32.exe [2010-01-07 00:56]
2010-01-09 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
2010-01-06 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
2010-01-10 c:\windows\Tasks\User_Feed_Synchronization-{6ED343D5-E9BC-4337-A27E-2F81BB8F7FF8}.job
- c:\windows\system32\msfeedssync.exe [2009-12-11 04:59]
2010-01-10 c:\windows\Tasks\User_Feed_Synchronization-{BBFEDF80-6F6A-452E-81F5-39DC57EF7384}.job
- c:\windows\system32\msfeedssync.exe [2009-12-11 04:59]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://archivio21.spaces.live.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scarica con Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
FF - ProfilePath - c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.archivio21.spaces.live.com/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Marcello\AppData\Roaming\Mozilla\Firefox\Profiles\nb91i66k.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\Marcello\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
pref(dom.disable_open_during_load, true);.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKLM-Run-TQ566808 - E:\Setup.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-L08IXLRD_1757725 - c:\program files\Microsoft Student\Microsoft Encarta 2008 - Premium + Student DVD\EDICT.EXE
MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe
MSConfigStartUp-TrayServer - c:\program files\MAGIX\Video_deluxe_15\TrayServer.exe
AddRemove-Kalender - c:\windows\Uninstall_tkexe -kalender
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-10 14:42
Windows 6.0.6002 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Norton Internet Security\Engine\17.1.0.19\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL]
"ImagePath"="c:\piuprezzi\mysql\bin\mysqld --defaults-file=c:\piuprezzi\mysql\my.ini MySQL"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-3526760867-2792838395-3531525154-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB37B88E-A8CE-F6E7-6156-CB35521EE4DE}*]
"paliehjjklbkifeblkfhkkkcdjingpkg"=hex:6a,61,65,66,70,64,62,69,61,67,6a,6b,6d,
66,62,67,65,6b,6e,68,00,52
"abbmokbhigfdfbgcnhegjfmiecjohocanf"=hex:6b,61,65,66,61,65,6b,6b,65,69,6f,6e,
65,6f,65,6d,68,6a,67,61,62,70,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2010-01-10 14:46:33
ComboFix-quarantined-files.txt 2010-01-10 13:46
Pre-Run: 6.614.360.064 byte disponibili
Post-Run: 6.374.637.568 byte disponibili
- - End Of File - - 555FE2B1DB3120DF021DA38151209D82
