ComboFix 10-04-15.05 - Proprietario 16/04/2010 19.31.56.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.766.390 [GMT 2:00]
Eseguito da: c:\documents and settings\Proprietario\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Proprietario\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_ALUSchedulerSvc33D28578
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_AUPDATE21FE357A
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_avgemcECBFD25
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_avgnsx12A36D21
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_E_FATIFAE2E74C03
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_E_S40RP778FABC01
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_E_S40ST77A7F3202
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_entreelist.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_enviewlist.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_EPSON Web-To-Page363EA005
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_ExplorerBD8CE0F
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_firefox1E7CE3E5
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_HPZipm1213511001
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_igfxpers152FC001
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_jqs12305722
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_LuComServer_3_32F93359F
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_NkMonitor392C5007
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_smax4pnp23707015
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_Startup4E2B301B
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\_taskman260ADB68
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_00002109020001400000000000F01FEC
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_00002109020001400000000000F01FEC.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0140820900063D11C8EF00054038389C
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0140820900063D11C8EF00054038389C.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0149C053C7D38EE4AB9A00CB3B5D2472
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0149C053C7D38EE4AB9A00CB3B5D2472.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0987579E5CE78C6499BA0BF0706B25C5
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0987579E5CE78C6499BA0BF0706B25C5.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0E23E40C6140D434FA9B96967D309AFE
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_0E23E40C6140D434FA9B96967D309AFE.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_12341rg
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_12345db
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_23B54C026BA54A6449FE8559C0FA505E
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_23B54C026BA54A6449FE8559C0FA505E.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_295FE304B3594974CBFECEBA38C50259
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_295FE304B3594974CBFECEBA38C50259.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_3e43b73803c7c394f8a6b2f0402e19c2
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_3e43b73803c7c394f8a6b2f0402e19c2.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_4EA42A62D9304AC4784BF238120601FF
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_4EA42A62D9304AC4784BF238120601FF.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_568774731F3A2774DA34AACFB6FC9FF9
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_568774731F3A2774DA34AACFB6FC9FF9.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_68AB67CA7DA70401B7448A0100000030
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_68AB67CA7DA70401B7448A0100000030.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_68AB67CA7DA70401B7448A2100000030
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_68AB67CA7DA70401B7448A2100000030.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_6CAB1E86F97F4C34FA308AF9357F843D
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_6CAB1E86F97F4C34FA308AF9357F843D.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_6E8A266FCD4F2A1409E1C8110F44DBCE
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_6E8A266FCD4F2A1409E1C8110F44DBCE.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_76DB90B599C41A6418167B02C81E1812
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_76DB90B599C41A6418167B02C81E1812.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_7EF998A02CC55D11CB3E0005AD345ED3
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_7EF998A02CC55D11CB3E0005AD345ED3.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D510006
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D510006.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D511000
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D511000.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D511001
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D511001.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610001
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610001.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610002
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610002.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610003
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610003.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610005
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610005.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610007
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_8A0F842331866D117AB7000B0D610007.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_b25099274a207264182f8181add555d0
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_b25099274a207264182f8181add555d0.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_B85B2D2FDF2B1D643891CD5E46709943
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_B85B2D2FDF2B1D643891CD5E46709943.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_C98364860CAB473408E81B028FA65F7D
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_C98364860CAB473408E81B028FA65F7D.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_D9BD4ABD15EE44944A9189BAF121948C
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_D9BD4ABD15EE44944A9189BAF121948C.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDA39468D428E8B4DB27C8D5DC5CA217
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDA39468D428E8B4DB27C8D5DC5CA217.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDCF5186D104E184AB88134B57C4B264
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDCF5186D104E184AB88134B57C4B264.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDE7F2BCF1D91C3409CFF425AE1E271A
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_DDE7F2BCF1D91C3409CFF425AE1E271A.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_EA1CCF2D11365C7418036C6CD677DD17
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_EA1CCF2D11365C7418036C6CD677DD17.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_EC2DFDB492364E248910B9D3F1017DB9
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_EC2DFDB492364E248910B9D3F1017DB9.dll
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_FAA433717E9CB384F9543ECFFA70FF7A
c:\documents and settings\All Users\Dati applicazioni\SecTaskMan\icn_FAA433717E9CB384F9543ECFFA70FF7A.dll
c:\programmi\File comuni\Symantec Shared
c:\programmi\File comuni\Symantec Shared\CCPD-LC\symlcrst.dll
c:\programmi\Security Task Manager
c:\programmi\Security Task Manager\Acquista Security Task Manager!.url
c:\programmi\Security Task Manager\ascode.dll
c:\programmi\Security Task Manager\bestell.txt
c:\programmi\Security Task Manager\file_id.diz
c:\programmi\Security Task Manager\Formulaire.txt
c:\programmi\Security Task Manager\leggimi.txt
c:\programmi\Security Task Manager\lgs_albanian.txt
c:\programmi\Security Task Manager\lgs_Arabic.txt
c:\programmi\Security Task Manager\lgs_bosnian.txt
c:\programmi\Security Task Manager\lgs_bulgarian.txt
c:\programmi\Security Task Manager\lgs_catalan.txt
c:\programmi\Security Task Manager\lgs_chinese (Simplified).txt
c:\programmi\Security Task Manager\lgs_chinese (Traditional).txt
c:\programmi\Security Task Manager\lgs_croatian.txt
c:\programmi\Security Task Manager\lgs_czech.txt
c:\programmi\Security Task Manager\lgs_danish.txt
c:\programmi\Security Task Manager\lgs_deutsch.txt
c:\programmi\Security Task Manager\lgs_dutch.txt
c:\programmi\Security Task Manager\lgs_english.txt
c:\programmi\Security Task Manager\lgs_Español (latinoamérica).txt
c:\programmi\Security Task Manager\lgs_estonian.txt
c:\programmi\Security Task Manager\lgs_faroese.txt
c:\programmi\Security Task Manager\lgs_finnish.txt
c:\programmi\Security Task Manager\lgs_french.txt
c:\programmi\Security Task Manager\lgs_galician.txt
c:\programmi\Security Task Manager\lgs_greek.txt
c:\programmi\Security Task Manager\lgs_hungarian.txt
c:\programmi\Security Task Manager\lgs_indonesian.txt
c:\programmi\Security Task Manager\lgs_italiano.txt
c:\programmi\Security Task Manager\lgs_korean.txt
c:\programmi\Security Task Manager\lgs_latvian.txt
c:\programmi\Security Task Manager\lgs_macedonian.txt
c:\programmi\Security Task Manager\lgs_norwegian.txt
c:\programmi\Security Task Manager\lgs_norwegian_bokmaal.txt
c:\programmi\Security Task Manager\lgs_norwegian_nynorsk.txt
c:\programmi\Security Task Manager\lgs_polish.txt
c:\programmi\Security Task Manager\lgs_portuguese (Brasil).txt
c:\programmi\Security Task Manager\lgs_portuguese.txt
c:\programmi\Security Task Manager\lgs_romanian.txt
c:\programmi\Security Task Manager\lgs_russian.txt
c:\programmi\Security Task Manager\lgs_serbian.txt
c:\programmi\Security Task Manager\lgs_slovak.txt
c:\programmi\Security Task Manager\lgs_slovenian.txt
c:\programmi\Security Task Manager\lgs_spanish.txt
c:\programmi\Security Task Manager\lgs_swedish.txt
c:\programmi\Security Task Manager\lgs_thai.txt
c:\programmi\Security Task Manager\lgs_turkish.txt
c:\programmi\Security Task Manager\lgs_ukrainian.txt
c:\programmi\Security Task Manager\lgs_vietnam.txt
c:\programmi\Security Task Manager\liesmich.txt
c:\programmi\Security Task Manager\LisezMoi.txt
c:\programmi\Security Task Manager\manual_de.pdf
c:\programmi\Security Task Manager\manual_en.pdf
c:\programmi\Security Task Manager\manual_fr.pdf
c:\programmi\Security Task Manager\order.txt
c:\programmi\Security Task Manager\ordina.txt
c:\programmi\Security Task Manager\pad_file.xml
c:\programmi\Security Task Manager\psapi_.dll
c:\programmi\Security Task Manager\readme.txt
c:\programmi\Security Task Manager\Setup.exe
c:\programmi\Security Task Manager\SpyProDll.dll
c:\programmi\Security Task Manager\SpyProtector.exe
c:\programmi\Security Task Manager\TaskMan.exe
c:\programmi\Security Task Manager\taskman_de.cnt
c:\programmi\Security Task Manager\taskman_de.hlp
c:\programmi\Security Task Manager\taskman_en.cnt
c:\programmi\Security Task Manager\taskman_en.GID
c:\programmi\Security Task Manager\taskman_en.hlp
c:\programmi\Security Task Manager\taskman_fr.cnt
c:\programmi\Security Task Manager\taskman_fr.hlp
c:\programmi\Security Task Manager\taskman_rus.cnt
c:\programmi\Security Task Manager\taskman_rus.hlp
c:\programmi\Security Task Manager\uninstal.exe
c:\programmi\Symantec
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\CATALOG.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\CCERASER.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ECMSVR32.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\eeCtrl.sys
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ERASER.grd
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ERASER.sig
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ERASER.spm
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\eraser.sys
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ESRDEF.BIN
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\HH
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\NAVENG.SYS
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\NAVENG32.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\NAVEX15.SYS
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\NAVEX32A.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\NCSACERT.TXT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\SCRAUTH.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\SYMAVENG.CAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\SYMAVENG.INF
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\SymErase.cat
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\SymErase.inf
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TCDEFS.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TCSCAN7.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TCSCAN8.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TCSCAN9.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TECHNOTE.TXT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TINF.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TINFIDX.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TINFL.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TSCAN1.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\TSCAN1HD.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\V.GRD
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\V.SIG
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN.INF
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN1.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN2.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN3.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN4.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN5.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN6.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN7.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN8.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCAN9.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\VIRSCANT.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\WHATSNEW.TXT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0000\ZDONE.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\CATALOG.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\CCERASER.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\ECMSVR32.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\eeCtrl.sys
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\ERASER.grd
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\ERASER.sig
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\ERASER.spm
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\eraser.sys
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\ESRDEF.BIN
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\HH
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\NAVENG.SYS
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\NAVENG32.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\NAVEX15.SYS
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\NAVEX32A.DLL
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\NCSACERT.TXT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\SCRAUTH.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\SYMAVENG.CAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\SYMAVENG.INF
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\SymErase.cat
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\SymErase.inf
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TCDEFS.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TCSCAN7.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TCSCAN8.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TCSCAN9.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TECHNOTE.TXT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TINF.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TINFIDX.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TINFL.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TSCAN1.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\TSCAN1HD.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\V.GRD
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\V.SIG
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN.INF
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN1.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN2.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN3.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN4.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN5.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN6.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN7.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN8.DAT
c:\programmi\Symantec\Symantec Endpoint Protection\SmcLU\content.zip0001\VIRSCAN9.DAT
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Utilità di pianificazione di LiveUpdate automatico
((((((((((((((((((((((((( Files Creati Da 2010-03-16 al 2010-04-16 )))))))))))))))))))))))))))))))))))
.
2010-04-16 13:03 . 2008-04-13 16:53 92672 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-04-16 13:03 . 2008-04-13 17:13 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll
2010-04-16 13:03 . 2008-04-13 17:13 1306624 ------w- c:\windows\system32\msxml6.dll
2010-04-16 13:03 . 2008-04-13 16:53 92672 ------w- c:\windows\system32\msxml6r.dll
2010-04-16 13:03 . 2008-04-13 17:13 897024 -c----w- c:\windows\system32\dllcache\wmspdmoe.dll
2010-04-16 13:03 . 2008-04-13 17:13 1119744 -c----w- c:\windows\system32\dllcache\wmsdmoe2.dll
2010-04-16 13:03 . 2008-04-13 17:13 1001472 -c----w- c:\windows\system32\dllcache\wmvdmoe2.dll
2010-04-16 13:03 . 2008-04-13 17:13 98304 -c----w- c:\windows\system32\dllcache\wmpband.dll
2010-04-16 13:03 . 2008-04-13 17:13 221184 -c----w- c:\windows\system32\dllcache\wmpns.dll
2010-04-16 13:03 . 2008-04-13 17:13 151552 -c----w- c:\windows\system32\dllcache\wmidx.dll
2010-04-16 13:03 . 2008-04-13 17:13 114688 -c----w- c:\windows\system32\dllcache\wmpasf.dll
2010-04-16 13:03 . 2008-04-13 16:51 186880 -c----w- c:\windows\system32\dllcache\wmerror.dll
2010-04-16 12:56 . 2008-04-13 17:13 286720 -c----w- c:\windows\system32\dllcache\blackbox.dll
2010-04-16 12:53 . 2008-04-13 07:36 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2010-04-16 12:53 . 2008-04-13 09:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2010-04-16 08:34 . 2009-04-06 09:37 704384 ----a-w- c:\windows\system32\drivers\SandBox.sys
2010-04-16 08:33 . 2009-02-10 14:15 257432 ----a-w- c:\windows\system32\drivers\afwcore.sys
2010-04-16 08:28 . 2009-02-18 15:30 31128 ----a-w- c:\windows\system32\drivers\afw.sys
2010-04-16 08:27 . 2010-04-16 08:27 -------- d-----w- c:\programmi\Agnitum
2010-04-16 08:27 . 2010-04-16 08:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Agnitum
2010-04-15 11:41 . 2010-04-15 11:41 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\Malwarebytes
2010-04-15 11:41 . 2010-03-29 13:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-15 11:41 . 2010-04-15 11:41 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-04-15 11:41 . 2010-04-15 11:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-04-15 11:41 . 2010-03-29 13:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-08 07:50 . 2010-04-08 07:50 4255072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcorex.dll
2010-04-02 08:01 . 2010-04-02 08:01 4076824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgui.exe
2010-04-02 08:01 . 2010-04-02 08:01 2059544 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgtray.exe
2010-04-02 08:01 . 2010-04-02 08:01 1274136 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgfrw.exe
2010-04-02 08:01 . 2010-04-02 08:01 1598744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgssie.dll
2010-04-02 08:01 . 2010-04-02 08:01 1515224 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgwd.dll
2010-04-02 08:01 . 2010-04-02 08:01 598296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgsrmx.dll
2010-04-02 08:01 . 2010-04-02 08:01 313112 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avglogx.dll
2010-04-02 08:01 . 2010-04-02 08:01 459544 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcclix.dll
2010-04-02 08:01 . 2010-04-02 08:01 1086744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchsvx.exe
2010-04-02 08:01 . 2010-04-02 08:01 556824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchjwx.dll
2010-04-02 08:01 . 2010-04-02 08:01 301336 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchclx.dll
2010-04-02 07:55 . 2010-04-02 07:55 1035032 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.exe
2010-04-02 07:55 . 2010-04-02 07:55 1685784 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.dll
2010-03-31 15:31 . 2010-02-23 12:04 1664256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar\IEToolbar.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 16:16 . 2006-09-06 09:30 51792 -c--a-w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-04-16 16:14 . 2002-09-23 17:49 425432 ----a-w- c:\windows\system32\perfh010.dat
2010-04-16 16:14 . 2002-09-23 17:49 63180 ----a-w- c:\windows\system32\perfc010.dat
2010-04-16 13:05 . 2006-09-05 09:37 77811 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-04-16 10:27 . 2010-03-10 12:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar
2010-04-15 17:12 . 2007-05-16 11:56 -------- d-----w- c:\programmi\CCleaner
2010-04-15 14:21 . 2006-10-23 12:44 49 ----a-w- c:\windows\wpd99.drv
2010-03-15 07:36 . 2008-06-11 08:35 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-15 07:36 . 2010-03-15 07:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-15 07:36 . 2007-11-05 11:43 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-15 07:35 . 2008-06-11 08:35 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-10 12:31 . 2010-03-10 12:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg9
2010-03-10 12:31 . 2008-06-11 08:34 -------- d-----w- c:\programmi\AVG
2010-03-10 06:15 . 2002-09-23 17:57 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:16 . 2006-06-23 11:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-19 14:44 . 2008-11-13 17:58 22907 ----a-w- c:\programmi\FirmaVerifica2.1_InstallLog.log
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"Persistence"="c:\windows\System32\igfxpers.exe" [2005-04-05 114688]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-04-05 94208]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\programmi\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Nikon Monitor.lnk - c:\programmi\File comuni\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-15 07:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/06/2008 10.35.24 216200]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/06/2008 10.35.24 242696]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [16/04/2010 10.34.36 704384]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [16/04/2010 10.28.00 1195008]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmi\AVG\AVG9\avgemc.exe [15/03/2010 9.35.57 916760]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [15/03/2010 9.36.12 308064]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [16/04/2010 10.28.09 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [16/04/2010 10.33.29 257432]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.agenziadogane.it/wps/wcm/connect/ed
uInternet Connection Wizard,ShellNext = iexplore
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {0EBEA047-F744-476B-B8C2-E03ED33DABC9} = 62.212.0.10
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\2g1nmhl6.default\
FF - prefs.js: browser.search.selectedEngine - Babylon
FF - component: c:\programmi\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPAdbESD.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-Security Task Manager - c:\programmi\Security Task Manager\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-16 19:43
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3196)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\programmi\AVG\AVG9\avgrsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\documents and settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40ST7.EXE
c:\documents and settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\System32\HPZipm12.exe
c:\programmi\AVG\AVG9\avgnsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-04-16 19:49:38 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-04-16 17:49
ComboFix2.txt 2010-04-16 16:41
Pre-Run: 62.280.773.632 byte disponibili
Post-Run: 62.242.471.936 byte disponibili
- - End Of File - - 0C1D7601E11D9B8671D2F33200B2A4CF
