Riscontro che l'avvio del PC è diventato lento. Virus o vecchiaia. Allego il report di combofix. Grazie della gentilezza.
ComboFix 12-11-06.03 - Proprietario 08/11/2012 0.20.50.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.2047.1438 [GMT 1:00]
Eseguito da: c:\documents and settings\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: F-Secure Anti-Virus 8.10 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Internet Security 6.01 *Disabled* {D4747503-0346-49EB-9262-997542F79BF4}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\documents and settings\All Users\Menu Avvio\Programmi\Smart Flash Recovery
c:\documents and settings\All Users\Menu Avvio\Programmi\Smart Flash Recovery\Disinstalla Smart Flash Recovery.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\Smart Flash Recovery\Guida.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\Smart Flash Recovery\Smart Flash Recovery.lnk
c:\documents and settings\Downloads\2Sky_Go_setup.exe
c:\documents and settings\Downloads\chromeinstall-7u7.exe
c:\documents and settings\Downloads\ComboFix (1).exe
c:\documents and settings\Downloads\ComboFix.exe
c:\documents and settings\Downloads\CubikoFreeInstaller.exe
c:\documents and settings\Downloads\Download_MaxDownloadMgrtrial.exe
c:\documents and settings\Downloads\EasyPhotoUploader_for_Facebook_setup.exe
c:\documents and settings\Downloads\SetupTurboPOI.exe
c:\documents and settings\Downloads\TVClick-Standard-Setup.exe
c:\documents and settings\Proprietario\Dati applicazioni\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\~DFK23eb21.tmp
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\1eaadjc.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\bass.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\kfgresk.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\mjcriu.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\peaadje.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\qwadjb.dll
c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\rsaadjd.dll
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\chrome.manifest
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\funmoods.css
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\funmoods.xul
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\arwDwn.gif
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ae.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\bg.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ch.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cn.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cz.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\de.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\eg.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\en.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\es.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\fr.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\gr.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\he.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\il.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\it.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ja.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\jp.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\nl.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\no.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pl.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pt.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ro.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ru.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sa.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\se.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sv.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\tr.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ua.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\us.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\help_16.gif
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\home.gif
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\logo.png
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\privecy_16_hot.gif
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\imgs\tellafriend.gif
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\loader.xul
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\mtstart.js
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\tmplt.js
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\content\uninsthk.js
c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\ffxtlbr@funmoods.com\install.rdf
c:\documents and settings\Proprietario\Dati applicazioni\OfferBox
c:\documents and settings\Proprietario\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\Proprietario\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Proprietario\Dati applicazioni\Toolbar4
c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\assembly\tmp
c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\siqgs_nav.dat
c:\documents and settings\Proprietario\WINDOWS
c:\programmi\Search Settings
c:\programmi\Search Settings\FF\chrome.manifest
c:\programmi\Search Settings\FF\chrome\content\plugin.js
c:\programmi\Search Settings\FF\chrome\content\plugin.xul
c:\programmi\Search Settings\FF\chrome\content\protection.js
c:\programmi\Search Settings\FF\chrome\content\utils.js
c:\programmi\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\programmi\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\programmi\Search Settings\FF\components\IFBHOSearch.xpt
c:\programmi\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\programmi\Search Settings\FF\components\IFHelperPreferences.xpt
c:\programmi\Search Settings\FF\components\SearchSettingsFF.dll
c:\programmi\Search Settings\FF\install.rdf
c:\programmi\Search Settings\SeARchsettings.dll
c:\programmi\Search Settings\SearchSettings.exe
c:\programmi\Search Settings\SearchSettings_AVG_RESTORED.exe
c:\programmi\Search Settings\SearchSettings_AVG_RESTORED_1.exe
c:\programmi\Search Settings\SearchSettingsRes409.dll
c:\programmi\Smart Flash Recovery
c:\programmi\Smart Flash Recovery\file_id.diz
c:\programmi\Smart Flash Recovery\history.txt
c:\programmi\Smart Flash Recovery\Italian.ini
c:\programmi\Smart Flash Recovery\readme.txt
c:\programmi\Smart Flash Recovery\SmartFlashRecovery.chm
c:\programmi\Smart Flash Recovery\SmartFlashRecovery.exe
c:\programmi\Smart Flash Recovery\SmartPC.ico
c:\programmi\Smart Flash Recovery\unins000.dat
c:\programmi\Smart Flash Recovery\unins000.exe
c:\windows\desktop
c:\windows\desktop\BARBIE.LNK
c:\windows\IsUn0407.exe
c:\windows\IsUn0410.exe
c:\windows\system32\1232471855.exe
c:\windows\system32\service
c:\windows\system32\service\01022010_TIS17_SfFniAU.log
c:\windows\system32\service\01052009_TIS17_SfFniAU.log
c:\windows\system32\service\01122009_TIS17_SfFniAU.log
c:\windows\system32\service\02012010_TIS17_SfFniAU.log
c:\windows\system32\service\02022010_TIS17_SfFniAU.log
c:\windows\system32\service\02042010_TIS17_SfFniAU.log
c:\windows\system32\service\02052009_TIS17_SfFniAU.log
c:\windows\system32\service\02062009_TIS17_SfFniAU.log
c:\windows\system32\service\02122009_TIS17_SfFniAU.log
c:\windows\system32\service\03022010_TIS17_SfFniAU.log
c:\windows\system32\service\05062009_TIS17_SfFniAU.log
c:\windows\system32\service\05102009_TIS17_SfFniAU.log
c:\windows\system32\service\06052009_TIS17_SfFniAU.log
c:\windows\system32\service\06122009_TIS17_SfFniAU.log
c:\windows\system32\service\07022010_TIS17_SfFniAU.log
c:\windows\system32\service\07052009_TIS17_SfFniAU.log
c:\windows\system32\service\07062009_TIS17_SfFniAU.log
c:\windows\system32\service\08052009_TIS17_SfFniAU.log
c:\windows\system32\service\08062009_TIS17_SfFniAU.log
c:\windows\system32\service\08122009_TIS17_SfFniAU.log
c:\windows\system32\service\09052009_TIS17_SfFniAU.log
c:\windows\system32\service\09122009_TIS17_SfFniAU.log
c:\windows\system32\service\10032010_TIS17_SfFniAU.log
c:\windows\system32\service\10062009_TIS17_SfFniAU.log
c:\windows\system32\service\10102009_TIS17_SfFniAU.log
c:\windows\system32\service\10122009_TIS17_SfFniAU.log
c:\windows\system32\service\11052009_TIS17_SfFniAU.log
c:\windows\system32\service\12062009_TIS17_SfFniAU.log
c:\windows\system32\service\13062009_TIS17_SfFniAU.log
c:\windows\system32\service\13122009_TIS17_SfFniAU.log
c:\windows\system32\service\14022010_TIS17_SfFniAU.log
c:\windows\system32\service\14062009_TIS17_SfFniAU.log
c:\windows\system32\service\14112009_TIS17_SfFniAU.log
c:\windows\system32\service\15012010_TIS17_SfFniAU.log
c:\windows\system32\service\15022010_TIS17_SfFniAU.log
c:\windows\system32\service\15062009_TIS17_SfFniAU.log
c:\windows\system32\service\16042010_TIS17_SfFniAU.log
c:\windows\system32\service\16052009_TIS17_SfFniAU.log
c:\windows\system32\service\16062009_TIS17_SfFniAU.log
c:\windows\system32\service\17052009_TIS17_SfFniAU.log
c:\windows\system32\service\17062009_TIS17_SfFniAU.log
c:\windows\system32\service\17112009_TIS17_SfFniAU.log
c:\windows\system32\service\18012010_TIS17_SfFniAU.log
c:\windows\system32\service\18032010_TIS17_SfFniAU.log
c:\windows\system32\service\18062009_TIS17_SfFniAU.log
c:\windows\system32\service\18102009_TIS17_SfFniAU.log
c:\windows\system32\service\18112009_TIS17_SfFniAU.log
c:\windows\system32\service\19012010_TIS17_SfFniAU.log
c:\windows\system32\service\19042010_TIS17_SfFniAU.log
c:\windows\system32\service\19112009_TIS17_SfFniAU.log
c:\windows\system32\service\20042010_TIS17_SfFniAU.log
c:\windows\system32\service\20062009_TIS17_SfFniAU.log
c:\windows\system32\service\20112009_TIS17_SfFniAU.log
c:\windows\system32\service\21042010_TIS17_SfFniAU.log
c:\windows\system32\service\21112009_TIS17_SfFniAU.log
c:\windows\system32\service\21122009_TIS17_SfFniAU.log
c:\windows\system32\service\22022010_TIS17_SfFniAU.log
c:\windows\system32\service\22062009_TIS17_SfFniAU.log
c:\windows\system32\service\22112009_TIS17_SfFniAU.log
c:\windows\system32\service\23042009_TIS17_SfFniAU.log
c:\windows\system32\service\23102009_TIS17_SfFniAU.log
c:\windows\system32\service\24052009_TIS17_SfFniAU.log
c:\windows\system32\service\25012002_TIS17_SfFniAU.log
c:\windows\system32\service\25042009_TIS17_SfFniAU.log
c:\windows\system32\service\25092009_TIS17_SfFniAU.log
c:\windows\system32\service\25112009_TIS17_SfFniAU.log
c:\windows\system32\service\26012010_TIS17_SfFniAU.log
c:\windows\system32\service\26052009_TIS17_SfFniAU.log
c:\windows\system32\service\26092009_TIS17_SfFniAU.log
c:\windows\system32\service\26112009_TIS17_SfFniAU.log
c:\windows\system32\service\27092009_TIS17_SfFniAU.log
c:\windows\system32\service\28052009_TIS17_SfFniAU.log
c:\windows\system32\service\28102009_TIS17_SfFniAU.log
c:\windows\system32\service\29042009_TIS17_SfFniAU.log
c:\windows\system32\service\29052009_TIS17_SfFniAU.log
c:\windows\system32\service\30032010_TIS17_SfFniAU.log
c:\windows\system32\service\30052009_TIS17_SfFniAU.log
c:\windows\system32\SET48F.tmp
c:\windows\system32\SET490.tmp
c:\windows\system32\SET491.tmp
c:\windows\system32\SET6D9.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_amsint32
.
.
((((((((((((((((((((((((( Files Creati Da 2012-10-07 al 2012-11-07 )))))))))))))))))))))))))))))))))))
.
.
2012-11-02 19:04 . 2012-11-02 19:04 -------- d-----w- C:\TurboPOI
2012-10-31 22:23 . 2012-10-31 22:24 -------- d-----w- c:\programmi\Cubiko
2012-10-30 22:45 . 2012-11-03 16:39 -------- d-----w- c:\documents and settings\Pinnacle Studio\My Disc Images
2012-10-30 22:45 . 2012-10-30 22:45 -------- d-----w- c:\documents and settings\InstantCDDVD
2012-10-30 21:30 . 2012-10-30 21:30 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\HandBrake
2012-10-30 21:28 . 2012-10-30 21:29 -------- d-----w- c:\documents and settings\DVDVideoSoft
2012-10-27 21:41 . 2012-10-27 21:41 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\ObviousIdea
2012-10-27 21:41 . 2012-10-27 21:41 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\EurekaLog
2012-10-27 21:37 . 2012-10-27 21:37 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\Obvious Idea
2012-10-27 21:36 . 2012-10-27 21:36 -------- d-----w- c:\programmi\EasyPhotoUploader
2012-10-26 18:06 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-24 21:37 . 2012-10-24 22:26 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\TurboPOI
2012-10-24 21:37 . 2012-10-24 21:59 -------- d-----w- c:\programmi\TurboPOI
2012-10-22 11:07 . 2012-10-22 11:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Max Secure
2012-10-22 07:29 . 2012-10-22 07:29 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Max Secure Software
2012-10-22 07:28 . 2012-10-22 07:40 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\GetRightToGo
2012-10-18 12:20 . 2012-10-18 12:20 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Sun
2012-10-12 00:02 . 2012-10-12 00:02 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\SKIT
2012-10-12 00:02 . 2012-10-12 00:02 108368 ----a-r- c:\documents and settings\Proprietario\Dati applicazioni\Microsoft\Installer\{FEC1DF97-E716-4CD8-A55B-75C373912D35}\ARPPRODUCTICON.exe
2012-10-12 00:02 . 2012-10-12 00:02 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Sky Italia
2012-10-11 23:11 . 2012-10-11 23:11 -------- d-----w- c:\documents and settings\Video\DivX Movies
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 19:36 . 2012-06-17 16:06 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-15 19:36 . 2010-05-27 06:07 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-09 18:32 . 2012-04-15 20:16 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 18:32 . 2011-06-27 16:46 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 16:39 . 2008-11-16 15:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:05 . 2004-08-19 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2004-08-19 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2004-08-19 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-19 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-28 01:04 . 2011-03-02 05:57 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-08-24 13:53 . 2004-08-19 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-19 12:00 2152448 ------w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2004-08-19 15:34 2031104 ------w- c:\windows\system32\ntkrnlpa.exe
1996-11-15 13:23 . 2010-10-21 17:15 384864 ----a-w- c:\programmi\DESIGN.EXE
1996-09-14 04:18 . 2010-10-21 17:15 24576 ----a-w- c:\programmi\DIBAPI.DLL
2012-06-07 22:19 . 2011-04-04 06:59 85472 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"09ED53144092828E2F9CFE076A65446F643A6215._service_run"="c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe" [2012-10-10 1239064]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 4763008]
"KiesPDLR"="c:\programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-11-02 843208]
"KiesPreload"="c:\programmi\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"TomTomHOME.exe"="c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]
"PCShowServer"="c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe" [2012-04-17 525680]
"KiesAirMessage"="c:\programmi\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"<NO NAME>"="c:\programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-11-02 843208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"Ai Nap"="c:\programmi\ASUS\AI Suite\AiNap\AiNap.exe" [2008-05-21 1423360]
"ATICustomerCare"="c:\programmi\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-02-06 2077536]
"KiesTrayAgent"="c:\programmi\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"TkBellExe"="c:\programmi\real\realplayer\update\realsched.exe" [2012-02-21 296056]
"CanonMyPrinter"="c:\programmi\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 1983816]
"APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/it.special-uninstall ... =10.0.1424" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2012-02-06 14:40 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\NetMeeting\\conf.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Documents and Settings\\Proprietario\\Impostazioni locali\\Dati applicazioni\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Programmi\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programmi\\EuteliaVOIP\\EuteliaVOIP.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Documents and Settings\\Proprietario\\Impostazioni locali\\Dati applicazioni\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Programmi\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Programmi\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Programmi\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programmi\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Tribler\\tribler.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"443:TCP"= 443:TCP:*:Disabled:Porta TCP ooVoo 443
"443:UDP"= 443:UDP:*:Disabled:Porta UDP ooVoo 443
"37674:TCP"= 37674:TCP:*:Disabled:Porta TCP ooVoo 37674
"37674:UDP"= 37674:UDP:*:Disabled:Porta UDP ooVoo 37674
"37675:UDP"= 37675:UDP:*:Disabled:Porta UDP ooVoo 37675
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [26/01/2009 11.19.59 33408]
R0 FSFW;FSFW;c:\windows\system32\drivers\fsdfw.sys [14/11/2008 19.15.50 79904]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [23/06/2008 23.21.48 150568]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [06/02/2012 15.38.51 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [06/02/2012 15.38.56 243152]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 17.27.02 12880]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 22.55.22 67664]
R2 !SASCORE;SAS Core Service;c:\programmi\SUPERAntiSpyware\SASCORE.EXE [12/08/2011 0.38.07 116608]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmi\AVG\AVG9\avgemc.exe [06/02/2012 15.40.25 921952]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [06/02/2012 15.40.28 308136]
R2 EPGService;EPGService;c:\progra~1\WinTV\EPG Services\System\EPGService.exe [21/01/2009 15.07.17 436224]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [31/03/2009 16.16.04 2368]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [28/08/2012 6.41.08 92632]
R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\drivers\3xHybrid.sys [22/11/2004 11.33.52 698368]
R3 HSFHWCD2;HSFHWCD2;c:\windows\system32\drivers\HSFHWCD2.sys [26/01/2010 12.52.55 201728]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Application Updater;Application Updater; [x]
S2 bsaspi32;bsaspi32; [x]
S2 gupdate1c98b0a454e634e;Google Update Service (gupdate1c98b0a454e634e);c:\programmi\Google\Update\GoogleUpdate.exe [10/02/2009 0.00.57 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; [x]
S2 NeroRegInCDSrv;Nero Registry InCD Service; [x]
S2 SkypeUpdate;Skype Updater;c:\programmi\Skype\Updater\Updater.exe [13/07/2012 12.28.36 160944]
S2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 13.44.00 580992]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [18/05/2012 11.28.48 20032]
S3 FSORSPClient;FSORSPClient; [x]
S3 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\WinTV\HCWTVS~1.EXE [21/01/2009 15.06.09 823296]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\drivers\hcw95bda.sys [21/01/2009 15.03.39 560640]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\drivers\hcw95rc.sys [21/01/2009 15.03.40 15616]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [29/07/2010 18.27.11 7680]
S3 MEMSWEEP2;MEMSWEEP2; [x]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [14/11/2008 22.00.07 6400]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [21/09/2012 21.13.12 27064]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [29/07/2010 18.27.58 110080]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [29/07/2010 18.27.42 104960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 18:32]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-09 23:00]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-09 23:00]
.
2012-11-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-926492609-839522115-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
2012-11-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-926492609-839522115-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
2012-11-05 c:\windows\Tasks\ReclaimerUpdateFiles_Proprietario.job
- c:\documents and settings\Proprietario\Dati applicazioni\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 21:26]
.
2012-11-04 c:\windows\Tasks\ReclaimerUpdateXML_Proprietario.job
- c:\documents and settings\Proprietario\Dati applicazioni\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 21:26]
.
2012-11-07 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Proprietario.job
- c:\documents and settings\Proprietario\Dati applicazioni\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 21:26]
.
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.it/
IE: Cerca nel web
IE: Free YouTube Download - c:\documents and settings\Proprietario\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\documents and settings\Proprietario\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: winsflt.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: Iphona - hxxp://www.inps.it/Servizi/ParlaConNoi/ ... Iphona.CAB
DPF: {96816368-C1E3-414D-A193-63C3CC921990} - hxxp://hotelforumrome.remotemanager.co. ... Render.ocx
DPF: {A8C1E502-4FCF-4AF2-ADDB-ABF540CA5BA7} - hxxp://twcam.www.gov.tw/webcam/ocx/xVideoShow.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game08.zylom.com/activex/zylomgamesplayer.cab
DPF: {C7DEAFF2-1DEB-4647-9631-43C09BB8CEC6} - hxxp://twcam.www.gov.tw/webcam/ocx/DVSTools.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://82.170.187.115/activex/AMC.cab
DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} - hxxp://web.bergamocitta.it/mjpegcontrol.cab
FF - ProfilePath - c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\
FF - prefs.js: browser.startup.homepage - www.google.it
FF - ExtSQL: 2012-10-11 20:55; firefox@ghostery.com; c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\6t57rjq6.default\extensions\firefox@ghostery.com
FF - ExtSQL: !HIDDEN! 2009-08-25 23:12; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ironto
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ironto
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=ironto&q=
FF - user.js: extensions.funmoods_i.id - 6882af7e00000000000000221591a8b3
FF - user.js: extensions.funmoods_i.instlDay - 15350
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.1
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.1
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.121:41
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ironto
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
BHO-{db35fda8-77e3-4784-92c2-ee7345e91af4} - (no file)
WebBrowser-{382BE5E1-D321-42ED-8820-CBAF85280AFB} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
ShellIconOverlayIdentifiers-{40DAD1B9-DDCF-4A31-A5D3-A03BC8881370} - (no file)
ShellExecuteHooks-{F28439F2-4996-41B8-8BD0-22789780DE81} - (no file)
Notify-__c001CBCC - (no file)
AddRemove-EPSON Photo Print - c:\windows\IsUn0410.exe
AddRemove-FaxTalk Communicator 4.5 - c:\windows\IsUn0410.exe
AddRemove-Smart Flash Recovery_is1 - c:\programmi\Smart Flash Recovery\unins000.exe
AddRemove-01_Simmental - c:\programmi\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programmi\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programmi\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programmi\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\programmi\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\programmi\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programmi\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programmi\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programmi\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programmi\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programmi\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-Virtual Globe - c:\windows\system32\javaws.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-08 00:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-515967899-926492609-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88A6B72-5B41-ADC6-D592-22DCA76ABE6A}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaebfifabljlalcmei"=hex:6a,61,6e,61,6d,70,65,66,6f,6c,63,6b,69,61,64,67,6a,6a,
6a,68,00,00
"hakabgdmgdmefmco"=hex:6a,61,6e,61,6d,70,65,66,6f,6c,63,6b,69,61,64,67,6a,6a,
6a,68,00,60
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(856)
c:\windows\system32\winsflt.dll
.
- - - - - - - > 'explorer.exe'(2260)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\winsflt.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\programmi\AVG\AVG9\avgrsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\programmi\Java\jre7\bin\jqs.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmi\AVG\AVG9\avgnsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\NDSPCShowServer.exe
.
**************************************************************************
.
Ora fine scansione: 2012-11-08 00:36:51 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-11-07 23:36
.
Pre-Run: 112.858.804.224 byte disponibili
Post-Run: 113.354.215.424 byte disponibili
.
WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptOut
.
- - End Of File - - D3A5C4A6DAA0105758EB2812206E2328
Registrazione
