Ecco il log. Ho seguito sempre la stessa procedura.
ComboFix 10-02-01.03 - UNIVERSAL 03/02/2010 13.53.55.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.511.266 [GMT 1:00]
Eseguito da: c:\documents and settings\UNIVERSAL\Documenti\Download\ComboFix.exe
Opzioni usate :: c:\documents and settings\UNIVERSAL\Desktop\CFScript.txt
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
FILE ::
"c:\windows\Internet Logs\xDB1.tmp"
"c:\windows\Internet Logs\xDB2.tmp"
"c:\windows\Internet Logs\xDB3.tmp"
"c:\windows\Internet Logs\xDB4.tmp"
"c:\windows\Internet Logs\xDB5.tmp"
"c:\windows\Internet Logs\xDB6.tmp"
"c:\windows\Internet Logs\xDB7.tmp"
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Internet Logs\xDB1.tmp
c:\windows\Internet Logs\xDB2.tmp
c:\windows\Internet Logs\xDB3.tmp
c:\windows\Internet Logs\xDB4.tmp
c:\windows\Internet Logs\xDB5.tmp
c:\windows\Internet Logs\xDB6.tmp
c:\windows\Internet Logs\xDB7.tmp
.
((((((((((((((((((((((((( Files Creati Da 2010-01-03 al 2010-02-03 )))))))))))))))))))))))))))))))))))
.
2010-02-01 21:37 . 2006-05-03 10:57 520192 ------w- c:\windows\system32\ati2sgag.exe
2010-02-01 20:57 . 2008-04-13 18:14 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-02-01 20:57 . 2008-04-13 18:14 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-02-01 20:57 . 2001-08-30 22:08 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-02-01 20:57 . 2001-08-30 22:08 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-02-01 20:57 . 2001-08-30 22:08 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-02-01 20:57 . 2001-08-30 22:08 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-02-01 20:57 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-02-01 20:57 . 2008-04-13 08:34 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-02-01 20:57 . 2008-04-13 08:34 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-02-01 20:57 . 2008-04-13 18:13 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-02-01 20:57 . 2008-04-13 10:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-02-01 20:55 . 2001-08-30 22:08 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-02-01 20:54 . 2001-08-30 22:08 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2010-02-01 20:53 . 2001-08-30 21:25 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2010-02-01 20:52 . 2008-04-13 10:40 8832 -c--a-w- c:\windows\system32\dllcache\powerfil.sys
2010-02-01 20:51 . 2001-08-17 19:12 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-02-01 20:50 . 2008-04-13 10:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-02-01 20:49 . 2001-08-30 22:07 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2010-02-01 20:48 . 2001-08-30 22:07 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2010-02-01 20:47 . 2001-08-30 22:07 89088 -c--a-w- c:\windows\system32\dllcache\hpgt33.dll
2010-02-01 20:46 . 2001-08-30 22:07 46080 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2010-02-01 20:45 . 2001-08-30 22:08 236060 -c--a-w- c:\windows\system32\dllcache\ditrace.exe
2010-02-01 20:44 . 2001-08-30 22:07 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2010-02-01 20:43 . 2001-08-30 19:19 13952 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-02-01 20:42 . 2001-08-17 19:12 97354 -c--a-w- c:\windows\system32\dllcache\aspndis3.sys
2010-02-01 20:41 . 2001-08-30 22:07 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-02-01 20:41 . 2008-04-13 17:54 2148864 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-30 12:16 . 2008-04-13 18:13 32768 -c--a-w- c:\windows\system32\dllcache\ativtmxx.dll
2010-01-30 12:16 . 2008-04-13 18:13 32768 ----a-w- c:\windows\system32\ativtmxx.dll
2010-01-30 12:16 . 2008-04-13 18:13 377984 -c--a-w- c:\windows\system32\dllcache\ati2dvaa.dll
2010-01-30 12:16 . 2008-04-13 18:13 377984 ----a-w- c:\windows\system32\ati2dvaa.dll
2010-01-28 18:08 . 2010-01-28 18:08 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2010-01-28 18:08 . 2010-01-28 18:08 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2010-01-28 18:07 . 2010-01-28 18:07 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-28 18:07 . 2010-02-02 12:31 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Spyware Terminator
2010-01-28 18:07 . 2010-02-02 14:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2010-01-28 18:07 . 2010-02-02 21:23 -------- d-----w- c:\programmi\Spyware Terminator
2010-01-27 17:46 . 2009-12-04 15:35 46472 ----a-w- c:\windows\system32\vsutil_loc0410.dll
2010-01-27 17:46 . 2009-12-04 15:34 69000 ----a-w- c:\windows\system32\zlcomm.dll
2010-01-27 17:46 . 2009-12-04 15:34 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2010-01-27 17:45 . 2009-12-04 15:34 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2010-01-27 17:45 . 2010-01-27 17:46 -------- d-----w- c:\windows\system32\ZoneLabs
2010-01-27 17:45 . 2010-01-27 17:45 -------- d-----w- c:\programmi\Zone Labs
2010-01-27 17:38 . 2010-02-03 12:59 -------- d-----w- c:\windows\Internet Logs
2010-01-27 17:31 . 2010-01-27 17:31 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\CheckPoint
2010-01-27 17:30 . 2010-01-27 17:47 -------- d-----w- c:\programmi\CheckPoint
2010-01-27 17:30 . 2010-01-27 17:47 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-24 22:42 . 2003-11-12 22:38 510976 ----a-w- c:\windows\system32\synsoacc.dll
2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\programmi\SampleTank 2
2010-01-24 16:45 . 2010-01-24 16:45 -------- d-----w- c:\programmi\SAMPLE~1
2010-01-18 20:43 . 2010-02-02 10:20 1 ----a-w- c:\documents and settings\UNIVERSAL\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-18 20:41 . 2010-01-18 20:41 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\OpenOffice.org
2010-01-18 20:34 . 2010-01-18 20:34 -------- d-----w- c:\programmi\JRE
2010-01-18 20:33 . 2010-01-18 20:34 -------- d-----w- c:\programmi\OpenOffice.org 3
2010-01-18 09:48 . 2010-01-18 09:47 1260800 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgfrw.exe
2010-01-09 17:27 . 2010-01-09 17:27 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\JAlbum
2010-01-09 17:20 . 2010-01-09 17:21 -------- d-----w- c:\programmi\Jalbum
2010-01-07 20:48 . 2010-01-07 20:48 -------- d-----w- c:\programmi\Trend Micro
2010-01-07 19:13 . 2010-02-02 22:16 230454 ----a-w- C:\StiImg.dat
2010-01-06 21:01 . 2010-01-06 21:01 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\ZoomBrowser EX
2010-01-06 20:52 . 2010-01-06 20:52 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Canon
2010-01-06 20:51 . 2010-01-06 20:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PhotoStitch
2010-01-06 20:45 . 2010-01-06 20:45 -------- d-----w- c:\programmi\File comuni\Canon
2010-01-06 20:38 . 2010-01-06 20:38 -------- d-----w- c:\windows\PAC207
2010-01-06 20:37 . 2004-06-17 02:05 136832 ----a-r- c:\windows\system32\drivers\pfc027.sys
2010-01-06 19:31 . 2010-01-30 11:59 -------- d-----w- c:\documents and settings\UNIVERSAL\Impostazioni locali\Dati applicazioni\ATI
2010-01-06 19:31 . 2010-01-30 11:59 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\ATI
2010-01-06 19:11 . 2010-01-06 19:11 -------- d-----w- c:\programmi\Lavalys
2010-01-06 18:29 . 2008-04-13 08:44 2560 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\USMT\iconlib.dll
2010-01-06 18:23 . 2010-01-06 18:23 -------- d-----w- c:\programmi\AMD
2010-01-06 18:12 . 2003-07-02 03:42 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2010-01-06 17:49 . 2008-04-13 18:13 26624 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-01-06 17:46 . 2010-01-24 17:08 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Adobe
2010-01-06 12:53 . 2010-01-17 14:55 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\U3
2010-01-06 11:34 . 2010-01-06 11:34 152576 ----a-w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-06 11:32 . 2010-01-06 11:32 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-06 11:32 . 2010-01-29 19:32 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\skypePM
2010-01-05 16:34 . 2007-01-11 03:02 113664 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2010-01-05 01:31 . 2010-01-05 01:31 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Nokia Multimedia Player
2010-01-04 21:22 . 2003-10-21 00:31 815104 ----a-w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Macromedia\Dreamweaver MX 2004\Configuration\Flash Player\FlashPlayerW.dll
2010-01-04 21:22 . 2003-10-21 00:31 757760 ----a-w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Macromedia\Dreamweaver MX 2004\Configuration\Flash Player\NPSWF32.dll
2010-01-04 21:22 . 2010-01-04 21:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Macrovision
2010-01-04 21:19 . 2010-01-04 21:19 -------- d-----w- c:\programmi\File comuni\Macromedia Shared
2010-01-04 21:19 . 2003-09-17 11:57 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-01-04 21:19 . 2003-09-17 11:57 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-01-04 21:19 . 2003-09-17 11:57 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-01-04 21:18 . 2010-01-04 21:19 -------- d-----w- c:\programmi\File comuni\Macromedia
2010-01-04 21:17 . 2010-01-04 21:19 -------- d-----w- c:\programmi\Macromedia
2010-01-04 14:26 . 2010-01-04 14:26 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Datalayer
2010-01-04 14:24 . 2010-01-04 14:51 -------- d-----w- c:\documents and settings\UNIVERSAL\Phone Browser
2010-01-04 13:42 . 2010-01-04 13:42 -------- d-----w- c:\programmi\DIFX
2010-01-04 13:40 . 2010-01-04 13:40 -------- d-----w- c:\programmi\File comuni\Nokia
2010-01-04 13:40 . 2010-01-04 13:40 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\PC Suite
2010-01-04 13:40 . 2010-01-04 13:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Suite
2010-01-04 13:39 . 2010-01-04 13:40 -------- d-----w- c:\programmi\File comuni\PCSuite
2010-01-04 13:39 . 2006-05-29 07:26 13312 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-01-04 13:39 . 2006-05-29 07:26 13312 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-01-04 13:39 . 2006-05-29 07:26 8704 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-01-04 13:39 . 2006-05-29 07:26 30720 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-01-04 13:39 . 2006-05-29 07:26 4608 ----a-w- c:\windows\system32\nmwcdlog.dll
2010-01-04 13:39 . 2006-05-29 07:26 127488 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-01-04 13:39 . 2006-05-29 07:26 50688 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-01-04 13:39 . 2010-01-04 13:45 -------- d-----w- c:\programmi\Nokia
2010-01-04 13:39 . 2010-01-04 13:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 12:50 . 2010-01-28 09:23 4690076 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-02-02 23:12 . 2009-12-08 00:13 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\vlc
2010-02-02 12:28 . 2010-02-02 12:29 35840 ----a-w- c:\windows\Internet Logs\xDB9.tmp
2010-02-02 12:27 . 2009-12-29 21:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg9
2010-02-01 23:17 . 2010-02-02 09:05 43520 ----a-w- c:\windows\Internet Logs\xDB8.tmp
2010-01-30 12:11 . 2009-12-24 14:51 -------- d-----w- c:\programmi\ATI Technologies
2010-01-29 19:35 . 2009-12-08 22:04 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Skype
2010-01-29 12:37 . 2009-12-07 21:07 72944 ----a-w- c:\documents and settings\UNIVERSAL\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-18 20:32 . 2009-12-07 23:44 -------- d-----w- c:\programmi\Java
2010-01-18 19:54 . 2009-12-22 20:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-01-18 09:47 . 2009-12-29 23:06 3777280 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\setup.exe
2010-01-06 20:15 . 2009-12-07 21:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-06 17:42 . 2001-08-31 12:00 70544 ----a-w- c:\windows\system32\perfc010.dat
2010-01-06 17:42 . 2001-08-31 12:00 440128 ----a-w- c:\windows\system32\perfh010.dat
2010-01-06 11:34 . 2009-12-08 06:33 79488 ----a-w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-05 16:31 . 2009-12-07 21:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EPSON
2010-01-04 20:41 . 2009-12-07 23:46 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\IObit
2010-01-04 16:32 . 2009-12-20 14:04 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\dvdcss
2009-12-30 13:03 . 2009-12-30 13:03 -------- d-----w- c:\programmi\Realtek AC97
2009-12-30 12:46 . 2009-12-30 12:06 -------- d-----w- c:\programmi\ATI
2009-12-29 21:58 . 2009-12-29 21:58 -------- d-----w- c:\programmi\AVG
2009-12-29 21:40 . 2009-12-07 22:57 -------- d-----w- c:\programmi\COMODO
2009-12-29 21:39 . 2009-12-07 23:00 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-29 17:57 . 2009-12-07 16:45 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-24 18:57 . 2009-12-24 18:57 7406 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_bb32ea6.exe
2009-12-24 18:57 . 2009-12-24 18:57 1078 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_5af141bb.exe
2009-12-24 18:57 . 2009-12-24 18:57 1078 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_26e91eb.exe
2009-12-24 18:57 . 2009-12-24 18:57 -------- d-----w- c:\programmi\MP3 Player Utilities
2009-12-24 18:53 . 2009-12-24 18:53 1518 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}\_16C27C506C6504B2C13D39.exe
2009-12-24 18:53 . 2009-12-24 18:53 1078 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}\_1CAA5BC01F3C5DF97FB6C0.exe
2009-12-24 18:53 . 2009-12-24 18:53 10134 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}\_B54DE3512C6A1D235E523E.exe
2009-12-24 18:53 . 2009-12-24 18:53 16262 ------r- c:\documents and settings\UNIVERSAL\Dati applicazioni\Microsoft\Installer\{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}\_D2742AA478A741C95A085A.exe
2009-12-24 18:53 . 2009-12-24 18:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-24 18:53 . 2009-12-24 18:53 -------- d-----w- c:\programmi\Media Player Utilities 5.15
2009-12-24 15:09 . 2009-12-24 15:07 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\ArcSoft
2009-12-24 15:06 . 2009-12-24 15:06 -------- d-----w- c:\programmi\File comuni\ArcSoft
2009-12-24 15:03 . 2009-12-24 15:03 -------- d-----w- c:\programmi\ArcSoft
2009-12-24 14:26 . 2009-12-24 14:25 -------- d-----w- c:\programmi\VIA
2009-12-24 13:56 . 2009-12-24 13:55 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\GetRightToGo
2009-12-24 13:11 . 2009-12-24 13:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Innovative Solutions
2009-12-20 23:00 . 2009-12-10 19:53 -------- d-----w- c:\programmi\QuickTime
2009-12-20 22:38 . 2009-12-07 20:37 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-12-20 19:39 . 2009-12-20 00:08 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\DAEMON Tools Lite
2009-12-20 00:18 . 2009-12-19 23:40 -------- d-----w- c:\programmi\Steinberg
2009-12-20 00:09 . 2009-12-20 00:09 -------- d-----w- c:\programmi\DAEMON Tools Lite
2009-12-20 00:09 . 2009-12-20 00:09 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-20 00:08 . 2009-12-20 00:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2009-12-19 23:55 . 2009-12-19 23:55 -------- d-----w- c:\programmi\ASIO4ALL v2
2009-12-19 23:42 . 2009-12-19 23:42 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Steinberg
2009-12-19 20:15 . 2009-12-19 20:15 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Ahead
2009-12-16 12:42 . 2009-12-07 23:24 -------- d-----w- c:\programmi\File comuni\Adobe
2009-12-12 12:24 . 2009-12-12 12:24 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Apple Computer
2009-12-09 21:14 . 2009-12-08 21:51 -------- d-----w- c:\programmi\File comuni\LightScribe
2009-12-08 22:03 . 2009-12-08 22:03 -------- d-----w- c:\programmi\Skype
2009-12-08 22:03 . 2009-12-08 22:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-12-08 22:03 . 2009-12-08 22:03 -------- d-----w- c:\programmi\File comuni\Skype
2009-12-08 21:53 . 2009-12-08 21:48 -------- d-----w- c:\programmi\Ahead
2009-12-08 21:52 . 2009-12-08 21:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-12-08 21:51 . 2009-12-08 21:51 -------- d-----w- c:\programmi\File comuni\Nero
2009-12-08 21:48 . 2009-12-08 21:48 -------- d-----w- c:\programmi\File comuni\Ahead
2009-12-07 23:46 . 2009-12-07 23:46 -------- d-----w- c:\programmi\IObit
2009-12-07 23:42 . 2009-12-07 23:42 152576 ------w- c:\documents and settings\UNIVERSAL\Dati applicazioni\Sun\Java\jre1.6.0_11\lzma.dll
2009-12-07 23:25 . 2009-12-07 23:25 -------- d-----w- c:\documents and settings\UNIVERSAL\Dati applicazioni\AdobeUM
2009-12-07 22:50 . 2009-12-07 22:50 -------- d-----w- c:\programmi\Microsoft
2009-12-07 22:50 . 2009-12-07 22:50 -------- d-----w- c:\programmi\Windows Live
2009-12-07 22:50 . 2009-12-07 22:50 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-12-07 22:47 . 2009-12-07 22:47 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-12-07 22:41 . 2009-12-07 22:41 -------- d-----w- c:\programmi\Netropa
2009-12-07 22:32 . 2009-12-07 22:32 -------- d-----w- c:\programmi\xp-AntiSpy
2009-12-07 22:03 . 2009-12-07 22:03 0 ----a-w- c:\windows\nsreg.dat
2009-12-07 21:27 . 2009-12-07 21:26 -------- d-----w- c:\programmi\epson
2009-12-07 21:04 . 2009-12-07 21:04 -------- d-----w- c:\programmi\Analog Devices
2009-12-07 16:46 . 2009-12-07 16:46 -------- d-----w- c:\programmi\microsoft frontpage
2009-12-07 16:44 . 2009-12-07 16:44 -------- d-----w- c:\programmi\Servizi in linea
2009-12-07 16:43 . 2009-12-07 16:43 21840 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((( SnapShot@2010-02-02_12.47.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-03 12:51 . 2010-02-03 12:51 16384 c:\windows\Temp\Perflib_Perfdata_280.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2009-12-04 1037192]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"ISW"="c:\programmi\CheckPoint\ZAForceField\ForceField.exe" [2009-10-27 730480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^UNIVERSAL^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\UNIVERSAL\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-11-20 12:51 2335880 ----a-w- c:\programmi\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-13 18:14 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\programmi\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MULTIMEDIA KEYBOARD]
2002-07-23 00:55 167936 ----a-w- c:\programmi\Netropa\Multimedia Keyboard\MMKeybd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2006-06-27 15:21 1449984 ----a-w- c:\programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]
2005-04-26 03:22 589824 ----a-r- c:\programmi\VIA\RAID\raid_tool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-11-07 13:31 21633320 ----a-r- c:\programmi\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]
2003-05-05 07:57 143360 ----a-w- c:\programmi\Analog Devices\SoundMAX\SMTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2010-01-28 18:08 3037696 ----a-w- c:\programmi\Spyware Terminator\SpywareTerminatorUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [07/12/2009 23.41.03 6656]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [28/01/2010 19.07.57 142592]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\programmi\CheckPoint\ZAForceField\ISWKL.sys [27/10/2009 16.58.32 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\programmi\CheckPoint\ZAForceField\ISWSVC.exe [27/10/2009 16.58.58 476528]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/12/2009 1.09.43 691696]
S2 nhksrv;Netropa NHK Server;c:\programmi\Netropa\Multimedia Keyboard\nhksrv.exe [07/12/2009 23.41.03 28672]
S3 SQTECH930B;NX VEGA 300;c:\windows\system32\Drivers\Capt930b.sys --> c:\windows\system32\Drivers\Capt930b.sys [?]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [24/12/2009 15.24.16 9728]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\UNIVERSAL\Dati applicazioni\Mozilla\Firefox\Profiles\d5dh5kvx.default\
FF - prefs.js: browser.startup.homepage -
www.google.it---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-03 14:00
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(732)
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Ora fine scansione: 2010-02-03 14:03:07
ComboFix-quarantined-files.txt 2010-02-03 13:03
ComboFix2.txt 2010-02-02 19:20
ComboFix3.txt 2010-02-02 12:50
Pre-Run: 57.608.568.832 byte disponibili
Post-Run: 57.589.014.528 byte disponibili
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - E0FD23F36D81B46561C596B3262BC3CD