ComboFix 08-06-20.4 - Domenico 2008-06-26 12.03.59.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.993 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Domenico\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection\Bob and Bill adventures - Wild Hunting.lnk
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection\Crazy Blocks.lnk
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection\Lines.lnk
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection\The Battles Of Helicopters.lnk
C:\Documents and Settings\Domenico\Menu Avvio\Programmi\Adzgalore Games Collection\Video Pool.lnk
C:\Programmi\Adzgalore Games Collection
C:\Programmi\Adzgalore Games Collection\BattlesOfHelicopters.exe
C:\Programmi\Adzgalore Games Collection\BobAndBill.exe
C:\Programmi\Adzgalore Games Collection\CrazyBlocks.exe
C:\Programmi\Adzgalore Games Collection\Lines.exe
C:\Programmi\Adzgalore Games Collection\uninstall.exe
C:\Programmi\Adzgalore Games Collection\VideoPool.exe
C:\Programmi\Mozilla Firefox\components\nsBrowserGal.dll
C:\WINDOWS\recover.reg
C:\WINDOWS\system32\{261cfa41-7077-b829-e976-3fd275abd5d9}.dll
C:\WINDOWS\system32\adzgalore-remove.exe
C:\WINDOWS\system32\cpmsky-uninst.exe
.
((((((((((((((((((((((((( Files Creati Da 2008-05-26 al 2008-06-26 )))))))))))))))))))))))))))))))))))
.
2008-06-24 12:32 . 2008-06-24 12:32 89,070 --a------ C:\WINDOWS\system32\myss_sb_uninstall.exe
2008-06-24 12:32 . 2008-06-24 12:32 63,916 --a------ C:\WINDOWS\system32\{261cfa41-7077-b829-e976-3fd275abd5d9}.dll-uninst.exe
2008-06-23 16:54 . 2008-06-23 16:54 <DIR> d-------- C:\Programmi\Smart Movie Converter 3 45
2008-06-23 16:54 . 2008-06-23 16:54 <DIR> d-------- C:\Programmi\Lonely Cat Games
2008-06-23 15:41 . 2008-06-23 15:41 <DIR> d-------- C:\Programmi\Winamp Remote
2008-06-23 15:41 . 2008-06-23 15:42 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\OrbNetworks
2008-06-23 15:39 . 2008-06-23 15:42 <DIR> d-------- C:\Programmi\Winamp
2008-06-23 15:39 . 2008-06-23 19:14 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\Winamp
2008-06-21 10:22 . 2008-06-21 15:41 1,343,488 --a------ C:\WINDOWS\system\codecs.exe
2008-06-21 10:22 . 2008-06-21 10:22 357,376 --a------ C:\WINDOWS\system\gerenciador.exe
2008-06-21 10:22 . 2008-06-21 10:22 69,515 --a------ C:\WINDOWS\system\outlok.exe
2008-06-21 10:22 . 2008-06-21 10:22 60,416 --a------ C:\WINDOWS\system32\drivers\kodnkwnv.sys
2008-06-21 10:22 . 2008-06-21 10:22 6,622 --a------ C:\WINDOWS\system\regdaemon.cmd
2008-06-21 10:22 . 2008-06-21 10:22 2,453 --a------ C:\WINDOWS\system32\cleardel.reg
2008-06-21 10:22 . 2008-06-21 10:22 542 --a------ C:\WINDOWS\regdeamon2.reg
2008-06-21 10:22 . 2008-06-21 10:22 539 --a------ C:\WINDOWS\regdeamon.reg
2008-06-21 10:21 . 2008-06-21 10:22 <DIR> d-------- C:\daemon
2008-06-17 15:19 . 2008-06-17 15:19 <DIR> d-------- C:\Programmi\File comuni\PocketSoft
2008-06-17 15:19 . 2002-02-27 18:50 197,120 --a------ C:\WINDOWS\patchw32.dll
2008-06-17 15:16 . 2008-06-17 15:16 <DIR> d-------- C:\Programmi\Atari
2008-06-17 12:58 . 2008-06-17 12:58 <DIR> d-------- C:\Programmi\AeriaGames
2008-06-17 10:57 . 2008-06-17 15:12 <DIR> d-------- C:\Programmi\Your Uninstaller 2008
2008-06-17 10:57 . 2008-06-17 10:57 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\URSoft
2008-06-16 15:05 . 2008-06-16 15:05 <DIR> d-------- C:\Programmi\Xvid
2008-06-16 15:05 . 2007-06-28 18:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-06-16 13:52 . 2008-06-16 13:52 <DIR> d-------- C:\Programmi\Webteh
2008-06-16 13:52 . 2008-06-22 10:23 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\BSplayer Pro
2008-06-16 12:53 . 2008-06-16 12:53 <DIR> d-------- C:\Programmi\GSpot
2008-06-16 12:14 . 2008-06-16 12:22 <DIR> d-------- C:\divx
2008-06-16 12:09 . 2008-06-16 12:15 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\DivX
2008-06-16 12:08 . 2008-06-16 12:13 <DIR> d-------- C:\Programmi\DivX
2008-06-16 12:08 . 2008-03-21 22:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-06-16 12:08 . 2008-03-21 22:30 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-06-16 12:08 . 2008-03-21 22:30 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-06-16 12:08 . 2008-03-21 22:30 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-06-16 12:08 . 2008-03-21 22:30 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-06-15 16:38 . 2008-06-15 17:30 <DIR> d-------- C:\FIFA Soccer Manager
2008-06-15 16:30 . 2008-06-17 10:50 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-06-15 16:16 . 2008-06-15 16:16 <DIR> d-------- C:\Programmi\Managed DirectX (0901)
2008-06-15 02:46 . 2008-06-15 02:46 <DIR> d-------- C:\Programmi\Ludonic
2008-06-15 01:34 . 2008-06-15 01:34 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\Atari
2008-06-11 18:21 . 2008-06-11 18:21 <DIR> d-------- C:\Programmi\Babylon
2008-06-11 18:20 . 2008-06-13 13:14 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\Babylon
2008-06-11 18:20 . 2008-06-26 11:24 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Babylon
2008-06-09 13:14 . 2008-06-09 13:14 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SlySoft
2008-06-09 13:13 . 2008-06-09 13:14 24 ---hs---- C:\WINDOWS\S62AA4315.tmp
2008-06-09 13:10 . 2008-06-09 13:10 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\SlySoft
2008-06-09 13:10 . 2008-06-09 13:10 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\Elaborate Bytes
2008-06-09 13:09 . 2008-06-09 13:09 <DIR> d-------- C:\Programmi\Elaborate Bytes
2008-06-09 12:53 . 2008-06-09 13:14 <DIR> d-------- C:\Programmi\SlySoft
2008-05-30 15:30 . 2008-06-04 19:18 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\Touchstone
2008-05-30 15:00 . 2008-05-30 15:00 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-05-30 15:00 . 2008-05-30 15:00 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-05-30 15:00 . 2008-05-30 15:00 <DIR> d-------- C:\Programmi\AGEIA Technologies
2008-05-30 14:59 . 2008-06-04 19:19 120 --a------ C:\WINDOWS\disney.ini
2008-05-29 20:13 . 2008-06-26 12:04 <DIR> d--h----- C:\$AVG8.VAULT$
2008-05-29 14:05 . 2008-06-26 09:53 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-29 14:05 . 2008-06-02 12:23 <DIR> d-------- C:\Documents and Settings\Domenico\Dati applicazioni\AVGTOOLBAR
2008-05-29 14:05 . 2008-05-29 14:05 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-29 14:05 . 2008-05-29 14:05 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-29 14:04 . 2008-05-29 14:04 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\avg8
2008-05-28 17:20 . 2008-06-19 19:38 <DIR> d-------- C:\Programmi\PKR
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-26 10:10 --------- d-----w C:\Documents and Settings\Domenico\Dati applicazioni\Azureus
2008-06-25 10:14 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2008-06-24 20:26 --------- d-----w C:\Programmi\eMule
2008-06-24 10:25 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-06-22 17:18 --------- d-----w C:\Documents and Settings\Domenico\Dati applicazioni\BearShare
2008-06-22 14:46 --------- d-----w C:\Programmi\Ubisoft
2008-06-22 13:54 --------- d-----w C:\Documents and Settings\Domenico\Dati applicazioni\Canon
2008-06-20 09:37 --------- d-----w C:\Programmi\Azureus
2008-06-17 13:13 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-06-16 11:22 --------- d-----w C:\Programmi\CyberLink
2008-06-16 11:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
2008-06-16 08:45 230,432 ----a-w C:\StiImg.dat
2008-06-15 14:20 --------- d-----w C:\Programmi\VIRTUAL RC RACING
2008-06-08 15:59 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-05-24 12:57 --------- d-----w C:\Programmi\Windows Media Connect 2
2008-05-24 10:49 --------- d-----w C:\Programmi\CDex_170b2
2008-05-15 19:16 --------- d-----w C:\Programmi\Spyware Doctor
2008-05-15 18:08 9,016 ----a-w C:\Documents and Settings\Domenico\jnwfam.exe
2008-05-14 17:58 --------- d-----w C:\Programmi\ESET
2008-05-14 17:58 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\ESET
2008-05-13 15:32 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-05-13 15:32 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-05-13 15:26 --------- d-----w C:\Programmi\Nokia
2008-05-13 15:18 --------- d-----w C:\Programmi\File comuni\Nokia
2008-05-13 15:18 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-05-13 15:07 --------- d-----w C:\Programmi\Apple Software Update
2008-05-12 18:58 --------- d-----w C:\Programmi\Canon
2008-05-12 17:31 --------- d-----w C:\Programmi\ArcSoft
2008-05-11 19:54 --------- d-----w C:\Documents and Settings\Domenico\Dati applicazioni\Activision
2008-05-11 18:50 --------- d-----w C:\Programmi\Activision
2008-05-09 18:54 --------- d-----w C:\Documents and Settings\Domenico\Dati applicazioni\Ubisoft
2008-05-09 18:52 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Ubisoft
2008-05-08 20:38 --------- d-----w C:\Programmi\CANAL+
2008-05-07 20:18 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\BOONTY
2008-05-07 20:16 --------- d-----w C:\Programmi\BoontyGames
2008-05-07 20:15 --------- d-----w C:\Programmi\Boonty
2008-05-02 08:09 --------- d-----w C:\Programmi\microsoft frontpage
2008-05-01 16:12 --------- d-----w C:\Programmi\Trend Micro
2008-04-27 01:50 --------- d-----w C:\Programmi\KONAMI
2008-03-04 12:22 81,920 ----a-w C:\Documents and Settings\Domenico\Dati applicazioni\ezpinst.exe
2008-03-04 12:22 47,360 ----a-w C:\Documents and Settings\Domenico\Dati applicazioni\pcouffin.sys
2008-03-04 10:51 89 ----a-w C:\WINDOWS\system32\config\systemprofile\Del1E2D.bat
2008-03-04 10:51 89 ----a-w C:\Documents and Settings\Domenico\Del1E2D.bat
2008-03-04 10:51 89 ----a-w C:\Documents and Settings\Default User\Del1E2D.bat
2008-03-04 10:51 89 ----a-w C:\Documents and Settings\Administrator\Del1E2D.bat
2002-07-26 16:02 153,088 ----a-w C:\Programmi\UNWISE.EXE
.
------- Sigcheck -------
2007-12-07 03:40 825344 39ccda0e9b778792b06c1b9d794a9776 C:\WINDOWS\SoftwareDistribution\Download\
0b52ea9d716c5c579ab4f56b7346b126\sp2qfe\wininet.dll
2008-01-13 08:31 926720 4b4bf306f9fc0d2a33595ffef591c2a6 C:\WINDOWS\system32\wininet.dll
2008-01-13 22:33 360832 ea3d7525f41beb321c3f6e2162277e92 C:\WINDOWS\system32\drivers\tcpip.sys
2008-01-13 08:28 544256 e6f62282ebaa63ba07fa2dc7198b8d0d C:\WINDOWS\system32\winlogon.exe
2007-02-28 18:06 2185856 763ea08993b467a3af048ef185b1f805 C:\WINDOWS\SoftwareDistribution\Download\2aa8f55e8af02052cea14cdae13ee2d9\sp2qfe\ntoskrnl.exe
2005-03-02 20:12 2183296 c120a33c71e706545cf26d6276bc0344 C:\WINDOWS\SoftwareDistribution\Download\a514f3026154c5be0e6900e5f0b39396\sp2qfe\ntoskrnl.exe
2008-01-16 15:01 2155008 0b9146e4bdecebf8a16ccf5615f9a4bb C:\WINDOWS\system32\ntoskrnl.exe
2008-01-16 21:08 1618944 b749c7bd63c18c18b6448c574c4ab53b C:\WINDOWS\explorer.exe
2008-01-13 08:24 25088 40de117b6ccfc031d2dc8b73d82020cf C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-05-16_20.51.20.78 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-11 19:01:04 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-06-17 11:01:06 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-06-15 14:16:45 43,520 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-05-11 19:01:04 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-06-17 11:01:07 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-06-15 14:16:45 13,824 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-05-11 19:01:04 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-06-17 11:01:07 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-06-15 14:16:45 274,432 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-05-11 19:01:00 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:51 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:01 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:53 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:01 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:54 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:01 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:56 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:02 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:57 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:02 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:00:58 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:02 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:01:00 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:03 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:01:01 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:03 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:01:03 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:05 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-17 11:01:09 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-15 14:16:46 1,701,376 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-11 19:01:05 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-06-17 11:01:09 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-06-15 14:16:46 133,120 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-05-11 19:01:05 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-06-17 11:01:10 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-06-15 14:16:46 141,824 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-05-11 19:01:06 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-06-17 11:01:12 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-06-15 14:16:46 237,056 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-05-11 19:01:06 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-06-17 11:01:12 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-06-15 14:16:46 138,752 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-05-11 19:01:04 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-06-17 11:01:04 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-06-15 14:16:46 202,752 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.900.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-05-16 18:47:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-26 10:11:57 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-10-17 11:24:00 2,526,800 ----a-w C:\WINDOWS\Install_B4Playing.exe
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2008-06-24 10:32:15 63,916 ----a-w C:\WINDOWS\system32\{261cfa41-7077-b829-e976-3fd275abd5d9}.dll-uninst.exe
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
+ 2007-07-23 07:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
+ 2007-07-23 07:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
+ 2007-07-23 07:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
+ 2007-07-23 07:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
+ 2007-10-15 07:40:08 207,405 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin
+ 2007-10-15 07:40:10 122,249 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin
+ 2007-10-15 07:40:10 214,141 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin
+ 2007-10-25 06:29:50 114,505 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin
- 2008-04-26 10:29:09 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
+ 2008-05-30 13:29:34 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
+ 2008-05-30 23:22:46 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
+ 2008-05-30 23:22:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
+ 2008-05-30 23:22:46 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
+ 2008-05-30 23:22:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
+ 2008-05-30 23:22:48 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
+ 2008-05-22 22:19:12 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
+ 2008-05-22 22:22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
+ 2008-05-22 22:18:54 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
+ 2008-05-22 22:19:46 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-05-30 23:22:54 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
+ 2008-05-30 23:22:54 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
+ 2008-05-30 23:22:58 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
+ 2008-05-30 23:22:54 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
+ 2008-05-30 23:22:54 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
+ 2008-05-30 23:22:54 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
- 2008-03-08 12:55:32 26,952 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
+ 2008-05-29 12:05:07 26,184 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
+ 2007-08-07 19:48:33 25,160 ----a-w C:\WINDOWS\system32\drivers\ElbyCDIO.sys
+ 2005-04-12 08:41:20 4,608 ----a-w C:\WINDOWS\system32\drivers\ElbyDelay.sys
- 2005-04-15 08:58:18 20,176 ----a-r C:\WINDOWS\system32\drivers\pxhelp20.sys
+ 2008-03-21 20:30:04 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
+ 2007-09-13 05:43:00 120,320 -c--a-w C:\WINDOWS\system32\DRVSTORE\PhysX32_FFB51AAB1A2BF852A002A5B1138133BBA89337D4\physX32.sys
+ 2008-05-22 22:19:46 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
+ 2008-03-14 22:24:12 93,128 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
+ 2008-05-22 22:20:42 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
- 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-03-04 10:56:54 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-06-04 07:26:08 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-04-22 08:14:36 153,088 ----a-w C:\WINDOWS\system32\myss_sb.dll
- 2008-05-16 18:15:06 70,998 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-26 07:28:28 70,998 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-05-16 18:15:06 83,932 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-06-26 07:28:28 83,932 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2008-05-16 18:15:06 442,326 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-26 07:28:28 442,326 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-05-16 18:15:06 489,906 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-06-26 07:28:28 489,906 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-01-18 09:05:56 70,944 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
- 2005-04-15 08:58:02 491,520 ----a-r C:\WINDOWS\system32\px.dll
+ 2008-03-21 20:30:04 551,672 ------w C:\WINDOWS\system32\px.dll
+ 2008-03-21 20:30:04 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
- 2005-04-15 08:58:12 352,256 ----a-r C:\WINDOWS\system32\pxdrv.dll
+ 2008-03-21 20:30:04 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-03-21 20:30:06 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-03-21 20:30:04 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
- 2005-04-15 08:58:18 151,552 ----a-r C:\WINDOWS\system32\pxmas.dll
+ 2008-03-21 20:30:06 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2008-03-21 20:30:04 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
- 2005-04-15 08:58:22 286,720 ----a-r C:\WINDOWS\system32\pxwave.dll
+ 2008-03-21 20:30:06 379,640 ------w C:\WINDOWS\system32\pxwave.dll
+ 2008-05-22 22:22:18 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
+ 2008-05-22 22:20:42 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
- 2005-04-15 08:58:28 28,672 ----a-r C:\WINDOWS\system32\vxblock.dll
+ 2008-03-21 20:30:04 88,824 ------w C:\WINDOWS\system32\vxblock.dll
+ 2007-10-17 17:23:24 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
- 2007-04-28 13:54:36 593,920 ----a-w C:\WINDOWS\system32\xvidcore.dll
+ 2007-06-28 16:52:18 765,952 ----a-w C:\WINDOWS\system32\xvidcore.dll
- 2006-11-01 13:54:30 180,224 ----a-w C:\WINDOWS\system32\xvidvfw.dll
+ 2007-06-28 16:54:10 180,224 ----a-w C:\WINDOWS\system32\xvidvfw.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6156A32A-C512-4e23-AA9A-2315F4265681}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-13 08:24 25088]
"Sidebar"="C:\Programmi\Windows Sidebar\sidebar.exe" [2007-08-29 23:24 1233408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-10-23 15:18 202024]
"TaskTray"="C:\Programmi\Creative\SBAudigy\TaskBar\CTLTray.exe" [2001-06-29 02:00 163840]
"TaskBar"="C:\Programmi\Creative\SBAudigy\TaskBar\CTLTask.exe" [2002-05-08 02:00 122880]
"MsnMsgr"="C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"LaunchList"="C:\Programmi\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 16:41 145496]
"DAEMON Tools Lite"="C:\Programmi\DAEMON Tools Lite\daemon.exe" [2008-03-14 13:55 486856]
"E08IXLRD_22203906"="C:\Programmi\Microsoft Encarta\Microsoft Encarta 2008 - Premium DVD\EDICT.EXE" [2007-06-12 15:09 351000]
"Netlog 24"="C:\Programmi\Netlog 24\Notifier\Netlog24Notifier.exe" [ ]
"Orb"="C:\Programmi\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904]
"PC Suite Tray"="C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 11:12 695808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-07-13 09:34 8466432]
"nwiz"="nwiz.exe" [2007-07-13 09:34 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-07-13 09:34 81920]
"UnlockerAssistant"="C:\Programmi\Unlocker\UnlockerAssistant.exe" [2006-09-07 14:19 15872]
"SMSERIAL"="sm56hlpr.exe" [2004-12-29 08:01 544768 C:\WINDOWS\sm56hlpr.exe]
"CTHelper"="CTHELPER.EXE" [2002-07-02 11:56 24576 C:\WINDOWS\system32\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 13:32 19968 C:\WINDOWS\system32\Ctxfihlp.exe]
"GrooveMonitor"="C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
"WireLessKeyboard"="C:\Programmi\Nortek Keyboard Application\PS2USBKbdDrv.exe" [2005-10-11 17:43 647168]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 11:56 24576 C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]
"Jet Detection"="C:\Programmi\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-11-29 02:00 28672]
"CTStartup"="C:\Programmi\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 02:00 28672]
"MaxtorOneTouch"="C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe" [2006-03-27 16:04 712704]
"mxomssmenu"="C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe" [2005-10-17 17:24 81920]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"USBToolTip"="C:\Programmi\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2006-10-16 14:50 202312]
"BluetoothAuthenticationAgent"="bthprops.cpl,,BluetoothAuthenticationAgent" []
"Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 19:41 57344]
"BtTray"="C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe" [2007-09-10 12:08 258134]
"SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14 155648]
"OpwareSE4"="C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19 69632]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"PKR Pal"="C:\Programmi\PKR\pkrpal.exe" [2008-06-19 19:38 2273896]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-29 14:05 1177368]
"Babylon Client"="C:\Programmi\Babylon\Babylon-Pro\Babylon.exe" [2008-03-11 09:23 3551456]
"WinampAgent"="C:\Programmi\Winamp\winampa.exe" [2008-01-16 00:54 37376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-01-13 08:24 25088]
"Sidebar"="C:\Programmi\Windows Sidebar\sidebar.exe" [2007-08-29 23:24 1233408]
"Nokia.PCSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]
"msnmsgr"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="regsvr32" []
"nltide_3"="advpack.dll" [2008-01-13 06:48 124928 C:\WINDOWS\system32\advpack.dll]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2008-03-30 23:09:50 212992]
Google Updater.lnk - C:\Programmi\Google\Google Updater\GoogleUpdater.exe [2008-03-19 17:21:40 125624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"msacm.ctmp3"= C:\WINDOWS\system32\ctmp3.acm
"VIDC.MJPG"= Pvmjpg30.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerTranslator Pro OLR]
--a------ 2004-09-29 10:46 49152 C:\PROGRA~1\BVRPSO~1\POWERT~1\BVRPOlr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Azureus\\Azureus.exe"=
"C:\\Programmi\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmi\\File comuni\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
"C:\\Programmi\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"C:\\Programmi\\AeriaGames\\Project Torque\\ProjectTorque.bin"=
"C:\\Programmi\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Programmi\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Programmi\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-29 14:05]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-29 14:04]
R2 BlueSoleilCS;BlueSoleilCS;C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-14 10:44]
R3 BsHelpCS;BsHelpCS;C:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 16:58]
R3 PAC207;NX-Vega;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-01-25 16:20]
R3 usbstor;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Programmi\CyberLink\PowerDVD\
000.fcl []
S3 kbeepm;kbeepm;C:\DOCUME~1\Domenico\IMPOST~1\Temp\kbeepm.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17]
S3 usb_rndis;Pirelli Alice Gate W2+ USB;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-04 00:04]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S4 Boonty Games;Boonty Games;"C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\Shell\AutoRun\command - L:\DATA\AUTORUN\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b3ccaaa-2d9c-11dd-8082-001a9234d867}]
\Shell\auto\command - R:\Knight.exe open
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
\Shell\explore\command - R:\Knight.exe open
\Shell\find\command - R:\Knight.exe open
\Shell\install\command - R:\Knight.exe open
\Shell\open\command - R:\Knight.exe open
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenuto della cartella 'Scheduled Tasks'
"2008-06-24 09:07:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe
"2008-06-26 09:38:00 C:\WINDOWS\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-26 12:12:18
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = C:\Programmi\Creative\Splash Screen\CTEaxSpl.EXE /run??????????????st????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&2?T???\???????????\???\???????t???E?9~u?9~\???\?????????d?L????C@?\???\??????s????\??????s\????&2?A??s?&2??C@?x???`|?w\?????@
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\C:\Programmi\CyberLink\PowerDVD\
000.fcl"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Maxtor\OneTouch\Utils\SyncServices.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PAStiSvc.exe
C:\Programmi\UPHClean\uphclean.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
C:\Programmi\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Ora fine scansione: 2008-06-26 12:17:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-26 10:17:55
ComboFix2.txt 2008-05-17 13:26:05
ComboFix3.txt 2008-05-16 18:51:33
11 Directory 65,081,298,944 byte disponibili
15 Directory 65,555,423,232 byte disponibili
470