ciao luke57 il pc diciamo che sta molto meglio ora ti allego il log che mi si e creato
ComboFix 09-01-07.02 - xp 2009-01-08 20:49:51.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.502.288 [GMT 1:00]
Eseguito da: c:\documents and settings\xp\desktop\abc.exe
Interruttori di comando utilizzati :: /killall
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\xp\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk
c:\programmi\Antivirus 2009
c:\programmi\Microsoft Common
c:\programmi\Microsoft Common\svchost.exe
c:\windows\system32\dihjoixk.dll
c:\windows\system32\drivers\TDSSpqlt.sys
c:\windows\system32\drivers\tdssserv.sys
c:\windows\system32\ewbpipgt.dll
c:\windows\system32\gcmqpk.dll
c:\windows\system32\HghNonnn.ini
c:\windows\system32\HghNonnn.ini2
c:\windows\system32\mlJCRkhg.dll
c:\windows\system32\nnnoNhgH.dll
c:\windows\system32\rwhbfb873unjdfdg.dll
c:\windows\system32\scui.cpl
c:\windows\system32\TDSShrxx.dll
c:\windows\system32\TDSSlxcp.dll
c:\windows\system32\TDSSmtvd.dat
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSoeqh.log
c:\windows\system32\TDSSoiqt.dll
c:\windows\system32\TDSSpaxt.log
c:\windows\system32\TDSSsahc.dll
c:\windows\system32\TDSSvkql.dll
c:\windows\system32\TDSSxfmm.dll
c:\windows\system32\tgpipbwe.ini
----- BITS: Sites possivelmente infetados -----
hxxp://www.dapsp.com.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSserv.sys
-------\Legacy_TDSSserv.sys
((((((((((((((((((((((((( Files Creati Da 2008-12-08 al 2009-01-08 )))))))))))))))))))))))))))))))))))
.
2009-01-08 20:09 . 2009-01-08 20:10 <DIR> d-------- C:\32788R22FWJFW
2009-01-08 19:27 . 2009-01-08 19:27 67 --a------ C:\temp.bat
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\WINDOWS
2009-01-08 11:50 . 2006-01-17 10:25 <DIR> d--h----- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Risorse di stampa
2009-01-08 11:50 . 2007-01-10 11:37 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Risorse di rete
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> dr------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Preferiti
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d--h----- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Modelli
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> dr------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Menu Avvio
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d--h----- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Impostazioni locali
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> dr------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Documenti
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Dati applicazioni\toshiba
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Dati applicazioni\Sonic
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Dati applicazioni\ATI
2009-01-08 11:50 . 2006-06-07 22:48 <DIR> dr-h----- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9\Dati applicazioni
2009-01-08 11:50 . 2009-01-08 11:52 <DIR> d-------- c:\documents and settings\Administrator.YOUR-FF0EBBA6E9
2009-01-07 19:56 . 2009-01-07 19:56 40,960 --a------ c:\windows\system32\system32xp.exe
2009-01-07 19:56 . 2009-01-07 19:56 40,960 --a------ c:\windows\Mdazebin.dll
2009-01-07 19:55 . 2009-01-07 19:55 85,504 --a------ c:\windows\system32\svñshost.exe
2009-01-07 17:48 . 2009-01-07 20:22 0 --a------ c:\windows\system32\drivers\d6f2cbde.sys
2009-01-07 17:47 . 2009-01-07 17:47 705 --a------ C:\rasj.exe
2009-01-04 21:18 . 2009-01-04 21:22 <DIR> d-------- c:\programmi\myBabylon
2009-01-02 16:02 . 2009-01-02 16:03 <DIR> d--h----- c:\programmi\Zero G Registry
2009-01-02 16:02 . 2009-01-02 16:02 <DIR> d--h----- c:\documents and settings\xp\InstallAnywhere
2009-01-02 15:59 . 2009-01-02 15:59 <DIR> d-------- c:\documents and settings\xp\Dati applicazioni\Sports Interactive
2008-12-29 13:30 . 2008-12-29 13:30 <DIR> d-------- c:\programmi\VDOWNLOADER
2008-12-25 20:05 . 2008-12-25 21:11 <DIR> d-------- c:\documents and settings\xp\Dati applicazioni\Nikon
2008-12-25 20:00 . 2008-12-25 20:00 <DIR> d-------- c:\programmi\File comuni\muvee Technologies
2008-12-25 20:00 . 2008-12-25 20:00 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nikon
2008-12-25 19:59 . 2008-12-25 19:59 <DIR> d-------- c:\programmi\Nikon
2008-12-25 19:59 . 2008-12-25 19:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Ultima_T15
2008-12-25 19:59 . 2008-12-25 19:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\EnterNHelp
2008-12-25 19:59 . 2008-12-26 20:35 20 ---h----- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2008-12-25 19:56 . 2008-12-25 21:11 <DIR> d-------- c:\programmi\File comuni\Nikon
2008-12-25 18:45 . 2008-12-25 18:45 <DIR> d-------- c:\programmi\iTunes
2008-12-25 18:45 . 2008-12-25 18:45 <DIR> d-------- c:\programmi\iPod
2008-12-25 18:45 . 2008-12-25 18:45 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-25 18:43 . 2008-12-25 18:43 <DIR> d-------- c:\programmi\Bonjour
2008-12-25 18:41 . 2008-12-25 18:42 <DIR> d-------- c:\programmi\QuickTime
2008-12-23 20:44 . 2008-12-23 20:45 <DIR> d-------- c:\programmi\Alice ti aiuta
2008-12-23 20:43 . 2008-12-23 20:43 <DIR> d-------- c:\programmi\Telecom Italia
2008-12-23 20:09 . 2008-12-30 16:14 <DIR> d-------- c:\documents and settings\xp\Dati applicazioni\BearShare
2008-12-23 15:41 . 2008-12-23 20:09 <DIR> d-------- c:\programmi\eMule
2008-12-23 13:39 . 2008-12-23 13:39 61,440 --a------ c:\windows\system32\drivers\rsbh.sys
2008-12-23 12:45 . 2009-01-08 13:40 <DIR> d-------- C:\ComboFix
2008-12-23 11:40 . 2008-12-23 11:40 61,440 --a------ c:\windows\system32\drivers\pfqrm.sys
2008-12-20 18:49 . 2008-12-20 18:49 <DIR> d-------- c:\programmi\BassPower
2008-12-16 11:06 . 2008-12-16 11:06 <DIR> d-------- c:\programmi\Crave Entertainment
2008-12-14 18:05 . 2008-12-14 18:05 <DIR> d-------- c:\documents and settings\xp\Dati applicazioni\Malwarebytes
2008-12-14 18:05 . 2008-12-14 18:05 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-12-13 13:08 . 2008-12-13 13:08 <DIR> d-------- c:\programmi\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-08 18:27 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-01-08 18:27 --------- d-----w c:\programmi\Sonic
2009-01-08 14:57 --------- d-----w c:\programmi\ArcSoft
2009-01-08 12:18 6,656 ----a-w c:\windows\system32\drivers\aec.sys
2009-01-07 17:07 --------- d-----w c:\programmi\Pinnacle
2009-01-07 16:49 6,656 ----a-w c:\windows\system32\drivers\asyncmac.sys
2009-01-07 16:21 --------- d-----w c:\documents and settings\xp\Dati applicazioni\Azureus
2009-01-04 20:55 --------- d-----w c:\programmi\vanBasco's Karaoke Player
2008-12-29 10:17 --------- d-----w c:\programmi\Google
2008-12-25 18:01 --------- d-----w c:\programmi\Apple Software Update
2008-12-23 19:45 --------- d-----w c:\programmi\Motive
2008-12-14 20:52 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2008-12-05 19:19 --------- d-----w c:\programmi\Vuze
2008-11-16 19:04 230,432 ----a-w C:\SPC220NC.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-12-14_17.44.23.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-26 13:43:23 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-12-16 10:28:37 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-10-26 13:43:23 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-12-16 10:28:38 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-10-26 13:43:24 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-12-16 10:28:38 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-12-16 10:28:38 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-10-26 13:43:26 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-12-16 10:28:39 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-10-26 13:43:27 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-12-16 10:28:39 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-10-26 13:43:28 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-12-16 10:28:39 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-10-26 13:43:28 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-12-16 10:28:40 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-10-26 13:43:21 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-12-16 10:28:37 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-12-29 10:18:11 26,694 ----a-r c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 2008-12-25 17:46:38 102,400 ----a-r c:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
+ 2008-12-25 17:24:00 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2008-12-25 17:43:35 86,016 ----a-r c:\windows\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe
- 2008-11-12 22:37:29 593,920 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-12-14 21:24:43 593,920 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-12 22:37:29 12,288 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-12-14 21:24:43 12,288 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-12 22:37:29 86,016 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-12-14 21:24:43 86,016 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-12 22:37:28 135,168 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-12-14 21:24:43 135,168 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-12 22:37:29 11,264 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-12-14 21:24:43 11,264 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-12 22:37:29 27,136 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-12-14 21:24:43 27,136 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-12 22:37:29 4,096 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-12-14 21:24:43 4,096 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-12 22:37:29 794,624 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-12-14 21:24:43 794,624 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-12 22:37:29 249,856 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-12-14 21:24:43 249,856 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-12 22:37:29 61,440 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-12-14 21:24:43 61,440 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-12 22:37:29 23,040 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-12-14 21:24:43 23,040 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-12 22:37:28 286,720 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-12-14 21:24:43 286,720 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-12 22:37:28 409,600 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-14 21:24:43 409,600 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-25 19:00:38 8,854 ----a-r c:\windows\Installer\{E9757890-7EC5-46C8-99AB-B00F07B6525C}\New_Shortcut_E97578907EC546C899ABB00F07B6525C_1.exe
+ 2008-12-25 19:00:38 450,560 ----a-r c:\windows\Installer\{E9757890-7EC5-46C8-99AB-B00F07B6525C}\NewShortcut2_E97578907EC546C899ABB00F07B6525C.exe
+ 2008-12-25 19:00:39 450,560 ----a-r c:\windows\Installer\{E9757890-7EC5-46C8-99AB-B00F07B6525C}\NewShortcut3_E97578907EC546C899ABB00F07B6525C.exe
+ 2005-03-18 16:23:14 567,296 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
- 2003-11-21 14:48:58 106,496 ----a-w c:\windows\system32\atl71.dll
+ 2008-12-25 18:59:14 106,496 ----a-w c:\windows\system32\ATL71.DLL
- 2008-08-20 05:32:29 1,024,000 ----a-w c:\windows\system32\browseui.dll
+ 2008-10-16 10:22:44 1,024,000 ----a-w c:\windows\system32\browseui.dll
- 2008-08-20 05:32:25 151,552 ----a-w c:\windows\system32\cdfview.dll
+ 2008-10-16 10:22:34 151,552 ----a-w c:\windows\system32\cdfview.dll
- 2007-01-10 10:32:54 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-08 19:48:06 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2007-01-10 10:32:54 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2009-01-08 19:48:06 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2007-01-10 10:32:54 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-08 19:48:06 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2005-03-18 16:19:58 2,337,488 ----a-w c:\windows\system32\d3dx9_25.dll
- 2008-08-20 05:32:26 1,056,256 ----a-w c:\windows\system32\danim.dll
+ 2008-10-16 10:22:36 1,056,256 ----a-w c:\windows\system32\danim.dll
+ 2004-08-19 11:00:00 4,224 -c--a-w c:\windows\system32\dllcache\beep.sys
- 2008-08-20 05:32:29 1,024,000 -c----w c:\windows\system32\dllcache\browseui.dll
+ 2008-10-16 10:22:44 1,024,000 -c--a-w c:\windows\system32\dllcache\browseui.dll
- 2008-08-20 05:32:25 151,552 -c----w c:\windows\system32\dllcache\cdfview.dll
+ 2008-10-16 10:22:34 151,552 -c--a-w c:\windows\system32\dllcache\cdfview.dll
- 2008-08-20 05:32:26 1,056,256 -c----w c:\windows\system32\dllcache\danim.dll
+ 2008-10-16 10:22:36 1,056,256 -c--a-w c:\windows\system32\dllcache\danim.dll
- 2008-08-20 05:32:26 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 10:22:36 357,888 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:32:26 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 10:22:36 205,312 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:32:26 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 10:22:36 55,808 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:50:40 282,624 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 12:59:54 283,648 -c--a-w c:\windows\system32\dllcache\gdi32.dll
- 2008-08-19 09:38:57 18,432 -c----w c:\windows\system32\dllcache\iedw.exe
+ 2008-10-15 14:18:21 18,432 -c--a-w c:\windows\system32\dllcache\iedw.exe
- 2008-08-20 05:32:26 251,904 -c----w c:\windows\system32\dllcache\iepeers.dll
+ 2008-10-16 10:22:37 251,904 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-08-20 05:32:26 96,768 -c----w c:\windows\system32\dllcache\inseng.dll
+ 2008-10-16 10:22:37 96,768 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2008-08-20 05:32:29 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 10:22:42 16,384 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-06-10 08:17:42 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2008-08-20 05:32:31 3,088,384 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-12 17:28:49 3,088,384 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:32:29 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 10:22:42 449,024 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-20 05:32:26 146,432 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 10:22:37 146,432 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:32:27 532,480 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 10:22:38 532,480 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-20 05:32:27 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 10:22:38 39,424 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-08-20 05:32:28 1,499,648 -c----w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-10-16 10:22:40 1,499,648 -c--a-w c:\windows\system32\dllcache\shdocvw.dll
- 2008-08-20 05:32:29 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-10-16 10:22:43 474,624 -c--a-w c:\windows\system32\dllcache\shlwapi.dll
- 2006-08-24 12:19:52 246,814 -c----w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:48 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-20 05:32:30 620,032 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 10:22:44 620,032 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-20 05:32:28 670,208 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 10:22:41 670,208 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-06-10 10:37:02 1,026,048 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-12-07 06:40:49 2,362,184 -c----w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-10 10:57:40 2,364,472 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-08-29 09:18:58 87,336 ----a-w c:\windows\system32\dns-sd.exe
+ 2008-08-29 08:53:50 61,440 ----a-w c:\windows\system32\dnssd.dll
- 2006-09-19 13:44:04 15,664 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2008-04-17 12:12:54 15,464 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
- 2007-10-31 13:09:14 30,464 ----a-w c:\windows\system32\drivers\usbaapl.sys
+ 2008-11-07 13:23:30 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
+ 2008-04-17 12:12:54 107,368 -c--a-w c:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
+ 2008-04-17 12:12:54 15,464 -c--a-w c:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
+ 2008-11-07 13:23:30 32,000 -c--a-w c:\windows\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys
- 2008-08-20 05:32:26 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 10:22:36 357,888 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:32:26 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 10:22:36 205,312 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-20 05:32:26 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 10:22:36 55,808 ----a-w c:\windows\system32\extmgr.dll
- 2008-10-26 14:50:02 398,344 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-01-08 19:46:36 384,016 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:50:40 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:59:54 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2006-10-03 18:47:52 109,360 ----a-w c:\windows\system32\GEARAspi.dll
+ 2008-04-17 12:12:54 107,368 ----a-w c:\windows\system32\GEARAspi.dll
- 2008-08-20 05:32:26 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2008-10-16 10:22:37 251,904 ----a-w c:\windows\system32\iepeers.dll
- 2008-08-20 05:32:26 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2008-10-16 10:22:37 96,768 ----a-w c:\windows\system32\inseng.dll
- 2008-08-20 05:32:29 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 10:22:42 16,384 ----a-w c:\windows\system32\jsproxy.dll
- 2004-08-10 20:46:46 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-10 08:17:42 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2008-02-29 21:08:26 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-01-08 12:10:22 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2003-03-19 12:28:40 2,179,072 ----a-w c:\windows\system32\mfc71d.dll
+ 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\system32\mfc80.dll
+ 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\system32\mfc80u.dll
+ 2006-12-01 23:25:58 69,632 ----a-w c:\windows\system32\mfcm80.dll
+ 2006-12-01 23:26:00 57,856 ----a-w c:\windows\system32\mfcm80u.dll
- 2008-08-20 05:32:31 3,088,384 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:28:49 3,088,384 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-20 05:32:29 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 10:22:42 449,024 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-20 05:32:26 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 10:22:37 146,432 ----a-w c:\windows\system32\msrating.dll
- 2008-08-20 05:32:27 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 10:22:38 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2006-12-01 21:54:32 479,232 ----a-w c:\windows\system32\msvcm80.dll
+ 2003-03-19 11:04:24 765,952 ----a-w c:\windows\system32\msvcp71d.dll
+ 2006-12-01 21:54:34 548,864 ----a-w c:\windows\system32\msvcp80.dll
+ 2003-03-19 11:03:52 544,768 ----a-w c:\windows\system32\msvcr71d.dll
+ 2006-12-01 21:54:32 626,688 ----a-w c:\windows\system32\msvcr80.dll
- 2008-08-20 05:32:27 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 10:22:38 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2007-10-31 13:09:14 30,464 ----a-w c:\windows\system32\ReinstallBackups\
0012\DriverFiles\usbaapl.sys
+ 2008-12-23 19:10:47 120,484 ----a-w c:\windows\system32\Restore\rstrlog.dat
- 2008-08-20 05:32:28 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-10-16 10:22:40 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-08-20 05:32:29 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-10-16 10:22:43 474,624 ----a-w c:\windows\system32\shlwapi.dll
- 2008-07-08 13:06:04 18,808 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:40 18,808 ----a-w c:\windows\system32\spmsg.dll
- 2006-08-24 12:19:52 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:15:48 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-07-14 11:09:18 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ----a-w c:\windows\system32\tzchange.exe
- 2008-08-20 05:32:30 620,032 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 10:22:44 620,032 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-20 05:32:28 670,208 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 10:22:41 670,208 ----a-w c:\windows\system32\wininet.dll
+ 2004-08-03 22:59:10 311,808 ----a-w c:\windows\system32\winsystems.dll
- 2004-08-10 23:41:04 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-10 10:37:02 1,026,048 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-12-07 06:40:49 2,362,184 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-10 10:57:40 2,364,472 ----a-w c:\windows\system32\WMVCore.dll
- 2008-08-19 09:51:43 367,104 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-10-15 19:05:30 367,104 ----a-w c:\windows\system32\xpsp3res.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "c:\programmi\myBabylon\tbmyB0.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "c:\programmi\myBabylon\tbmyB0.dll" [2008-02-14 1555480]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{34EA1C70-42CC-42C5-AA29-EC58B95A343E}"= "c:\programmi\myBabylon\tbmyB0.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"LaunchList"="c:\programmi\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496]
"PcSync"="c:\programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-08-26 860160]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-12-17 761945]
"THotkey"="c:\programmi\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 352256]
"Tvs"="c:\programmi\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
"SmoothView"="c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-10-06 122940]
"IntelZeroConfig"="c:\programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]
"IntelWireless"="c:\programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"DataLayer"="c:\programmi\File comuni\PCSuite\DataLayer\DataLayer.exe" [2005-09-06 820736]
"PCSuiteTrayApplication"="c:\programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2005-06-29 176128]
"Monitor"="c:\windows\Philips\SPC220NC\Monitor.exe" [2006-11-03 319488]
"TomTomHOME.exe"="c:\programmi\TomTom HOME\TomTomHOME.exe" [2008-04-01 3976528]
"PWRISOVM.EXE"="c:\programmi\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 c:\windows\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 c:\windows\agrsmmsg.exe]
"TPSMain"="TPSMain.exe" [2005-08-04 c:\windows\system32\TPSMain.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"TFncKy"="TFncKy.exe" [BU]
"TDispVol"="TDispVol.exe" [2005-09-16 c:\windows\system32\TDispVol.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\xp\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2008-12-23 212992]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-12-07 1744896]
Controllo del Calendario di Ulead Photo Express.lnk - c:\programmi\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2007-07-20 69632]
Nikon Monitor.lnk - c:\programmi\File comuni\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]
Tasto di scelta rapida per l'avvio di AutoCAD.lnk - c:\programmi\File comuni\Autodesk Shared\acstart17.exe [2006-03-05 11000]
TrayMin220.lnk - c:\programmi\Philips\Philips SPC220NC Webcam\TrayMin220.exe [2008-03-07 278528]
Ulead Photo Express SE Calendar Checker.lnk - c:\programmi\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe [2007-07-14 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
"VIDC.MJPX"= PICVideo MJPEG Codec
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 c:\windows\system32\nnnoNhgH
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\Toshiba\\ConfigFree\\CFXFER.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\BearShare Applications\\BearShare\\BearShare.exe"=
S1 d6f2cbde;d6f2cbde;c:\windows\system32\drivers\d6f2cbde.sys [2009-01-07 0]
S3 SPC220NC;Philips SPC220NC Webcam;c:\windows\system32\drivers\SPC220NC.SYS [2008-03-07 507136]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b9f8fce-3ec5-11dd-b7c2-00037ae056f8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com q:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ceaa989a-84f4-11dd-b815-00037ae056f8}]
\shell\autorun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
\shell\explore\command - F:\system.exe
\shell\open\command - F:\system.exe
.
Contenuto della cartella 'Scheduled Tasks'
2008-12-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORFÃOS REMOVIDOS - - - -
BHO-{36991B5E-CC44-49E5-92A7-4E53D71A196A} - c:\windows\system32\nnnoNhgH.dll
BHO-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\mlJCRkhg.dll
BHO-{C5BF49A2-94F3-42BD-F434-3604812C8955} - c:\windows\system32\rwhbfb873unjdfdg.dll
WebBrowser-{6AFA4CEB-530B-4E23-8D4E-127348CC1D0C} - (no file)
SharedTaskScheduler-{C5BF49A2-94F3-42BD-F434-3604812C8955} - c:\windows\system32\rwhbfb873unjdfdg.dll
ShellExecuteHooks-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\mlJCRkhg.dll
.
------- Supplementare di scansione -------
.
uStart Page =
hxxp://google.comuSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/iemDefault_Search_URL =
hxxp://www.google.com/ieuInternet Settings,ProxyOverride = *.local
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
mSearchAssistant =
hxxp://www.google.com/ieIE: &Windows Live Search - c:\programmi\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: Apri in nuova scheda in primo piano - c:\programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1287d277d0644f5abb9c9c6152e2a365
IE: Apri in nuova scheda in secondo piano - c:\programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1287d277d0644f5abb9c9c6152e2a365
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-08 20:58:44
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,71,bc,c0,40,6d,\
78,3f,22,e2,63,26,f1,3f,c8,ff,68,49,eb,f8,2f,34,1e,61,fe,e2,63,26,f1,3f,c8,\
ff,68,53,49,fc,e2,59,99,60,cd,c8,28,51,af,b0,29,a3,98,1c,20,5d,11,83,d0,d5,\
07,28,42,e5,e4
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,7b,0f,fa,65,62,\
1f,6a,04,6a,9c,d6,61,af,45,84,18,a7,73,7c,fd,c6,14,ea,46,6a,9c,d6,61,af,45,\
84,18,6a,3a,db,78,5c,aa,c5,99,6a,9c,d6,61,af,45,84,18,83,1f,14,18,b0,5e,12,\
93,33,8a,08,e6
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,9e,d8,e8,1b,61,\
f3,6a,13,ff,7c,85,e0,43,d4,0e,fe,9d,67,92,05,fe,68,03,7c,ff,7c,85,e0,43,d4,\
0e,fe,f6,50,4b,12,7f,c0,8b,df,25,da,ec,7e,55,20,c9,26,3f,14,26,32,77,5c,f9,\
9f,14,e4,7d,df
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,af,f4,ea,cb,4f,\
5e,b5,14,86,8c,21,01,be,91,eb,e7,b9,dd,e9,d2,b7,a3,ab,06,86,8c,21,01,be,91,\
eb,e7,52,d6,ea,66,e5,66,ae,84,3e,1e,9e,e0,57,5a,93,61,2e,f7,0f,47,9b,f0,91,\
93,ce,68,e4,ef
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,4f,a1,aa,43,e3,\
5d,9d,c2,f5,1d,4d,73,a8,13,5c,05,4c,da,6e,a2,17,17,06,3e,f5,1d,4d,73,a8,13,\
5c,05,a4,f3,69,b4,6e,df,09,91,f5,1d,4d,73,a8,13,5c,05,37,7b,4e,0e,27,4c,54,\
b2,4b,45,77,0d
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,10,f5,f7,d0,32,\
77,72,d9,df,20,58,62,78,6b,cf,c8,28,87,ec,0c,74,64,7b,96,df,20,58,62,78,6b,\
cf,c8,af,4a,d5,6d,14,ed,bb,d2,b0,18,ed,a7,3f,8d,37,a4,dd,fd,2a,0e,12,21,d8,\
bf,b4,67,27,fa
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,5c,31,64,fd,4e,\
74,f7,d0,fb,a7,78,e6,12,2f,9a,ea,5b,1d,1d,e7,e5,cc,ac,3e,fb,a7,78,e6,12,2f,\
9a,ea,8d,28,6e,d2,c2,f5,1e,3c,97,20,4e,9a,c7,f1,35,ee,de,2d,a3,2f,e1,a8,2f,\
86,de,cb,6f,07
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,ae,f5,b8,91,5c,\
e0,44,d3,01,3a,48,fc,e8,04,4a,f1,e0,66,46,b3,b8,5c,0b,06,01,3a,48,fc,e8,04,\
4a,f1,fa,b9,8d,86,3e,c6,4f,53,83,6c,56,8b,a0,85,96,ab,2b,07,69,4c,ac,da,7d,\
09,af,1c,5f,cf
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,6c,c3,3a,b4,28,\
2d,5b,93,f6,0f,4e,58,98,5b,89,c9,19,17,e0,58,67,19,97,84,f6,0f,4e,58,98,5b,\
89,c9,48,f2,72,34,81,21,96,70,51,fa,6e,91,28,9e,14,cc,1f,f5,39,c7,a0,e1,6c,\
3b,44,62,ea,48
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,c4,1e,49,0b,2a,\
7e,d9,b2,3d,ce,ea,26,2d,45,aa,78,9e,41,96,79,1a,ae,9c,44,3d,ce,ea,26,2d,45,\
aa,78,d5,31,7d,cc,6f,3a,90,9a,b1,cd,45,5a,a8,c4,f8,b9,f0,8b,bc,8a,05,92,1e,\
a5,7a,2b,f4,a3
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,e1,f1,7e,47,2b,\
56,23,26,2a,b7,cc,b5,b9,7f,41,e7,66,1c,38,26,ca,b1,9c,05,2a,b7,cc,b5,b9,7f,\
41,e7,78,76,7f,a4,dc,e8,ef,49,2a,b7,cc,b5,b9,7f,41,e7,38,a5,6d,93,90,b5,3d,\
c5,50,0b,ec,1b
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,1d,59,b8,42,8f,\
c7,9e,04,6c,43,2d,1e,aa,22,2f,9c,b7,3e,07,77,59,ce,05,b9,6c,43,2d,1e,aa,22,\
2f,9c,d4,f8,5c,0d,86,57,ea,33,6c,43,2d,1e,aa,22,2f,9c,95,ff,ea,8b,60,80,3d,\
b4,f7,32,3a,42
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*NULL*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(1200)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Toshiba\ConfigFree\CFSvcs.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\Toshiba\TOSHIBA Applet\TAPPSRV.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\programmi\Synaptics\SynTP\Toshiba.exe
c:\programmi\Toshiba\ConfigFree\NDSTray.exe
c:\windows\system32\TPSBattM.exe
c:\programmi\Toshiba\TOSHIBA Controls\TFncKy.exe
c:\progra~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\progra~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
c:\programmi\Alice ti aiuta\bin\mpbtn.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\programmi\iPod\bin\iPodService.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
.
**************************************************************************
.
Ora fine scansione: 2009-01-08 21:06:04 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2009-01-08 20:06:00
ComboFix2.txt 2008-12-14 16:47:48
Pre-Run: 38,354,788,352 byte disponibili
Post-Run: 40,758,288,384 byte disponibili
562 --- E O F --- 2008-12-18 15:18:41