così?
ComboFix 09-07-07.A9 - Lola 08/07/2009 17.49.54.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1022.641 [GMT 2:00]
Eseguito da: c:\documents and settings\Lola\Desktop\Combofix\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090707-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Lola\Dati applicazioni\drivers\downld
c:\windows\system32\i
.
((((((((((((((((((((((((( Files Creati Da 2009-06-08 al 2009-07-08 )))))))))))))))))))))))))))))))))))
.
2009-07-07 13:10 . 2009-07-07 13:10 -------- d-----w- c:\programmi\Lavasoft
2009-07-07 13:03 . 2009-07-07 13:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-07-07 11:58 . 2009-07-07 11:58 -------- d-----w- c:\programmi\VirusTotalUploader
2009-07-04 16:12 . 2009-07-04 16:17 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\DeepBurner
2009-07-04 16:00 . 2009-07-04 16:10 -------- d-----w- c:\programmi\DeepBurner
2009-07-03 07:43 . 2009-07-03 07:43 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\Ashampoo
2009-07-03 07:43 . 2009-07-03 07:43 -------- d-----w- c:\documents and settings\Lola\Impostazioni locali\Dati applicazioni\ashampoo
2009-07-03 07:43 . 2009-07-03 07:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ashampoo
2009-07-03 07:43 . 2009-07-03 07:43 -------- d-----w- c:\programmi\Ashampoo
2009-06-28 09:12 . 2009-06-28 09:12 54 ----a-w- c:\windows\system32\rp_stats.dat
2009-06-28 09:12 . 2009-06-28 09:12 39 ----a-w- c:\windows\system32\rp_rules.dat
2009-06-21 16:46 . 2008-04-13 17:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-06-21 16:46 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-06-21 16:46 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-06-21 16:41 . 2009-06-21 16:43 -------- d-----w- c:\programmi\DIFX
2009-06-21 16:39 . 2009-07-04 15:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-06-17 14:46 . 2009-06-17 14:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-06-17 14:46 . 2009-06-17 14:46 -------- d-----w- c:\programmi\QuickTime Alternative
2009-06-17 13:09 . 2009-06-17 13:09 -------- d-----w- c:\programmi\RADVideo
2009-06-15 22:37 . 2009-06-15 22:37 15872 ----a-w- c:\windows\system32\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys
2009-06-15 22:37 . 2009-06-15 22:46 62 ----a-w- c:\windows\hcs.dat
2009-06-15 22:37 . 2004-08-03 23:56 11776 ----a-w- c:\windows\system32\reghmf.exe
2009-06-15 22:37 . 2009-06-15 22:37 -------- d-----w- c:\programmi\HFolders
2009-06-15 22:37 . 2007-02-12 15:55 692224 ----a-w- c:\windows\system32\hsys30.dll
2009-06-15 22:22 . 2009-06-15 22:22 -------- d-----w- c:\programmi\Axon Data
2009-06-15 19:57 . 2009-05-03 10:22 73392 ----a-w- c:\windows\system32\fsproflt.exe
2009-06-15 19:57 . 2008-06-05 17:37 43792 ----a-w- c:\windows\system32\drivers\FSPFltd.sys
2009-06-10 19:07 . 2003-06-25 14:05 266360 ----a-w- c:\windows\system32\TweakUI.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 15:52 . 2009-05-22 13:17 -------- d--h--w- c:\documents and settings\Lola\Dati applicazioni\drivers
2009-07-08 15:46 . 2009-06-06 13:55 -------- d-----w- c:\programmi\Crawler
2009-07-08 08:35 . 2009-01-26 08:41 572804 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-08 08:35 . 2009-01-26 08:41 48654368 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-07 18:10 . 2009-07-07 18:11 1721856 ----a-w- c:\windows\Internet Logs\xDB79.tmp
2009-07-07 17:09 . 2009-03-22 09:15 -------- d-----w- c:\programmi\dBpowerAMP
2009-07-07 16:22 . 2009-02-13 08:37 -------- d-----w- c:\programmi\eMule
2009-07-07 13:06 . 2009-07-07 13:07 2481152 ----a-w- c:\windows\Internet Logs\xDB78.tmp
2009-07-07 13:06 . 2009-07-07 13:07 132096 ----a-w- c:\windows\Internet Logs\xDB77.tmp
2009-07-07 13:03 . 2009-02-06 15:00 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-07-07 12:55 . 2009-01-25 23:35 -------- d-----w- c:\programmi\Spyware Terminator
2009-07-07 12:55 . 2009-01-25 23:35 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\Spyware Terminator
2009-07-07 12:24 . 2009-01-27 09:18 -------- d-----w- c:\programmi\Microsoft Picture It! PhotoPub
2009-07-07 11:51 . 2009-07-07 11:52 2474496 ----a-w- c:\windows\Internet Logs\xDB76.tmp
2009-07-07 11:51 . 2009-07-07 11:52 574976 ----a-w- c:\windows\Internet Logs\xDB75.tmp
2009-07-07 07:52 . 2009-07-07 07:53 111616 ----a-w- c:\windows\Internet Logs\xDB73.tmp
2009-07-07 07:52 . 2009-07-07 07:53 2469376 ----a-w- c:\windows\Internet Logs\xDB74.tmp
2009-07-06 21:06 . 2009-07-07 07:01 693248 ----a-w- c:\windows\Internet Logs\xDB72.tmp
2009-07-04 19:06 . 2009-07-04 19:07 2466304 ----a-w- c:\windows\Internet Logs\xDB71.tmp
2009-07-04 19:06 . 2009-07-04 19:07 105472 ----a-w- c:\windows\Internet Logs\xDB70.tmp
2009-07-04 16:50 . 2009-07-04 16:51 185856 ----a-w- c:\windows\Internet Logs\xDB6E.tmp
2009-07-04 16:50 . 2009-07-04 16:51 2465792 ----a-w- c:\windows\Internet Logs\xDB6F.tmp
2009-07-03 20:35 . 2009-07-04 06:40 117248 ----a-w- c:\windows\Internet Logs\xDB6C.tmp
2009-07-03 20:35 . 2009-07-04 06:40 2447872 ----a-w- c:\windows\Internet Logs\xDB6D.tmp
2009-07-03 17:18 . 2009-07-03 17:20 2443264 ----a-w- c:\windows\Internet Logs\xDB6B.tmp
2009-07-03 17:03 . 2009-04-20 17:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-07-03 17:00 . 2009-07-03 17:01 160768 ----a-w- c:\windows\Internet Logs\xDB6A.tmp
2009-07-03 07:35 . 2009-07-03 07:36 52736 ----a-w- c:\windows\Internet Logs\xDB69.tmp
2009-07-01 22:42 . 2009-07-03 06:47 269312 ----a-w- c:\windows\Internet Logs\xDB68.tmp
2009-06-30 09:51 . 2009-07-01 12:03 45056 ----a-w- c:\windows\Internet Logs\xDB66.tmp
2009-06-30 09:51 . 2009-07-01 12:03 2419712 ----a-w- c:\windows\Internet Logs\xDB67.tmp
2009-06-30 08:42 . 2009-06-30 09:27 400384 ----a-w- c:\windows\Internet Logs\xDB65.tmp
2009-06-28 18:11 . 2009-06-29 06:39 707072 ----a-w- c:\windows\Internet Logs\xDB64.tmp
2009-06-28 09:38 . 2009-01-18 21:30 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-06-28 09:22 . 2009-06-28 09:23 84992 ----a-w- c:\windows\Internet Logs\xDB63.tmp
2009-06-28 08:49 . 2009-01-26 18:58 -------- d-----w- c:\programmi\Total Uninstall
2009-06-28 07:16 . 2009-01-25 23:35 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-06-27 22:50 . 2009-06-28 06:35 452096 ----a-w- c:\windows\Internet Logs\xDB62.tmp
2009-06-27 12:47 . 2009-03-22 17:21 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\foobar2000
2009-06-25 16:17 . 2009-06-26 16:29 212992 ----a-w- c:\windows\Internet Logs\xDB61.tmp
2009-06-23 21:02 . 2009-06-24 07:06 840192 ----a-w- c:\windows\Internet Logs\xDB5F.tmp
2009-06-23 21:02 . 2009-06-24 07:06 2369536 ----a-w- c:\windows\Internet Logs\xDB60.tmp
2009-06-21 16:46 . 2009-06-21 16:46 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-21 16:46 . 2009-06-21 16:46 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-18 21:23 . 2009-06-19 07:13 98816 ----a-w- c:\windows\Internet Logs\xDB5E.tmp
2009-06-17 21:20 . 2009-06-17 21:21 430080 ----a-w- c:\windows\Internet Logs\xDB5D.tmp
2009-06-16 21:38 . 2009-06-17 09:06 19968 ----a-w- c:\windows\Internet Logs\xDB5B.tmp
2009-06-16 21:38 . 2009-06-17 09:06 2319872 ----a-w- c:\windows\Internet Logs\xDB5C.tmp
2009-06-16 19:26 . 2009-06-16 19:28 196096 ----a-w- c:\windows\Internet Logs\xDB59.tmp
2009-06-16 19:26 . 2009-06-16 19:28 2319872 ----a-w- c:\windows\Internet Logs\xDB5A.tmp
2009-06-15 20:09 . 2009-06-15 20:10 98816 ----a-w- c:\windows\Internet Logs\xDB58.tmp
2009-06-15 12:05 . 2009-06-15 12:06 128000 ----a-w- c:\windows\Internet Logs\xDB57.tmp
2009-06-15 07:40 . 2009-01-25 22:24 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\AdobeUM
2009-06-14 18:43 . 2009-06-15 07:11 2951168 ----a-w- c:\windows\Internet Logs\xDB55.tmp
2009-06-14 18:43 . 2009-06-15 07:11 2286592 ----a-w- c:\windows\Internet Logs\xDB56.tmp
2009-06-13 18:17 . 2009-06-13 19:36 437760 ----a-w- c:\windows\Internet Logs\xDB53.tmp
2009-06-13 18:17 . 2009-06-13 19:36 2283008 ----a-w- c:\windows\Internet Logs\xDB54.tmp
2009-06-13 08:51 . 2009-06-13 16:35 330240 ----a-w- c:\windows\Internet Logs\xDB51.tmp
2009-06-13 08:51 . 2009-06-13 16:35 2281984 ----a-w- c:\windows\Internet Logs\xDB52.tmp
2009-06-10 17:59 . 2009-06-10 18:00 1214976 ----a-w- c:\windows\Internet Logs\xDB50.tmp
2009-06-08 08:00 . 2009-06-08 18:34 643584 ----a-w- c:\windows\Internet Logs\xDB4E.tmp
2009-06-08 08:00 . 2009-06-08 18:34 2252800 ----a-w- c:\windows\Internet Logs\xDB4F.tmp
2009-06-07 21:27 . 2009-06-08 06:51 75776 ----a-w- c:\windows\Internet Logs\xDB4C.tmp
2009-06-07 21:27 . 2009-06-08 06:51 2251776 ----a-w- c:\windows\Internet Logs\xDB4D.tmp
2009-06-06 18:09 . 2009-06-07 16:46 81920 ----a-w- c:\windows\Internet Logs\xDB4B.tmp
2009-06-06 16:31 . 2009-06-06 16:34 2250240 ----a-w- c:\windows\Internet Logs\xDB4A.tmp
2009-06-06 16:31 . 2009-06-06 16:34 17920 ----a-w- c:\windows\Internet Logs\xDB49.tmp
2009-06-06 16:28 . 2009-06-06 16:29 120832 ----a-w- c:\windows\Internet Logs\xDB48.tmp
2009-06-06 13:40 . 2009-06-06 13:41 128000 ----a-w- c:\windows\Internet Logs\xDB47.tmp
2009-06-05 18:01 . 2009-06-06 07:06 39424 ----a-w- c:\windows\Internet Logs\xDB46.tmp
2009-06-05 10:23 . 2009-03-13 08:32 -------- d-----w- c:\programmi\File comuni\AVSMedia
2009-06-05 10:23 . 2009-03-13 08:32 -------- d-----w- c:\programmi\AVSMedia
2009-06-05 09:53 . 2009-06-05 09:54 331776 ----a-w- c:\windows\Internet Logs\xDB45.tmp
2009-06-04 19:43 . 2009-06-04 19:10 -------- d-----w- c:\programmi\Lupas Rename 2000
2009-06-04 12:57 . 2009-06-04 12:58 88064 ----a-w- c:\windows\Internet Logs\xDB43.tmp
2009-06-04 12:57 . 2009-06-04 12:58 2207744 ----a-w- c:\windows\Internet Logs\xDB44.tmp
2009-06-03 21:22 . 2009-06-04 06:28 528384 ----a-w- c:\windows\Internet Logs\xDB42.tmp
2009-06-03 21:09 . 2009-06-03 21:08 -------- d-----w- c:\programmi\Tclock
2009-06-02 19:15 . 2009-06-03 06:44 169984 ----a-w- c:\windows\Internet Logs\xDB40.tmp
2009-06-02 19:15 . 2009-06-03 06:44 2186752 ----a-w- c:\windows\Internet Logs\xDB41.tmp
2009-06-02 16:28 . 2009-06-02 16:28 -------- d-----w- c:\programmi\Photo Story 3 for Windows
2009-06-01 17:30 . 2009-06-01 17:30 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\Image Zone Express
2009-05-31 19:50 . 2009-06-01 11:58 166400 ----a-w- c:\windows\Internet Logs\xDB3E.tmp
2009-05-31 19:50 . 2009-06-01 11:58 2168832 ----a-w- c:\windows\Internet Logs\xDB3F.tmp
2009-05-31 12:15 . 2009-05-23 15:42 921600 ----a-w- c:\windows\system32\Snow_Village_3D_Screensaver.scr
2009-05-31 12:13 . 2009-05-31 12:14 688640 ----a-w- c:\windows\Internet Logs\xDB3C.tmp
2009-05-31 12:13 . 2009-05-31 12:14 2172416 ----a-w- c:\windows\Internet Logs\xDB3D.tmp
2009-05-31 12:12 . 2009-05-23 15:42 35322368 ----a-w- c:\windows\system32\Snow Village 3D Screensaver.exe
2009-05-31 12:11 . 2009-05-23 15:42 -------- d-----w- c:\programmi\Snow Village 3D Screensaver
2009-05-30 20:09 . 2009-05-30 20:09 -------- d-----w- c:\programmi\Ancient Castle 3D Screensaver
2009-05-30 19:58 . 2009-05-30 19:59 1438208 ----a-w- c:\windows\Internet Logs\xDB3B.tmp
2009-05-30 19:57 . 2009-05-30 18:07 -------- d-----w- c:\programmi\3Planesoft Screensaver Manager
2009-05-30 19:57 . 2009-05-30 18:07 -------- d-----w- c:\programmi\Dutch Windmills 3D Screensaver
2009-05-30 12:33 . 2009-05-30 12:33 -------- d-----w- c:\programmi\Cuckoo Clock 3D Screensaver
2009-05-28 08:37 . 2009-05-28 08:33 -------- d-----w- c:\programmi\Vector Magic
2009-05-28 07:43 . 2009-03-31 13:23 -------- d-----w- c:\documents and settings\Lola\Dati applicazioni\AVS Video Converter
2009-05-27 08:51 . 2009-05-27 09:02 485376 ----a-w- c:\windows\Internet Logs\xDB39.tmp
2009-05-27 08:51 . 2009-05-27 09:02 2101760 ----a-w- c:\windows\Internet Logs\xDB3A.tmp
2009-05-25 21:18 . 2009-05-26 07:32 188416 ----a-w- c:\windows\Internet Logs\xDB38.tmp
2009-05-25 10:29 . 2009-05-25 18:10 80896 ----a-w- c:\windows\Internet Logs\xDB36.tmp
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-01-25 1783808]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0lsdelete
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Promemoria del Calendario di Microsoft Works.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Promemoria del Calendario di Microsoft Works.lnk
backup=c:\windows\pss\Promemoria del Calendario di Microsoft Works.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\StreamerOne\\StreamerOne.exe"=
"c:\\Programmi\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"=
"c:\\Programmi\\Lavasoft\\Ad-Aware\\AAWService.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/01/2009 23.30.13 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [25/01/2009 23.04.19 114768]
R1 HMFAxCore56d706f6725c732df006697fd5ec3381;HMFAxCore56d706f6725c732df006697fd5ec3381;c:\windows\system32\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys [16/06/2009 0.37.16 15872]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [26/01/2009 1.35.48 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [26/01/2009 17.39.55 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [16/04/2009 18.33.16 603904]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 20.44.24 580992]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'
2009-07-08 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:20]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://arianna.libero.it/hpweb.htmlIE: Crawler Search - tbr:iemenu
IE: Save Flash - c:\programmi\Flash Saving Plugin\FlashSButton.dll/210
IE: Save Page As PDF ... -
file://c:\programmi\Nitro PDF\PDF Download\nitroweb.htm
IE: Save YouTube Video - c:\programmi\Flash Saving Plugin\FlashSButton.dll/217
IE: {{28EA46FA-BFA8-40E5-85AF-8C83A55BD45A} -
https://signin.ebay.it/ws/eBayISAPI.dll?SignInIE: {{4C8CB16D-A55F-407A-8BCA-DEB98904BA7A} -
http://www.primarygames.com/games.htmIE: {{68A46607-2E28-41FF-BD46-43FE35E90A27} -
https://bancopostaonline.poste.it/bpol/ ... amovimentiIE: {{87E9763D-900C-4FD3-A05E-CAE7FF667814} -
http://wpop13.libero.it/email.php?ssonc=1292889082IE: {{8BF0FE12-930C-491A-8AC9-14F697B060D3} -
http://www.ebay.it/IE: {{AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} -
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\programmi\Crawler\ctbr.dll
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
DPF: {F758FE6D-9949-4D78-B748-97781F55AF19} -
hxxp://rivideo.mediaset.it/_res/cab/TXTDMCab.CAB.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-08 17:53
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(504)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2009-07-08 17.55.06
ComboFix-quarantined-files.txt 2009-07-08 15:55
Pre-Run: 156.268.257.280 byte disponibili
Post-Run: 156.252.311.552 byte disponibili
254 --- E O F --- 2009-06-10 18:44
Registrazione
di lolaputer » 08/07/09 17:28 
?
