Eccolo
ComboFix 09-06-28.02 - Administrator 04/03/2010 1.44.14.2 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.3518.3244 [GMT 1:00]
Eseguito da: C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-14EF-9D7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
AV: avast! antivirus 4.8.1368 [VPS 100303-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Esecuzione precedente -------
.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ScanPanel.lnk
C:\WINDOWS\system32\drivers\unpr.sys
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Legacy_UNPR
-------\Service_Iprip
-------\Service_unpr
((((((((((((((((((((((((( Files Creati Da 2010-02-04 al 2010-03-04 )))))))))))))))))))))))))))))))))))
.
2010-03-04 00:39:08 . 2010-03-04 00:39:08 0 d-sh--w- C:\Documents and Settings\Administrator\IETldCache
2010-03-03 21:51:57 . 2002-03-05 02:43:10 167936 ----a-r- C:\WINDOWS\A4.dll
2010-03-03 21:51:57 . 2002-01-06 03:57:46 7168 ----a-r- C:\WINDOWS\system32\48UMicro.dll
2010-03-03 21:51:57 . 2001-10-18 10:01:16 45056 ----a-r- C:\WINDOWS\GetKey.dll
2010-03-03 20:35:48 . 2010-03-03 20:35:53 0 d-----w- C:\Programmi\CCleaner
2010-03-02 17:40:46 . 2001-08-30 19:41:06 12160 -c--a-w- C:\WINDOWS\system32\dllcache\mouhid.sys
2010-03-02 17:40:46 . 2001-08-30 19:41:06 12160 ----a-w- C:\WINDOWS\system32\drivers\mouhid.sys
2010-03-02 17:40:44 . 2008-04-13 18:45:28 10368 -c--a-w- C:\WINDOWS\system32\dllcache\hidusb.sys
2010-03-02 17:40:44 . 2008-04-13 18:45:28 10368 ----a-w- C:\WINDOWS\system32\drivers\hidusb.sys
2010-02-25 13:36:29 . 2010-02-25 13:36:29 0 d-----w- C:\WINDOWS\system32\wbem\Repository
2010-02-18 12:13:38 . 2010-02-18 12:14:33 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\ArchiCAD_3576593739
2010-02-18 12:04:44 . 2010-02-18 12:04:44 0 d-----w- C:\Programmi\KASHU
2010-02-17 23:00:12 . 2010-02-17 23:00:12 0 d-----w- C:\Poker
2010-02-17 15:19:49 . 2010-02-17 15:19:49 454838 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_4E26CB86DBBA59FA480DBE.exe
2010-02-17 15:19:49 . 2010-02-17 15:19:49 454838 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_104F6807AB07EC86DCD1CC.exe
2010-02-17 15:19:48 . 2010-02-17 15:19:48 0 d-----w- C:\Programmi\AutomationLabs
2010-02-16 22:47:53 . 2010-02-16 22:47:53 0 ----a-w- C:\Documents and Settings\giggi8\1766d4565965ef090ea20ab7a405703c3673c19b.252056.bfr.zip
2010-02-16 22:47:49 . 2010-02-16 22:47:49 0 ----a-w- C:\Documents and Settings\giggi8\c7c48ba589280eb67116efc7ae4da538c7afb8cf.886922.bfr.zip
2010-02-15 18:26:45 . 2010-02-15 18:26:45 0 d-----w- C:\Programmi\Autodesk
2010-02-15 15:02:23 . 2010-02-15 15:02:23 0 d-----w- C:\Revit SDK 2010
2010-02-15 14:55:12 . 2010-02-15 14:57:24 0 d-----w- C:\RAC_2010_Italian_Win_32bit
2010-02-12 21:15:29 . 2010-02-12 21:15:29 0 d-----w- C:\temp
2010-02-12 19:19:16 . 2010-02-12 19:19:16 0 d-----w- C:\_rohos
2010-02-11 23:44:11 . 2010-02-11 23:44:11 0 d-----w- C:\WINDOWS\system32\Samsung PC Studio Codecs
2010-02-11 23:44:11 . 2006-02-07 14:53:00 61440 ----a-w- C:\WINDOWS\system32\mp4_vcodec.dll
2010-02-11 23:44:11 . 2006-01-09 12:27:00 679936 ----a-w- C:\WINDOWS\system32\fun_mp4_enc.dll
2010-02-11 23:44:11 . 2005-11-29 15:17:56 2067140 ----a-r- C:\WINDOWS\system32\avcodec.dll
2010-02-11 23:40:44 . 2005-12-22 11:24:54 11188 ----a-w- C:\WINDOWS\system32\drivers\sscdwhnt.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:54 11188 ----a-w- C:\WINDOWS\system32\drivers\sscdwh.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:52 137884 ----a-w- C:\WINDOWS\system32\drivers\sscdmdm.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:52 11877 ----a-w- C:\WINDOWS\system32\drivers\sscdcmnt.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:52 11877 ----a-w- C:\WINDOWS\system32\drivers\sscdcm.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:52 10864 ----a-w- C:\WINDOWS\system32\drivers\sscdmdfl.sys
2010-02-11 23:40:44 . 2005-12-22 11:24:50 80272 ----a-w- C:\WINDOWS\system32\drivers\sscdbus.sys
2010-02-11 23:40:40 . 2010-02-11 23:40:45 0 d-----w- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-02-11 23:35:47 . 2010-02-12 11:01:33 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\Rohos
2010-02-11 23:34:24 . 2010-02-17 12:28:08 0 d-----w- C:\Programmi\Rohos
2010-02-11 19:42:36 . 2010-02-22 12:10:10 0 d-sh--w- C:\Documents and Settings\giggi8\UserData
2010-02-11 17:04:56 . 2010-02-11 17:04:56 0 d-----w- C:\Programmi\Samsung
2010-02-10 15:31:34 . 2010-02-12 00:28:40 0 d-----w- C:\Programmi\ElcomSoft
2010-02-10 02:38:05 . 2010-02-11 19:43:34 0 d-----w- C:\Restoration
2010-02-09 21:55:01 . 2010-02-11 19:43:46 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\Installer2104
2010-02-09 21:49:16 . 2010-02-11 19:44:09 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\Installer1856
2010-02-04 09:54:58 . 2010-02-04 09:54:58 0 d-----w- C:\Programmi\DataDoctorRecovery (Evaluation)
2010-02-02 15:33:00 . 2010-02-02 15:33:00 0 d-----w- C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-02-02 15:28:52 . 2010-02-25 19:34:23 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\Temp
2010-02-02 15:05:11 . 2010-02-03 15:33:00 0 d-----w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\Google
2010-02-02 15:02:04 . 2010-02-02 15:40:19 0 d-----w- C:\Programmi\Google
2010-02-02 14:27:01 . 2010-02-02 14:27:01 0 d-----w- C:\Programmi\MSECache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-03 20:23:53 . 2009-12-18 18:10:20 0 d-----w- C:\Programmi\Java
2010-02-21 16:21:10 . 2009-12-20 16:05:49 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\PC Suite
2010-02-21 16:17:53 . 2010-01-15 18:21:28 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\CDRoller
2010-02-20 20:46:52 . 2009-12-26 01:51:26 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\vlc
2010-02-17 20:52:57 . 2009-01-06 17:40:14 0 d-----w- C:\Programmi\eMule
2010-02-17 16:10:44 . 2010-02-01 23:08:58 336 ----a-w- C:\Documents and Settings\giggi8\Dati applicazioni\settings.dat
2010-02-17 12:08:58 . 2009-12-18 16:31:13 0 d-----w- C:\Programmi\File comuni\Adobe
2010-02-16 20:53:26 . 2009-12-19 21:17:35 0 d-----w- C:\Programmi\Voltura
2010-02-15 18:30:40 . 2009-12-30 16:38:01 304096 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\VSTAHost\Architecture2010\9.0\1040\ResourceCache.dll
2010-02-15 18:30:39 . 2009-12-30 16:38:00 302848 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\VSTAHost\Architecture2010\9.0\1033\ResourceCache.dll
2010-02-15 18:28:03 . 2009-12-26 21:50:37 0 d-----w- C:\Programmi\File comuni\Autodesk Shared
2010-02-15 18:28:02 . 2009-12-26 21:50:37 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
2010-02-15 18:27:22 . 2009-12-30 16:34:43 0 d-----w- C:\Programmi\Autodesk Revit Architecture 2010
2010-02-15 15:17:07 . 2009-12-26 21:50:37 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\Autodesk
2010-02-11 19:43:36 . 2009-12-18 00:20:59 0 d--h--w- C:\Programmi\InstallShield Installation Information
2010-02-08 14:30:58 . 2010-01-08 22:07:27 0 d-----w- C:\Programmi\File comuni\DVDVideoSoft
2010-02-02 23:08:37 . 2010-01-11 12:03:19 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\Nseries
2010-01-31 01:01:24 . 2009-12-19 20:24:25 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\Ahead
2010-01-30 10:54:10 . 2009-12-18 00:10:50 0 d-----w- C:\Programmi\Servizi in linea
2010-01-28 09:52:22 . 2009-12-18 00:30:12 97728 ----a-w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-27 21:40:08 . 2009-12-29 22:27:27 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\dvdcss
2010-01-26 21:16:19 . 2009-12-19 21:15:04 25214 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{25AB02BF-E977-49B3-A743-270EA89A9C8F}\_4ae13d6c.exe
2010-01-26 21:16:19 . 2009-12-19 21:15:04 25214 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{25AB02BF-E977-49B3-A743-270EA89A9C8F}\_18be6784.exe
2010-01-26 21:16:19 . 2009-12-19 21:15:04 22486 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{25AB02BF-E977-49B3-A743-270EA89A9C8F}\_294823.exe
2010-01-26 21:16:19 . 2009-12-19 21:15:04 1078 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{25AB02BF-E977-49B3-A743-270EA89A9C8F}\_69525f90.exe
2010-01-26 21:16:19 . 2009-12-19 21:15:04 1078 ----a-r- C:\Documents and Settings\giggi8\Dati applicazioni\Microsoft\Installer\{25AB02BF-E977-49B3-A743-270EA89A9C8F}\_2cd672ae.exe
2010-01-25 21:02:32 . 2006-03-02 12:00:00 89016 ----a-w- C:\WINDOWS\system32\perfc010.dat
2010-01-25 21:02:32 . 2006-03-02 12:00:00 501470 ----a-w- C:\WINDOWS\system32\perfh010.dat
2010-01-24 00:39:41 . 2010-01-24 00:39:38 0 d-----w- C:\Programmi\SopCast
2010-01-19 19:21:14 . 2009-12-18 19:01:35 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\Graphisoft
2010-01-19 19:19:42 . 2010-01-19 19:19:42 0 d-----w- C:\Programmi\File comuni\Graphisoft Shared
2010-01-19 19:17:06 . 2009-12-18 18:42:35 0 d-----w- C:\Programmi\Graphisoft
2010-01-19 19:05:54 . 2010-01-15 18:46:14 0 d-----w- C:\Programmi\Recovery Toolbox for CD Free
2010-01-13 19:47:57 . 2010-01-13 19:47:57 0 d-----w- C:\Programmi\Windows Media Connect 2
2010-01-12 10:09:14 . 2010-01-12 10:09:14 0 d-----w- C:\Documents and Settings\giggi8\Dati applicazioni\Nero
2010-01-11 19:33:02 . 2009-12-22 11:03:25 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\FLEXnet
2010-01-11 12:24:00 . 2009-12-20 14:54:57 0 d-----w- C:\Programmi\File comuni\Nokia
2010-01-11 12:24:00 . 2009-12-20 14:52:38 0 d-----w- C:\Programmi\Nokia
2010-01-11 12:21:59 . 2010-01-11 12:21:59 36864 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-11 12:21:59 . 2010-01-11 12:21:59 3351812 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-11 12:21:59 . 2010-01-11 12:21:59 3203453 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-11 12:16:45 . 2010-01-11 12:16:45 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Installations
2010-01-11 12:16:43 . 2010-01-11 12:23:37 24419312 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_1.8.10IT.exe
2010-01-10 23:02:14 . 2009-12-22 18:28:16 0 d-----w- C:\Programmi\Spybot - Search & Destroy
2010-01-10 18:39:54 . 2009-12-22 18:28:16 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-01-08 22:07:33 . 2010-01-08 22:07:26 0 d-----w- C:\Programmi\DVDVideoSoft
2010-01-06 22:00:22 . 2009-12-18 18:44:37 0 d-----w- C:\Programmi\QuickTime
2010-01-06 21:59:40 . 2010-01-06 21:59:40 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2010-01-06 21:46:46 . 2010-01-06 21:46:46 0 d-----w- C:\Programmi\File comuni\Apple
2009-12-31 16:50:03 . 2006-03-02 12:00:00 353792 ----a-w- C:\WINDOWS\system32\drivers\srv.sys
2009-12-30 16:32:55 . 2009-12-30 16:32:55 416 ----a-w- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2009-12-26 22:01:20 . 2009-12-26 22:01:20 36864 ----a-w- C:\Documents and Settings\giggi8\Dati applicazioni\Autodesk\AutoCAD 2010\R18.0\ita\ContextualTabSelectorRules.dll
2009-12-22 17:00:01 . 2009-12-22 17:00:01 30208 ----a-w- C:\WINDOWS\system32\inetlog.dll
2009-12-21 21:55:23 . 2009-12-21 21:55:23 4 ----a-w- C:\WINDOWS\6816Error.dat
2009-12-21 21:55:23 . 2009-12-21 21:55:23 30720 ----a-w- C:\WINDOWS\6816White12.dat
2009-12-21 21:55:19 . 2009-12-21 21:55:19 30720 ----a-w- C:\WINDOWS\6816Dark12.dat
2009-12-21 21:55:16 . 2009-12-21 21:55:16 6 ----a-w- C:\WINDOWS\6816Exposure.dat
2009-12-21 21:55:16 . 2009-12-21 21:55:16 3 ----a-w- C:\WINDOWS\6816Offset.dat
2009-12-21 21:55:16 . 2009-12-21 21:55:16 3 ----a-w- C:\WINDOWS\6816Gain.dat
2009-12-21 19:06:28 . 2006-03-02 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-12-19 16:03:59 . 2009-12-19 16:03:59 249856 ------w- C:\WINDOWS\Setup1.exe
2009-12-19 16:03:58 . 2009-12-19 16:03:58 73216 ----a-w- C:\WINDOWS\ST6UNST.EXE
2009-12-19 13:43:06 . 2009-12-19 13:43:06 82380 ----a-w- C:\WINDOWS\system32\drivers\AFS2K.SYS
2009-12-18 21:49:30 . 2009-12-18 21:49:47 411368 ----a-w- C:\WINDOWS\system32\deploytk.dll
2009-12-18 18:47:16 . 2009-12-18 18:47:18 872448 ------w- C:\WINDOWS\UNMRW.exe
2009-12-18 18:47:16 . 2009-12-18 18:47:18 7582 ------w- C:\WINDOWS\system32\drivers\incdrm.sys
2009-12-18 16:29:55 . 2009-12-18 16:29:55 135 ----a-w- C:\Documents and Settings\giggi8\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-12-18 10:52:25 . 2009-12-18 00:11:24 76875 ----a-w- C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-12-18 00:57:16 . 2009-12-18 00:57:16 159705 ----a-w- C:\WINDOWS\Scan to PDF Uninstaller.exe
2009-12-18 00:40:25 . 2009-12-18 00:40:25 0 ----a-w- C:\WINDOWS\nsreg.dat
2009-12-18 00:09:31 . 2009-12-18 00:09:31 21840 ----a-w- C:\WINDOWS\system32\emptyregdb.dat
2009-12-17 07:40:45 . 2009-12-18 00:08:23 346112 ----a-w- C:\WINDOWS\system32\mspaint.exe
2009-12-14 07:08:20 . 2006-03-02 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll
2009-12-09 10:07:07 . 2006-03-02 12:00:00 2148864 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
2009-12-09 10:07:06 . 2004-08-19 15:34:20 2027520 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe
2009-12-04 18:22:22 . 2006-03-02 12:00:00 455424 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
.
------- Sigcheck -------
[-] 2008-04-14 02:14:07 1036288 1D21873B67637ADDD565FC1C20BC726B C:\WINDOWS\explorer.exe
[-] 2008-04-14 02:14:07 1036288 1D21873B67637ADDD565FC1C20BC726B C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 02:14:03 15360 A93F4DDD4C68E5A1BC7D48E9717FD1AD C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 02:14:03 15360 A93F4DDD4C68E5A1BC7D48E9717FD1AD C:\WINDOWS\system32\ctfmon.exe
[-] 2008-04-14 02:14:20 57856 D00A3AEBC2E0120B8663A4BD5FF6D584 C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 02:14:20 57856 D00A3AEBC2E0120B8663A4BD5FF6D584 C:\WINDOWS\system32\spoolsv.exe
[-] 2008-04-14 02:14:22 26624 24476447D3A949A0046A19D4AC007C71 C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 02:14:22 26624 24476447D3A949A0046A19D4AC007C71 C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9cb62415-099f-4475-a363-2d037a9b3496}]
2008-02-14 13:54:02 1555480 ----a-w- C:\Programmi\Vueling_IT\tbVuel.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:14:03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 20:05:00 344064]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 23:51:40 81000]
"HP Software Update"="C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 10:40:22 49152]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 07:19:12 176128]
"DeviceDiscovery"="C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 19:56:10 40960]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:14:03 15360]
C:\Documents and Settings\giggi8\Menu Avvio\Programmi\Esecuzione automatica\
FreePOPs.lnk - C:\Programmi\FreePOPs\freepopsd.exe [2007-11-17 53248]
POSTIT.EXE [2002-4-26 59904]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acrobat Assistant.lnk - C:\Programmi\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2009-12-18 49152]
Adobe Reader Synchronizer.lnk - C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Avvio veloce di Adobe Reader.lnk - C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Pinnacle Scheduler.lnk - C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2009-12-18 241664]
Post-it© Digital Notes.lnk - C:\Programmi\3M\PDNotes\PDNotes.exe [2006-3-21 6485528]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\Graphisoft\\ArchiCAD 12\\ArchiCAD.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"C:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
"C:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"C:\\Programmi\\Internet Explorer\\iexplore.exe"=
"C:\\Programmi\\Graphisoft\\ArchiCAD 13\\ArchiCAD.exe"=
"C:\\Programmi\\SopCast\\SopCast.exe"=
"C:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Gruppi peer-to-peer Windows
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [18/12/2009 1.59.44 114768]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [18/12/2009 1.59.44 20560]
S2 gupdate;Servizio di Google Update (gupdate);C:\Programmi\Google\Update\GoogleUpdate.exe [02/02/2010 16.28.46 135664]
S2 TwonkyMedia;TwonkyMedia;C:\Programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> C:\Programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;C:\WINDOWS\system32\drivers\3xHybrid.sys [18/12/2009 11.55.24 1121536]
S3 bsusbser;PHD USB Device for Legacy Serial Communication;C:\WINDOWS\system32\drivers\bsusbser.sys [18/12/2009 1.20.48 94848]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [22/12/2009 15.43.53 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [22/12/2009 15.43.53 8320]
S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\drivers\pctvvbi.sys [18/12/2009 11.54.57 6400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
vvdsvc REG_MULTI_SZ vvdsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\setup.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'
2010-02-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]
2010-03-04 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Programmi\Google\Update\GoogleUpdate.exe [2010-02-02 15:28:46 . 2010-02-02 15:28:43]
2010-03-03 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Programmi\Google\Update\GoogleUpdate.exe [2010-02-02 15:28:46 . 2010-02-02 15:28:43]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKLM-Run-RTHDCPL - RTHDCPL.EXE
.
------- Scansione supplementare -------
.
TCP: {DA18A4C9-6855-4748-8EFF-51420E3B12E5} = 192.168.0.1
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabFF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
C:\Programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
C:\Programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
C:\Programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
C:\Programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
C:\Programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.