ecco il post
ComboFix 09-11-08.02 - massimo 08/11/2009 22.28.25.4.2 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1015.843 [GMT 1:00]
Eseguito da: C:\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((( Files Creati Da 2009-10-08 al 2009-11-08 )))))))))))))))))))))))))))))))))))
.
2009-11-08 21:20:23 . 2009-11-08 21:20:34 3563182 ----a-r- C:\ComboFix.exe
2009-11-08 17:58:57 . 2009-11-08 17:58:57 0 d-----w- C:\Documents and Settings\massimo\Impostazioni locali\Dati applicazioni\Threat Expert
2009-11-08 17:34:30 . 2009-10-08 10:31:14 767952 ----a-w- C:\WINDOWS\BDTSupport.dll
2009-11-08 17:34:29 . 2009-10-08 10:31:46 149456 ----a-w- C:\WINDOWS\SGDetectionTool.dll
2009-11-08 17:34:29 . 2009-10-08 10:31:44 165840 ----a-w- C:\WINDOWS\PCTBDRes.dll
2009-11-08 17:34:29 . 2009-10-08 10:31:44 1636304 ----a-w- C:\WINDOWS\PCTBDCore.dll
2009-11-08 17:34:29 . 2009-10-02 13:19:04 1152470 ----a-w- C:\WINDOWS\UDB.zip
2009-11-08 17:34:29 . 2008-11-26 11:08:42 131 ----a-w- C:\WINDOWS\IDB.zip
2009-11-08 17:28:05 . 2009-09-24 07:55:46 229304 ----a-w- C:\WINDOWS\system32\drivers\pctgntdi.sys
2009-11-08 17:27:43 . 2009-09-23 15:10:06 207280 ----a-w- C:\WINDOWS\system32\drivers\PCTCore.sys
2009-11-08 17:27:42 . 2009-10-06 15:31:30 87784 ----a-w- C:\WINDOWS\system32\drivers\PCTAppEvent.sys
2009-11-08 17:27:02 . 2009-09-03 08:45:12 70408 ----a-w- C:\WINDOWS\system32\drivers\pctplsg.sys
2009-11-08 17:26:12 . 2009-11-08 21:21:21 0 d-----w- C:\Programmi\Spyware Doctor
2009-11-08 17:26:12 . 2009-11-08 17:26:12 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\PC Tools
2009-11-08 17:26:12 . 2009-11-08 17:26:12 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\PC Tools
2009-11-08 17:09:24 . 2009-11-08 17:09:24 117760 ----a-w- C:\Documents and Settings\massimo\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-08 17:07:22 . 2009-11-08 17:07:22 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-11-08 17:07:09 . 2009-11-08 17:07:16 0 d-----w- C:\Programmi\SUPERAntiSpyware
2009-11-08 17:07:09 . 2009-11-08 17:07:09 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\SUPERAntiSpyware.com
2009-11-08 17:06:46 . 2009-11-08 17:06:46 0 d-----w- C:\Programmi\File comuni\Wise Installation Wizard
2009-11-08 16:39:11 . 2009-11-08 17:34:47 0 d-----w- C:\Programmi\File comuni\PC Tools
2009-11-08 16:38:52 . 2009-11-08 21:21:26 0 d---a-w- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2009-11-08 14:37:28 . 2009-11-08 14:44:19 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\QuickScan
2009-11-08 14:36:56 . 2009-10-29 14:39:50 679936 ----a-w- C:\Documents and Settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\ljxunb94.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
2009-11-08 14:36:56 . 2009-10-29 14:39:32 614400 ----a-w- C:\Documents and Settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\ljxunb94.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2009-11-08 13:00:45 . 2009-04-21 13:20:32 188673 ----a-w- C:\avirarkd.exe
2009-11-08 12:08:01 . 2009-11-08 12:29:28 152576 ----a-w- C:\Documents and Settings\massimo\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-04 15:37:01 . 2009-11-04 15:37:01 0 d-----w- C:\Documents and Settings\massimo\Impostazioni locali\Dati applicazioni\ESET
2009-11-04 12:02:50 . 2009-11-08 21:12:12 3610656 --sha-w- C:\WINDOWS\system32\drivers\fidbox.dat
2009-11-04 08:10:02 . 2009-11-04 08:10:02 25108 ---ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-10-29 16:25:58 . 2009-10-29 16:25:58 0 d-----w- C:\Documents and Settings\massimo\Impostazioni locali\Dati applicazioni\Apple Computer
2009-10-29 16:25:57 . 2009-10-29 16:25:59 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\Apple Computer
2009-10-29 16:24:19 . 2009-10-29 16:24:47 0 d-----w- C:\Programmi\Safari
2009-10-29 16:24:19 . 2009-10-29 16:24:19 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2009-10-29 16:23:54 . 2009-10-29 16:23:54 0 d-----w- C:\Documents and Settings\massimo\Impostazioni locali\Dati applicazioni\Apple
2009-10-29 16:23:38 . 2009-10-29 16:23:41 0 d-----w- C:\Programmi\Apple Software Update
2009-10-29 16:23:38 . 2009-10-29 16:23:38 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Apple
2009-10-29 15:00:36 . 2009-10-29 15:10:32 0 d-----w- C:\Documents and Settings\HelpAssistant.MAX\IETldCache
2009-10-29 14:58:29 . 2009-10-29 14:58:29 0 d-sh--w- C:\Documents and Settings\massimo\IETldCache
2009-10-29 14:58:29 . 2009-10-29 14:58:29 0 d-sh--w- C:\Documents and Settings\LocalService\IETldCache
2009-10-29 14:56:23 . 2009-10-02 04:44:07 92160 ------w- C:\WINDOWS\system32\dllcache\iecompat.dll
2009-10-29 14:55:54 . 2009-10-29 15:06:25 0 d-----w- C:\WINDOWS\ie8updates
2009-10-29 14:55:16 . 2009-08-29 07:56:22 12800 ------w- C:\WINDOWS\system32\dllcache\xpshims.dll
2009-10-29 14:55:12 . 2009-08-29 07:56:12 246272 ------w- C:\WINDOWS\system32\dllcache\ieproxy.dll
2009-10-29 14:52:02 . 2009-08-29 07:26:30 78336 ----a-w- C:\WINDOWS\system32\ieencode.dll
2009-10-29 14:52:02 . 2009-08-29 07:26:30 78336 ----a-w- C:\WINDOWS\system32\dllcache\ieencode.dll
2009-10-28 23:23:37 . 2009-10-28 23:23:39 0 d-----w- C:\5268ed4190955f9a237733
2009-10-28 23:18:35 . 2008-07-06 12:06:10 89088 ------w- C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2009-10-28 23:18:35 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dll
2009-10-28 23:18:34 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.dll
2009-10-28 23:18:34 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2009-10-28 23:18:34 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dll
2009-10-28 23:18:34 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\dllcache\xpssvcs.dll
2009-10-28 23:18:34 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2009-10-28 23:18:33 . 2009-10-28 23:19:12 0 d-----w- C:\a2c064abf746e4875f4ba0
2009-10-27 13:01:09 . 2009-10-27 13:01:09 0 d-----w- C:\Documents and Settings\HelpAssistant.MAX\DoctorWeb
2009-10-27 13:00:41 . 2009-10-27 13:00:43 0 d-----w- C:\Documents and Settings\HelpAssistant.MAX\.housecall6.6
2009-10-26 19:35:45 . 2009-11-08 13:29:33 0 d-----w- C:\Programmi\Spybot - Search & Destroy
2009-10-26 19:35:45 . 2009-11-08 13:29:32 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-10-26 19:13:19 . 2009-10-26 19:13:21 0 d-----w- C:\Programmi\CCleaner
2009-10-26 17:22:37 . 2009-10-26 17:22:37 0 d-----w- C:\Documents and Settings\massimo\DoctorWeb
2009-10-26 16:01:40 . 2008-03-03 17:21:34 568 ---ha-w- C:\WINDOWS\nod32fixtemdono.reg
2009-10-26 16:01:40 . 2008-03-03 13:25:38 5702 ---ha-w- C:\WINDOWS\nod32restoretemdono.reg
2009-10-26 15:49:07 . 2009-10-26 15:49:07 0 d-----w- C:\Programmi\ESET
2009-10-26 15:31:35 . 2009-10-26 15:31:35 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\ESET
2009-10-26 15:02:27 . 2009-02-06 10:10:02 227840 ------w- C:\WINDOWS\system32\dllcache\wmiprvse.exe
2009-10-26 15:02:23 . 2009-03-06 14:19:00 286208 ------w- C:\WINDOWS\system32\dllcache\pdh.dll
2009-10-26 15:02:23 . 2009-02-09 11:22:49 111104 ------w- C:\WINDOWS\system32\dllcache\services.exe
2009-10-26 15:02:23 . 2009-02-09 10:51:44 401408 ------w- C:\WINDOWS\system32\dllcache\rpcss.dll
2009-10-26 15:02:22 . 2009-02-09 10:51:44 683520 ------w- C:\WINDOWS\system32\dllcache\advapi32.dll
2009-10-26 15:02:22 . 2009-02-09 10:51:43 473600 ------w- C:\WINDOWS\system32\dllcache\fastprox.dll
2009-10-26 15:02:22 . 2009-02-09 10:51:42 453120 ------w- C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2009-10-26 15:02:22 . 2009-02-06 10:39:08 35328 ------w- C:\WINDOWS\system32\dllcache\sc.exe
2009-10-26 15:02:21 . 2009-02-09 10:51:43 736256 ------w- C:\WINDOWS\system32\dllcache\ntdll.dll
2009-10-26 11:28:07 . 2008-04-21 21:14:24 219136 ------w- C:\WINDOWS\system32\dllcache\wordpad.exe
2009-10-26 11:26:54 . 2008-06-14 17:32:08 272768 ------w- C:\WINDOWS\system32\drivers\bthport.sys
2009-10-26 11:26:54 . 2008-06-14 17:32:08 272768 ------w- C:\WINDOWS\system32\dllcache\bthport.sys
2009-10-26 11:13:42 . 2009-06-30 09:37:16 28552 ----a-w- C:\WINDOWS\system32\drivers\pavboot.sys
2009-10-26 11:13:28 . 2009-10-26 11:13:28 0 d-----w- C:\Programmi\Panda Security
2009-10-26 11:10:50 . 2009-10-26 11:12:20 0 d-----w- C:\Documents and Settings\massimo\.housecall6.6
2009-10-26 11:09:42 . 2009-10-26 11:09:42 0 d-----w- C:\WINDOWS\Sun
2009-10-26 10:27:48 . 2009-10-26 10:35:42 0 d-----w- C:\WINDOWS\BDOSCAN8
2009-10-26 09:51:10 . 2008-05-27 17:23:58 765952 ----a-w- C:\WINDOWS\system32\dllcache\vgx.dll
2009-10-26 08:45:19 . 2009-06-21 21:47:25 153088 ------w- C:\WINDOWS\system32\dllcache\triedit.dll
2009-10-26 08:41:19 . 2008-05-08 14:02:52 203136 ------w- C:\WINDOWS\system32\dllcache\rmcast.sys
2009-10-26 08:40:46 . 2008-10-24 11:21:09 455296 ------w- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2009-10-26 08:40:03 . 2008-12-11 10:57:09 333952 ------w- C:\WINDOWS\system32\dllcache\srv.sys
2009-10-26 08:39:24 . 2008-05-01 14:34:52 331776 ------w- C:\WINDOWS\system32\dllcache\msadce.dll
2009-10-26 08:38:40 . 2009-07-10 13:26:37 1315328 ------w- C:\WINDOWS\system32\dllcache\msoe.dll
2009-10-26 08:31:30 . 2008-04-11 19:04:32 691712 ------w- C:\WINDOWS\system32\dllcache\inetcomm.dll
2009-10-25 23:21:10 . 2008-10-15 16:36:15 337408 ------w- C:\WINDOWS\system32\dllcache\netapi32.dll
2009-10-25 23:20:18 . 2008-09-04 17:15:03 1106944 ------w- C:\WINDOWS\system32\dllcache\msxml3.dll
2009-10-25 23:10:44 . 2009-08-13 15:15:50 512000 ----a-w- C:\WINDOWS\system32\dllcache\jscript.dll
2009-10-25 23:02:28 . 2009-10-25 23:02:28 0 d-----w- C:\Programmi\Trend Micro
2009-10-25 22:52:02 . 2009-10-25 22:52:02 0 d-----w- C:\WINDOWS\system32\wbem\Repository
2009-10-25 21:53:30 . 2008-11-12 02:46:46 0 d-----w- C:\Documents and Settings\HelpAssistant\Bluetooth Software
2009-10-25 21:53:29 . 2009-10-25 22:21:52 0 d-----w- C:\Documents and Settings\HelpAssistant\Documenti
2009-10-25 21:53:29 . 2009-10-25 22:21:52 0 d-----w- C:\Documents and Settings\HelpAssistant\Dati applicazioni
2009-10-25 21:53:29 . 2009-10-25 22:21:51 0 d-----w- C:\Documents and Settings\HelpAssistant\Preferiti
2009-10-25 21:53:29 . 2009-10-25 22:21:51 0 d-----w- C:\Documents and Settings\HelpAssistant\Modelli
2009-10-25 21:53:29 . 2009-10-25 22:21:51 0 d-----w- C:\Documents and Settings\HelpAssistant\Impostazioni locali
2009-10-25 21:53:28 . 2009-10-25 22:21:54 0 d-s---w- C:\Documents and Settings\HelpAssistant
2009-10-19 20:46:34 . 2009-08-04 17:26:06 2148864 ------w- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2009-10-19 20:46:31 . 2009-08-04 17:26:09 2069760 ------w- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2009-10-19 20:46:31 . 2009-08-04 17:26:03 2027520 ------w- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2009-10-10 22:25:09 . 2009-10-25 22:25:49 0 d-----w- C:\Programmi\TVAnts
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-08 21:12:12 . 2009-11-04 12:02:50 41036 --sha-w- C:\WINDOWS\system32\drivers\fidbox.idx
2009-11-08 12:32:00 . 2008-11-12 02:52:55 0 d-----w- C:\Programmi\Java
2009-11-08 12:02:46 . 2008-06-26 08:00:04 560454 ----a-w- C:\WINDOWS\system32\perfh010.dat
2009-11-08 12:02:46 . 2008-06-26 08:00:04 108356 ----a-w- C:\WINDOWS\system32\perfc010.dat
2009-10-25 22:51:29 . 2009-07-16 21:13:43 0 d-----w- C:\Documents and Settings\All Users\Dati applicazioni\Skype
2009-10-25 22:51:28 . 2009-07-16 21:15:47 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\Skype
2009-10-25 22:51:28 . 2009-07-16 21:13:51 0 d-----w- C:\Programmi\Skype
2009-10-25 22:51:27 . 2009-07-16 21:25:21 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\VoipStunt
2009-10-25 22:50:30 . 2009-07-20 08:18:43 0 d-----w- C:\Programmi\Mozilla Firefox(2)
2009-10-25 22:49:51 . 2009-07-30 17:11:05 0 d-----w- C:\Programmi\Winamp
2009-10-25 22:49:51 . 2009-07-30 17:11:05 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\Winamp
2009-10-25 22:49:32 . 2009-08-04 20:34:21 0 d-----w- C:\Programmi\AviSynth 2.5
2009-10-25 22:44:53 . 2009-08-26 17:24:00 0 d-----w- C:\Programmi\WebSite X5 v8 - Evolution
2009-10-25 22:28:00 . 2009-10-05 20:40:33 0 d-----w- C:\Programmi\ASIO4ALL v2(2)
2009-10-25 22:27:45 . 2009-10-05 20:46:19 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\vlc
2009-10-08 13:57:22 . 2008-07-29 18:59:58 613888 ----a-w- C:\WINDOWS\system32\uiautomationcore.dll
2009-10-08 13:57:22 . 2008-04-15 04:00:00 23040 ----a-w- C:\WINDOWS\system32\oleaccrc.dll
2009-10-08 13:57:00 . 2008-04-15 04:00:00 220160 ----a-w- C:\WINDOWS\system32\oleacc.dll
2009-10-07 08:55:10 . 2009-07-29 11:57:17 394 ----a-w- C:\Documents and Settings\massimo\Dati applicazioni\wklnhst.dat
2009-10-05 20:44:45 . 2009-10-05 20:44:45 0 d-----w- C:\Programmi\VideoLAN
2009-10-05 20:31:52 . 2009-07-16 21:19:32 0 d-----w- C:\Documents and Settings\massimo\Dati applicazioni\skypePM
2009-09-27 11:45:44 . 2009-07-29 11:57:24 33408 ----a-w- C:\Documents and Settings\massimo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-16 02:20:50 . 2009-11-08 17:27:43 7383 ----a-w- C:\WINDOWS\system32\drivers\pctcore.cat
2009-09-15 05:20:46 . 2009-11-08 17:27:06 7383 ----a-w- C:\WINDOWS\system32\drivers\pctplsg.cat
2009-09-15 01:12:04 . 2009-11-08 17:27:43 7412 ----a-w- C:\WINDOWS\system32\drivers\PCTAppEvent.cat
2009-09-15 00:01:44 . 2009-11-08 17:28:06 7387 ----a-w- C:\WINDOWS\system32\drivers\pctgntdi.cat
2009-09-11 14:17:34 . 2008-04-15 04:00:00 136192 ----a-w- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 21:03:04 . 2008-04-15 04:00:00 58880 ----a-w- C:\WINDOWS\system32\msasn1.dll
2009-08-29 07:26:38 . 2007-08-14 00:54:10 832512 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-08-29 07:26:29 . 2008-04-15 04:00:00 17408 ----a-w- C:\WINDOWS\system32\corpol.dll
2009-08-26 08:00:31 . 2008-04-15 04:00:00 247326 ----a-w- C:\WINDOWS\system32\strmdll.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{472734EA-242A-422B-ADF8-83D1E48CC825}"= "C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 10:31:46 395216]
[HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{472734EA-242A-422B-ADF8-83D1E48CC825}"= "C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 10:31:46 395216]
[HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 13:46:46 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 13:46:46 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 13:46:18 131072]
"SynTPEnh"="C:\Programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 18:58:42 1343488]
"HP Mobile Broadband"="c:\SWsetup\HPQWWAN\HPMobileBroadband.exe" [2008-07-08 13:30:44 439600]
"hpWirelessAssistant"="C:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 13:51:00 488752]
"egui"="C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2008-10-08 07:46:42 1451264]
"ISTray"="C:\Programmi\Spyware Doctor\pctsTray.exe" [2009-09-22 16:11:32 1243088]
"IDTSysTrayApp"="sttray.exe" - C:\WINDOWS\sttray.exe [2008-08-30 00:03:24 442477]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-15 04:00:00 15360]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 604776]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 09:13:36 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21:42 548352 ----a-w- C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [08/11/2009 18.27.43 207280]
S0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [26/10/2009 12.13.42 28552]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\drivers\epfwtdir.sys [08/10/2008 8.50.14 34312]
S1 nod32drv;nod32drv;C:\WINDOWS\system32\drivers\nod32drv.sys --> C:\WINDOWS\system32\drivers\nod32drv.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Programmi\SUPERAntiSpyware\sasdifsv.sys [12/10/2009 21.24.54 9968]
S1 SASKUTIL;SASKUTIL;C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS [12/10/2009 21.24.52 74480]
S2 Browser Defender Update Service;Browser Defender Update Service;C:\Programmi\Spyware Doctor\BDT\BDTUpdateService.exe [08/11/2009 18.34.30 112592]
S2 ekrn;Eset Service;C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [08/10/2008 8.47.58 468224]
S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [15/04/2008 5.00.00 3584]
S2 sdAuxService;PC Tools Auxiliary Service;C:\Programmi\Spyware Doctor\pctsAuxs.exe [08/11/2009 18.26.33 358600]
S3 AESTAud;AE Audio Service;C:\WINDOWS\system32\drivers\AESTAud.sys [12/11/2008 3.43.55 112128]
S3 NDISKIO;NDISKIO;\??\C:\DOCUME~1\massimo\IMPOST~1\Temp\b52d5e4c.nmc\nse\bin\ndiskio.sys --> C:\DOCUME~1\massimo\IMPOST~1\Temp\b52d5e4c.nmc\nse\bin\ndiskio.sys [?]
S3 SASENUM;SASENUM;C:\Programmi\SUPERAntiSpyware\SASENUM.SYS [12/10/2009 21.24.56 7408]
S3 UnhookMBRS;UnhookMBRS;\??\C:\DOCUME~1\massimo\IMPOST~1\Temp\b52d5e4c.nmc\nse\bin\unhookmbrs.sys --> C:\DOCUME~1\massimo\IMPOST~1\Temp\b52d5e4c.nmc\nse\bin\unhookmbrs.sys [?]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/IE: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - C:\Documents and Settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\ljxunb94.default\
FF - component: C:\Documents and Settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\ljxunb94.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
FF - plugin: C:\Documents and Settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\ljxunb94.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
---- FIREFOX POLICIES ----
C:\Programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.