ciao... fatto! .. e ora?
ComboFix 09-11-20.01 - Lidia 20/11/2009 21.26.46.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.1976.998 [GMT 1:00]
Eseguito da: c:\users\Lidia\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2332782303-2793821225-480717067-500
c:\users\Lidia\AppData\Roaming\Desktopicon
c:\users\Lidia\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\windows\system32\drivers\pciide.sys
.
((((((((((((((((((((((((( Files Creati Da 2009-10-20 al 2009-11-20 )))))))))))))))))))))))))))))))))))
.
2009-11-20 20:38 . 2009-11-20 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-20 17:22 . 2009-11-12 18:11 497944 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll
2009-11-20 17:22 . 2009-11-12 18:11 3963648 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2009-11-20 17:21 . 2009-11-10 11:53 1657112 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2009-11-20 17:21 . 2009-11-09 19:18 877848 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2009-11-16 20:40 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-16 20:40 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-12 16:41 . 2009-11-16 21:03 4096 d-----w- c:\program files\Microsoft Silverlight
2009-11-12 16:39 . 2009-11-12 16:39 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-11-12 16:35 . 2009-11-12 16:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-12 16:34 . 2009-11-12 16:40 -------- d-----w- c:\program files\Microsoft
2009-11-09 19:18 . 2009-11-09 19:21 -------- d-----w- C:\$AVG
2009-11-09 19:18 . 2009-11-09 19:18 4096 d-----w- c:\programdata\avg9
2009-10-30 14:40 . 2009-10-30 14:40 -------- d-----w- c:\program files\Windows Portable Devices
2009-10-30 14:38 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-10-30 14:38 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-10-30 14:38 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-10-30 14:36 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-30 14:36 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-30 14:36 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-30 14:36 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-30 14:36 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-30 14:36 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-30 14:36 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-30 14:36 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-30 14:36 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-30 14:36 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-30 14:36 . 2009-10-01 01:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-30 14:36 . 2009-10-01 01:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-30 14:36 . 2009-10-01 01:01 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-10-30 14:35 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-30 14:35 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-30 14:35 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-30 14:27 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-30 14:27 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-29 12:54 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-29 12:54 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-29 12:54 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-29 12:54 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-29 12:53 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-29 12:53 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-29 12:53 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-29 12:53 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-29 12:53 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-25 21:04 . 2009-10-25 21:00 24419312 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_it.exe
2009-10-25 21:02 . 2009-10-25 21:02 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-10-25 21:02 . 2009-10-25 21:02 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-10-25 21:02 . 2009-10-25 21:02 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-10-25 21:02 . 2009-10-25 21:02 -------- d-----w- c:\programdata\Installations
2009-10-23 19:01 . 2009-10-23 19:12 4096 d-----w- c:\program files\Unlocker
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-20 19:58 . 2009-02-26 15:28 4096 d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-20 19:26 . 2009-09-01 11:52 0 ----a-w- c:\users\Lidia\AppData\Local\prvlcl.dat
2009-11-16 21:01 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-16 20:53 . 2008-05-26 00:26 12288 d-----w- c:\programdata\Microsoft Help
2009-11-16 19:38 . 2009-02-26 15:28 8192 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-16 19:15 . 2008-05-26 10:18 725150 ----a-w- c:\windows\system32\perfh010.dat
2009-11-16 19:15 . 2008-05-26 10:18 144756 ----a-w- c:\windows\system32\perfc010.dat
2009-11-12 16:38 . 2009-02-27 19:59 4096 d-----w- c:\program files\Windows Live
2009-11-10 11:55 . 2009-03-27 20:08 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-09 19:18 . 2009-03-27 20:08 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-09 19:18 . 2009-03-27 20:08 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-09 19:18 . 2009-03-27 20:08 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-09 19:18 . 2009-02-27 15:28 -------- d-----w- c:\program files\AVG
2009-11-05 15:01 . 2009-03-10 21:52 4096 d-----w- c:\program files\Coloring Book Painter
2009-11-05 15:01 . 2009-11-05 15:01 147456 ------w- c:\windows\Setup1.exe
2009-11-05 15:01 . 2009-11-05 15:01 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-05 14:59 . 2009-02-28 21:46 -------- d-----w- c:\program files\McAfee
2009-11-04 20:47 . 2009-02-26 11:50 952 --sha-w- c:\programdata\KGyGaAvL.sys
2009-11-04 20:47 . 2009-02-26 11:50 952 --sha-w- c:\programdata\KGyGaAvL.sys
2009-11-02 19:42 . 2009-10-12 19:09 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-30 20:47 . 2009-03-20 17:17 4096 d-----w- c:\program files\Burraconline
2009-10-30 14:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-30 14:40 . 2009-10-30 14:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-30 14:39 . 2009-10-30 14:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-25 21:05 . 2009-10-08 17:40 -------- d-----w- c:\program files\Nokia
2009-10-25 21:04 . 2009-10-08 17:31 4096 d-----w- c:\program files\Common Files\Nokia
2009-10-16 18:38 . 2008-05-26 00:32 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-16 17:34 . 2009-10-04 14:58 4096 d-----w- c:\program files\Microsoft Works
2009-10-13 11:33 . 2009-02-26 11:12 104560 ----a-w- c:\users\Lidia\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-12 14:36 . 2009-10-08 17:48 -------- d-----w- c:\programdata\PC Suite
2009-10-11 13:55 . 2009-10-11 13:55 -------- d-----w- c:\programdata\Nokia
2009-10-08 17:57 . 2009-10-08 17:48 -------- d-----w- c:\users\Lidia\AppData\Roaming\PC Suite
2009-10-08 17:49 . 2009-10-08 17:49 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-10-08 17:47 . 2009-10-08 17:47 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-10-08 17:46 . 2009-10-08 17:46 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-10-08 17:44 . 2009-10-08 17:44 -------- d-----w- c:\users\Lidia\AppData\Roaming\Nokia
2009-10-08 17:39 . 2009-10-08 17:39 51534 ----a-w- c:\windows\inf\Nokia Music\0010\tmp1277.tmp
2009-10-08 17:39 . 2009-10-08 17:39 51534 ----a-w- c:\windows\inf\Nokia Music\0009\tmp1277.tmp
2009-10-08 17:39 . 2009-10-08 17:39 51534 ----a-w- c:\windows\inf\Nokia Music\0000\tmp1277.tmp
2009-10-08 17:39 . 2009-10-08 17:39 1593 ----a-w- c:\windows\inf\Nokia Music\tmp1278.tmp
2009-10-08 17:36 . 2009-10-08 17:36 -------- d-----w- c:\programdata\NokiaMusic
2009-10-08 17:35 . 2008-05-26 00:36 4096 d-----w- c:\program files\Common Files\muvee Technologies
2009-10-08 17:29 . 2009-10-08 17:29 -------- d-----w- c:\program files\DIFX
2009-10-04 14:57 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-10-04 14:55 . 2008-05-26 00:28 -------- d-----w- c:\program files\Microsoft.NET
2009-10-04 14:51 . 2009-10-04 14:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-10-01 01:02 . 2009-10-30 14:37 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-30 14:37 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-30 14:37 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-10-30 14:37 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-30 14:37 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-30 14:37 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-30 14:37 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-30 14:37 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-30 14:37 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-30 14:37 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-30 14:37 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-30 14:37 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-30 14:37 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-30 14:37 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-30 14:37 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-30 14:37 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-30 14:37 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-30 14:37 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-30 14:37 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-30 14:37 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-30 14:37 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-30 14:37 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-10-30 14:37 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-10-30 14:37 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-30 14:37 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-30 14:37 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-30 14:37 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-10-30 14:37 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-10-30 14:37 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-10-30 14:37 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-09-14 09:29 . 2009-10-16 16:09 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-10 16:48 . 2009-10-16 16:11 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 16:43 . 2009-09-10 16:43 471664 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE512.tmp.exe
2009-09-04 11:41 . 2009-10-16 16:10 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 00:27 . 2009-09-02 18:50 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 18:50 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-16 16:31 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-16 16:31 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 05:17 . 2009-10-16 16:31 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 03:42 . 2009-10-16 16:31 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-03 22:11 . 2009-04-03 22:14 812344 ----a-w- c:\program files\HJTInstall.exe
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-11-27 07:42 . 2008-11-27 07:42 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-26 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-16 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-16 145944]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-01-25 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-02-26 24064]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Nokia FastStart"="d:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-12 2020120]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e0,7b,b0,34,ba,21,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2332782303-2793821225-480717067-1003]
"EnableNotificationsRef"=dword:00000001
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [27/03/2009 21.08.17 333192]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [27/03/2009 21.08.22 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [09/11/2009 20.18.04 285392]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 12.11.14 16384]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [26/05/2008 1.42.31 24576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [28/02/2009 22.46.16 92296]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 21.42.24 50424]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 20.09.28 11032]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [26/02/2009 16.28.07 1153368]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28/03/2008 12.44.56 210432]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [27/11/2008 8.40.28 112128]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [15/04/2008 19.13.14 51160]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [08/04/2008 19.46.02 43736]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 2.03.14 131072]
S3 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 3.33.13 21504]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26/02/2009 12.10.14 24064]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19/03/2009 14.48.18 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19/03/2009 14.48.12 8320]
S3 Partner Service;Partner Service;c:\programdata\Partner\partner.exe [26/02/2009 12.10.46 110576]
S3 TpChoice;Touch Pad Detection Filter driver;c:\windows\System32\drivers\TpChoice.sys [14/05/2008 8.42.02 17968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://google.it/mStart Page =
hxxp://homepage.acer.com/rdr.aspx?b=ACA ... tensa_5230IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\program files\PokerStars.IT\PokerStarsUpdate.exe
FF - ProfilePath - c:\users\Lidia\AppData\Roaming\Mozilla\Firefox\Profiles\bpfhwxzr.default\
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-eRecoveryService - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-20 21:38
Windows 6.0.6002 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2009-11-20 21:42
ComboFix-quarantined-files.txt 2009-11-20 20:42
Pre-Run: 37.460.803.584 byte disponibili
Post-Run: 37.174.231.040 byte disponibili
- - End Of File - - 0F7A059D433FDD329C91D6EC6AEB88B8