ComboFix 09-04-25.A3 - Fabio 27/04/2009 14.56.39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1023.291 [GMT 2:00]
Eseguito da: c:\documents and settings\Fabio\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\qkauoqi.dat
c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\qkauoqi.exe
c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\qkauoqi_nav.dat
c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\qkauoqi_navps.dat
.
((((((((((((((((((((((((( Files Creati Da 2009-05-27 al 2009-4-27 )))))))))))))))))))))))))))))))))))
.
2009-04-15 17:54 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 17:54 . 2009-03-06 14:19 286208 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 17:54 . 2009-02-09 11:22 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 17:54 . 2009-02-09 10:51 734720 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 17:54 . 2009-02-09 10:51 683520 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 17:54 . 2009-02-09 10:51 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 17:54 . 2009-02-09 10:51 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 17:54 . 2009-02-09 10:51 736256 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 17:54 . 2009-02-09 10:51 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 17:53 . 2009-03-27 06:48 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 17:53 . 2008-04-21 21:14 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-11 08:03 . 2009-04-11 08:07 20 ----a-w c:\windows\hppsapp.INI
2009-04-09 09:06 . 2009-04-09 09:06 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-04-09 09:06 . 2009-04-27 09:05 -------- d-----w c:\documents and settings\Fabio\Dati applicazioni\skypePM
2009-04-09 09:06 . 2009-04-09 09:06 -------- d-----w c:\programmi\File comuni\Skype
2009-04-09 09:06 . 2009-04-09 09:06 -------- d-----r c:\programmi\Skype
2009-04-04 11:59 . 2009-04-04 11:59 -------- d-----w c:\documents and settings\Federica\Impostazioni locali\Dati applicazioni\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-27 13:01 . 2007-10-05 10:45 -------- d-----w c:\documents and settings\Fabio\Dati applicazioni\Skype
2009-04-27 12:12 . 2007-07-19 12:05 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\AntiVir PersonalEdition Classic
2009-04-27 10:46 . 2007-07-19 12:40 -------- d-----w c:\programmi\QuickTime
2009-04-27 10:45 . 2008-04-22 15:43 -------- d-----w c:\programmi\Microsoft LifeCam
2009-04-27 10:38 . 2007-09-04 13:49 133363 ----a-w C:\stub.log
2009-04-21 10:42 . 2008-05-22 22:02 -------- d-----w c:\documents and settings\Fabio\Dati applicazioni\Vso
2009-04-19 17:41 . 2008-06-12 10:06 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-04-17 14:02 . 2008-01-09 20:07 -------- d-----w c:\programmi\CCleaner
2009-04-16 20:06 . 2004-08-19 12:00 77640 ----a-w c:\windows\system32\perfc010.dat
2009-04-16 20:06 . 2004-08-19 12:00 456972 ----a-w c:\windows\system32\perfh010.dat
2009-04-16 12:27 . 2007-09-04 13:44 0 ----a-w C:\Log.txt
2009-04-15 18:51 . 2007-08-29 15:05 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-04-09 09:06 . 2007-10-05 10:44 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Skype
2009-04-03 19:31 . 2009-01-11 22:31 -------- d-----w c:\programmi\Thoosje Vista Sidebar
2009-03-31 19:47 . 2009-02-21 16:45 -------- d-----w c:\programmi\Windows Live Safety Center
2009-03-26 14:59 . 2009-03-26 14:59 -------- d-----w c:\documents and settings\Fiorenza\Dati applicazioni\Skype
2009-03-18 21:02 . 2007-10-03 13:16 0 ----a-w C:\ctapi_out_gr.txt
2009-03-06 14:19 . 2004-08-19 12:00 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2004-09-29 18:48 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-02 19:23 . 2009-03-02 14:44 -------- d-----w c:\programmi\vghd
2009-03-02 17:33 . 2009-03-02 17:33 -------- d-----w c:\programmi\Alwil Software
2009-03-02 16:53 . 2009-03-02 14:44 -------- d-----w c:\documents and settings\Fabio\Dati applicazioni\vghd
2009-03-02 16:16 . 2007-07-19 12:01 -------- d-----w c:\programmi\eMule
2009-03-02 14:45 . 2009-03-02 14:44 152904 ----a-w c:\windows\system32\vghd.scr
2009-02-26 22:05 . 2009-02-18 22:25 -------- d-----w c:\programmi\Microsoft Silverlight
2009-02-20 17:08 . 2004-08-19 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-20 15:15 . 2009-02-20 15:15 69288 ----a-w c:\documents and settings\Fiorenza\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-02-09 14:04 . 2004-08-19 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2004-08-19 15:34 2027520 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:22 . 2004-08-19 12:00 2148864 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:22 . 2004-08-19 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:51 . 2004-10-28 01:27 734720 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:51 . 2004-08-19 12:00 683520 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:51 . 2004-08-19 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:51 . 2004-08-19 12:00 736256 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 19:01 . 2009-02-06 19:01 308088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-19 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:57 . 2004-08-19 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-09-14 14:22 . 2007-07-22 19:16 69288 ----a-w c:\documents and settings\Federica\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2008-09-14 13:57 . 2007-07-19 11:49 69288 ----a-w c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2007-07-19 10:09 . 2007-07-19 10:09 134 ----a-w c:\documents and settings\Fabio\Impostazioni locali\Dati applicazioni\fusioncache.dat
2002-09-01 15:09 . 2008-01-11 16:39 427042 ----a-r c:\programmi\inutente.dxr
2002-09-01 15:09 . 2008-01-11 16:39 17444 ----a-r c:\programmi\utente.cxt
2002-09-01 15:02 . 2008-01-11 16:39 1816576 ----a-r c:\programmi\Amaldi_1.exe
2002-09-01 14:50 . 2008-01-11 16:39 99 ----a-r c:\programmi\Amaldi_1.ini
1998-02-09 23:49 . 2008-01-11 16:45 1932818 ---ha-w c:\programmi\TITOLI.CXT
1998-02-09 23:49 . 2008-01-11 16:44 16212 ---ha-w c:\programmi\START.DXR
1998-02-09 23:49 . 2008-01-11 16:44 641720 ---ha-w c:\programmi\STAMPA.DXR
1998-02-09 23:49 . 2008-01-11 16:44 9758 ---ha-w c:\programmi\SCRIP.CXT
1998-02-09 23:49 . 2008-01-11 16:44 64988 ---ha-w c:\programmi\PANELES.DXR
1998-02-09 23:48 . 2008-01-11 16:44 72174 ---ha-w c:\programmi\PANELCTR.DXR
1998-02-09 23:48 . 2008-01-11 16:44 445894 ---ha-w c:\programmi\PAGELLA.DXR
1998-02-09 23:48 . 2008-01-11 16:44 90908 ---ha-w c:\programmi\MENU.DXR
1998-02-09 23:48 . 2008-01-11 16:39 233364 ---ha-w c:\programmi\LEZCTR.CXT
1998-02-09 23:48 . 2008-01-11 16:39 156826 ---ha-w c:\programmi\INTRO.DXR
1998-02-09 23:48 . 2008-01-11 16:39 852850 ---ha-w c:\programmi\GUIDA.DXR
1998-02-09 23:48 . 2008-01-11 16:39 248360 ---ha-w c:\programmi\GRAPH.CXT
1998-02-09 23:48 . 2008-01-11 16:39 1504544 ---ha-w c:\programmi\GLOSSARIO.DXR
1998-02-09 23:48 . 2008-01-11 16:39 566570 ---ha-w c:\programmi\CREDITI.DXR
2008-03-20 13:2008-03-31 07:59 09:00 . c:\programmi\mozilla firefox\plugins\pthreadVC2.dll
2008-03-20 13:2008-03-31 07:59 09:00 . c:\programmi\mozilla firefox\plugins\RineraProxy.dll
2008-09-14 14:19 . 2008-09-14 14:19 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008091420080915\index.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"AdobeUpdater"="c:\programmi\File comuni\Adobe\Updater5\AdobeUpdater.exe" [2008-11-07 2356088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-12-26 136600]
"SoundMAXPnP"="c:\programmi\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"CnxTrApp"="c:\programmi\Pirelli\Access Gateway USB Network\CnxTrApp.dll" [2004-04-20 247296]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-07 344064]
"avgnt"="c:\programmi\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-06-29 286720]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Update 3400C"="c:\programmi\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\update.exe" [2001-12-18 28672]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"LifeCam"="c:\programmi\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Federica\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
c:\documents and settings\Fabio\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
Thoosje Sidebar.lnk - c:\programmi\Thoosje Vista Sidebar\Thoosje Sidebar.exe [2008-8-18 605696]
TimeLeft.lnk - c:\programmi\TimeLeft3\TimeLeft.exe [2007-8-3 1035064]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\Belkin\Software Bluetooth\BTTray.exe [2005-8-24 577597]
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2007-7-19 118784]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\
0OODBS
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 SeaPort;SeaPort;c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
.
Contenuto della cartella 'Scheduled Tasks'
2009-04-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKCU-Run-wyuesgo - c:\documents and settings\fabio\impostazioni locali\dati applicazioni\wyuesgo.exe
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\Belkin\Software Bluetooth\btsendto_ie_ctx.htm
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Fabio\Dati applicazioni\Mozilla\Firefox\Profiles\a0prdsb4.Fabio\
FF - prefs.js: browser.search.defaulturl -
hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.startup.homepage -
hxxp://www.google.itFF - prefs.js: network.proxy.type - 4
FF - component: c:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Fabio\Dati applicazioni\Mozilla\Firefox\Profiles\a0prdsb4.Fabio\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\nprinera-1.4.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\nprinera.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-04-27 15:01
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1177238915-436374069-725345543-1005\RemoteAccess\Profile\x *]
"EnableAutodisconnect"=dword:00000001
"EnableExitDisconnect"=dword:00000001
"DisconnectIdleTime"=dword:00000014
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="E24AB71CE8C9DFFCA70F224378D7A20F873B860207A5BA6D6B33CA6CFE809D2AC98CCB8394AD65B6104152D8D820B0C7E6E9D43F27C34CD7438F0D115DCBB0ACC4075F7C61A2D0EEE660FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5C5D575E7D6A3B98088EDD5E5BE2F6E667FD622F5E48D1ADFC2849F9FE79CC9D4C9AAB239BB4C3A6BE245719EA61DB337C1DC6D2D5DCB1DE63D1F356E1436EAAF3303B17248F757ED24F4D1A49829DF3D347B0EF2DE7797A9A4D577D7E1B3A49C7B1BD9179650D9CB99C1E5328ADA0C9D8A9B3F43F72AC1BF4C58FBE03968906B966F66839FBDB25A590D5BEB5F4D30E9CA9459FEDFAEF70871C9BBF2041DB847F4F8EC4088ADCCE8D67652CA7DB472EF9DEBD841E730CBA2BE5DBF80C1AD4FD121B8F248ABD2AE82C0E213CB4DBAFAA0C135B8B374171D27D6A19370094BA3B33B069D8EC3583D001A741E79762E51932473E6FA63FB0A05F26FB9A3A97F91E61296F09DC84CCFB500AE1791050672391AF6D425CBAFEA274CA92997BFE9E18E351592E0EB48EF12041040F63FA558692B1D1654EF5B7EC293CD07B0A185DB0C5ACC216B640F4D0BB0B8B9B58ABF293606AB89173A657A428920D5DAFA68C82D3EE2B61901ACEC632D942673A9DAA306C29D2D24AF70103E31B8030B9E0273FA183F488DBA211995753520B598388546971B609510779D710D44AB87AF34DA705056852D934D32142D34EF58803BE0F507ADC668F66AB8527776C8FC6FCBF14174730DED11AD1C9CC6928EB20B32080DD2FA2758C1CA48165E74D21F88FE770B6CE5D9D0E94EA9317D43B037C2328DE11304A8F54211855CCC4B7AFEDB3CDBA065660D6DDD7A492058EC1A57B51F1F2ADD078E5F8E359A0A15E5A4E08E223866B4A14A2138BA4EFBB405C9202343E193D98B67A8D476496EE38C7672C8C397C104CB16F05CB38E629C9905EF6B5F2C40C43F2A7ABA0557BFE0C74B5C4940756E3B259FE0FA85048F93CC56CC53219F8A8BEFE17EF3AEF29E446BCCCBF50276318060E670EA6FEF622DDC8FA60795C50E8308EC9FA5218907586DE8E8D8D59082204B71266BCFB6ED8AAC997B7528EF664EFBC137119D9B149A2FB352508803A3D1E21BBFC5825B71ACEDDA344F4A4AF7607051B7B3862A4BE221CCD7E75238666FAF9F7BD58F8F4A3AF7C57828EB6CEBFB64B5D46460312754128B7197B6C0BE07255AB97909BD9F8E202BDF13F82BDA4F153290353B1B7D3F1EFA875B52CFB32142B11FBCAD42FE232AF35159E68F9CDE0C5A264DF876A03D7A5AA99B1D220259ED6B5E14010CF691C2A70F4326D1526DE32C22664440FEECA5E988EF47853488A987A44245F2EDE5378F49BF9BA34DE7A885282484A"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2009-04-27 15.03.11
ComboFix-quarantined-files.txt 2009-04-27 13:03
Pre-Run: 68.172.402.688 byte disponibili
Post-Run: 68.611.989.504 byte disponibili
217 --- E O F --- 2009-04-15 18:54