ComboFix 10-04-26.02 - Massimo 26/04/2010 20.25.25.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1023.376 [GMT 2:00]
Eseguito da: d:\windows-d\Desktop\maxim.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Internet Explorer.lnk
C:\VDM37A.tmp
C:\VDM37B.tmp
C:\VDM3CD.tmp
C:\VDM3CE.tmp
c:\windows\system32\AutoRun.inf
c:\windows\system32\netusdkoe.dll
.
((((((((((((((((((((((((( Files Creati Da 2010-03-26 al 2010-04-26 )))))))))))))))))))))))))))))))))))
.
2010-04-23 18:20 . 2010-04-23 18:24 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\QuickScan
2010-04-23 18:19 . 2010-04-13 13:58 670696 ----a-w- c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\x6x7ie14.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-04-23 18:19 . 2010-04-13 13:58 833960 ----a-w- c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\x6x7ie14.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-04-22 11:52 . 2010-04-22 11:52 242696 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgtdix.sys
2010-04-22 11:51 . 2010-04-22 11:51 1689952 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.dll
2010-04-08 10:32 . 2010-04-08 10:32 4255072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcorex.dll
2010-04-01 18:15 . 2010-04-01 18:15 598296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgsrmx.dll
2010-04-01 18:15 . 2010-04-01 18:15 459544 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcclix.dll
2010-04-01 18:15 . 2010-04-01 18:15 4076824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgui.exe
2010-04-01 18:15 . 2010-04-01 18:15 341272 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgxch32.dll
2010-04-01 18:15 . 2010-04-01 18:15 313112 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avglogx.dll
2010-04-01 18:15 . 2010-04-01 18:15 2059544 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgtray.exe
2010-04-01 18:15 . 2010-04-01 18:15 1598744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgssie.dll
2010-04-01 18:15 . 2010-04-01 18:15 1515224 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgwd.dll
2010-04-01 18:15 . 2010-04-01 18:15 1274136 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgfrw.exe
2010-04-01 18:15 . 2010-04-01 18:15 1086744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchsvx.exe
2010-04-01 18:15 . 2010-04-01 18:15 556824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchjwx.dll
2010-04-01 18:15 . 2010-04-01 18:15 301336 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchclx.dll
2010-04-01 18:14 . 2010-04-01 18:14 1035032 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-26 18:35 . 2009-12-25 00:06 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Skype
2010-04-26 18:22 . 2008-12-18 00:25 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\skypePM
2010-04-25 04:34 . 2004-06-22 16:05 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\ChessBase
2010-04-23 12:53 . 2009-11-19 14:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg9
2010-04-22 11:52 . 2009-11-19 14:57 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-17 18:14 . 2009-07-11 01:19 -------- d-----w- c:\programmi\Metin2_Italiano
2010-04-12 13:58 . 2006-09-18 18:25 75104 -c--a-w- c:\documents and settings\Massimo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-28 20:33 . 2002-09-13 14:49 82738 ----a-w- c:\windows\system32\perfc010.dat
2010-03-28 20:33 . 2002-09-13 14:49 468236 ----a-w- c:\windows\system32\perfh010.dat
2010-03-25 20:18 . 2009-06-17 09:57 -------- d-----w- c:\programmi\MetaTrader - ActivTrades
2010-03-24 01:45 . 2010-03-24 01:45 1 ----a-w- c:\documents and settings\Massimo\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-24 01:44 . 2010-03-24 01:44 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\OpenOffice.org
2010-03-23 19:38 . 2010-03-23 19:38 -------- d-----w- c:\programmi\File comuni\Macrovision Shared
2010-03-23 19:33 . 2006-09-19 23:52 -------- d-----w- c:\programmi\File comuni\Adobe
2010-03-18 18:00 . 2010-03-18 18:00 49152 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-03-18 18:00 . 2010-03-18 18:00 45056 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-03-18 18:00 . 2010-03-18 18:00 45056 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-03-18 18:00 . 2010-03-18 18:00 45056 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-03-18 18:00 . 2010-03-18 18:00 45056 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-03-18 18:00 . 2010-03-18 18:00 40960 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-03-18 18:00 . 2010-03-18 18:00 341600 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-03-18 18:00 . 2010-03-18 18:00 308808 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-03-18 18:00 . 2010-03-18 18:00 14848 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-03-18 18:00 . 2004-06-22 17:20 -------- d-----w- c:\programmi\File comuni\Real
2010-03-18 18:00 . 2004-06-22 17:20 -------- d-----w- c:\programmi\Real
2010-03-18 17:59 . 2010-03-18 17:59 -------- d-----w- c:\programmi\File comuni\xing shared
2010-03-18 17:59 . 2006-09-18 16:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-18 17:59 . 2006-09-18 16:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-12 17:46 . 2010-03-06 23:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\LogiShrd
2010-03-12 17:38 . 2010-03-05 09:59 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-03-12 17:38 . 2010-03-04 15:34 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-03-12 10:44 . 2010-03-12 10:44 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-12 10:44 . 2009-11-19 14:57 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-12 10:43 . 2009-11-19 14:57 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-11 10:31 . 2010-03-11 10:31 -------- d-----w- c:\programmi\File comuni\Skype
2010-03-06 22:52 . 2010-03-06 22:52 -------- d-----w- c:\documents and settings\Massimo\Dati applicazioni\Leadertech
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2010-03-09 26100520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-03-22 335872]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2004-06-14 286720]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-05-28 394240]
"hpqSRMon"="c:\programmi\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"Motive SmartBridge"="c:\progra~1\Alice ti aiuta\SmartBridge\MotiveSB.exe" [2006-04-21 438359]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-01-11 246504]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2010-03-18 202256]
"Acrobat Assistant 8.0"="c:\programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Adobe Reader Synchronizer.lnk - c:\programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-12-21 217088]
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe [2010-3-23 295606]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
DSLMON.lnk - c:\programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe [2006-9-18 917600]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-12 10:44 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BySoft FreeRAM"=c:\programmi\BySoft FreeRAM\FreeRAM.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\ChessBase\\ChessProgram8\\ChessProgram8.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Programmi\\NetMeeting\\conf.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19/11/2009 16.57.43 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19/11/2009 16.57.50 242896]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [12/03/2010 12.44.32 308064]
R2 FastPara;FastPara;c:\windows\system32\drivers\fastpara.sys [16/10/2006 13.26.36 4832]
R3 wdm_au8830;Aureal Vortex 8830 Audio Driver (WDM);c:\windows\system32\drivers\adm8830.sys [05/10/2001 14.13.46 702080]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06/03/2007 20.52.10 642560]
S1 PDIDRV;PDIDRV; [x]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [21/12/2009 17.51.20 8192]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [06/03/2007 21.02.45 223128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
2007-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
2010-04-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-57989841-299502267-839522115-1004.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-04-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-57989841-299502267-839522115-1004.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-04-26 c:\windows\Tasks\WebReg Deskjet F4100 series.job
- c:\programmi\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-11 19:27]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant =
hxxp://www.google.com/ieIE: Aggiungi a PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Massimo\Dati applicazioni\Mozilla\Firefox\Profiles\x6x7ie14.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.it/FF - prefs.js: keyword.URL -
hxxp://it.yhs.search.yahoo.com/avg/sear ... -web_it&p=FF - component: c:\programmi\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-AliceRE_McciTrayApp - c:\progra~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe
ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)
AddRemove-Disney's Extremely Goofy Skateboarding - c:\progra~2\DISNEY~1\EXTREM~1\DeIsL1.isu
AddRemove-{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F} - c:\programmi\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe-L0x10
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-26 20:34
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(692)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\antiwpa\antiwpa.dll
.
Ora fine scansione: 2010-04-26 20:40:08
ComboFix-quarantined-files.txt 2010-04-26 18:39
Pre-Run: 19.300.257.792 byte disponibili
Post-Run: 19.658.579.968 byte disponibili
- - End Of File - - 2C3EF61AC882501CF5766E6F3CB53EAE
Inviato: lun apr 26, 2010 6:24 pm![[ciao]](http://www.megalab.it/forum/images/smilies/Ciao.gif "Ciao")