ComboFix 09-11-20.01 - ____neo____ 20/11/2009 19.06.23.3.2 - x86
Microsoft Windows XP Professional  5.1.2600.2.1252.39.1040.18.3582.3154 [GMT 1:00]
Eseguito da: c:\documents and settings\____neo____\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\pciide.sys
c:\windows\system32\kernel1.exe
c:\windows\system32\lsprst7.dll
c:\windows\system32\tmpPrst.dll
c:\windows\System32\Drivers\xmasscsi.sys . . . è infetto!!
.
(((((((((((((((((((((((((   Files Creati Da 2009-10-20 al 2009-11-20  )))))))))))))))))))))))))))))))))))
.
2009-11-20 17:58 . 2004-08-30 20:00	95360	-c--a-w-	c:\windows\system32\dllcache\atapi.sys
2009-11-20 17:58 . 2004-08-30 20:00	95360	----a-w-	c:\windows\system32\drivers\atapi.sys
2009-11-20 17:55 . 2009-11-20 17:55	397824	----a-w-	c:\windows\system32\CF30899.exe
2009-11-20 15:40 . 2009-11-20 15:40	--------	d-----w-	c:\documents and settings\____neo____\DoctorWeb
2009-11-20 15:11 . 2009-11-20 15:11	77312	----a-w-	C:\mbr.exe
2009-11-19 22:53 . 2008-04-13 16:26	36396	----a-w-	c:\documents and settings\____neo____\Dati applicazioni\BSplayer PRO\AC3 Filter\uninstall.exe
2009-11-19 22:53 . 2007-08-18 08:54	20480	----a-w-	c:\documents and settings\____neo____\Dati applicazioni\BSplayer PRO\AC3 Filter\ac3config.exe
2009-11-19 22:53 . 2007-08-18 08:53	16384	----a-w-	c:\documents and settings\____neo____\Dati applicazioni\BSplayer PRO\AC3 Filter\dialog_patch.exe
2009-11-19 22:53 . 2007-07-05 02:33	892928	----a-w-	c:\documents and settings\____neo____\Dati applicazioni\BSplayer PRO\AC3 Filter\iconv.dll
2009-11-19 19:24 . 2009-11-20 15:05	--------	d-----w-	c:\documents and settings\____neo____\Impostazioni locali\Dati applicazioni\BS_Player
2009-11-19 19:24 . 2009-11-19 19:25	--------	d-----w-	c:\programmi\BS_Player
2009-11-18 16:53 . 2009-11-18 16:53	--------	d--h--w-	c:\windows\system32\GroupPolicy
2009-11-18 14:46 . 2009-11-18 15:39	--------	d-----w-	c:\documents and settings\____neo____\Dati applicazioni\Skype
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-20 18:13 . 2008-10-10 17:37	8144	--sha-w-	c:\windows\system32\drivers\fidbox2.idx
2009-11-20 18:13 . 2008-10-10 17:37	16464928	--sha-w-	c:\windows\system32\drivers\fidbox.dat
2009-11-20 18:13 . 2008-10-10 17:37	132856	--sha-w-	c:\windows\system32\drivers\fidbox.idx
2009-11-20 18:13 . 2008-10-10 17:37	1146912	--sha-w-	c:\windows\system32\drivers\fidbox2.dat
2009-11-20 17:55 . 2009-03-11 01:47	--------	d-----w-	c:\documents and settings\____neo____\Dati applicazioni\TeraCopy
2009-11-20 17:52 . 2008-10-10 17:37	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-11-20 17:36 . 2008-10-10 20:05	--------	d-----w-	c:\programmi\eMule
2009-11-20 10:28 . 2009-01-07 21:44	--------	d-----w-	c:\programmi\Mozilla Thunderbird
2009-11-19 22:53 . 2008-10-11 00:10	--------	d-----w-	c:\documents and settings\____neo____\Dati applicazioni\BSplayer PRO
2009-11-19 19:24 . 2008-10-11 00:10	--------	d-----w-	c:\programmi\Webteh
2009-11-18 14:15 . 2008-10-10 18:37	--------	d-----w-	c:\documents and settings\____neo____\Dati applicazioni\phonostar-Player
2009-11-07 14:44 . 2008-10-15 09:49	810208	----a-w-	c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-11-04 00:17 . 2009-05-01 23:42	64	----a-w-	c:\windows\msi.bat
2009-10-28 22:12 . 2004-08-30 20:00	79688	----a-w-	c:\windows\system32\perfc010.dat
2009-10-28 22:12 . 2004-08-30 20:00	479368	----a-w-	c:\windows\system32\perfh010.dat
2009-10-23 21:36 . 2008-10-11 00:05	--------	d-----w-	c:\programmi\DivX
2009-10-23 21:35 . 2009-04-08 12:39	--------	d-----w-	c:\programmi\File comuni\DivX Shared
2009-10-21 16:49 . 2008-10-10 17:38	95259	----a-w-	c:\windows\system32\drivers\klick.dat
2009-10-21 16:49 . 2008-10-10 17:38	108059	----a-w-	c:\windows\system32\drivers\klin.dat
2009-10-06 16:34 . 2009-10-06 16:34	--------	d-----w-	c:\programmi\Electronic Arts
2009-10-06 16:32 . 2009-10-06 16:32	--------	d-----w-	c:\programmi\AGEIA Technologies
2009-10-06 16:20 . 2008-10-29 19:13	--------	d-----w-	c:\programmi\EA GAMES
2009-09-25 16:41 . 2009-09-25 16:41	856064	----a-w-	c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41 . 2009-09-25 16:41	856064	----a-w-	c:\windows\system32\divx_xx07.dll
2009-09-25 16:41 . 2009-09-25 16:41	847872	----a-w-	c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41 . 2009-09-25 16:41	843776	----a-w-	c:\windows\system32\divx_xx16.dll
2009-09-25 16:41 . 2009-09-25 16:41	839680	----a-w-	c:\windows\system32\divx_xx11.dll
2009-09-25 16:41 . 2009-09-25 16:41	696320	----a-w-	c:\windows\system32\DivX.dll
2009-09-19 12:57 . 2009-04-04 22:18	120	----a-w-	C:\drmHeader.bin
2009-09-15 17:25 . 2009-06-25 22:42	253952	------w-	c:\windows\Setup1.exe
2009-09-15 17:25 . 2009-06-25 22:42	74752	----a-w-	c:\windows\ST6UNST.EXE
2009-09-10 12:33 . 2009-09-10 12:33	20299296	----a-w-	c:\documents and settings\____neo____\Dati applicazioni\TomTom\HOME\Profiles\a5buapza.default\Updates\v2_7_2_1825_win.exe
2009-03-05 17:31 . 2009-03-05 17:31	36868	----a-w-	c:\programmi\uninst-Particular.exe
2009-01-25 12:57 . 2009-01-25 12:57	28672	----a-w-	c:\programmi\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2009-09-25 16:41 . 2009-09-25 16:41	1044480	----a-w-	c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41	200704	----a-w-	c:\programmi\mozilla firefox\plugins\ssldivx.dll
2004-03-01 15:41 . 2008-10-10 16:39	160325	--sha-w-	c:\windows\Resources\Themes\DameK UltraBlue\irunin.dat
.
(((((((((((((((((((((((((((((   SnapShot@2009-05-20_10.08.52   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-20 18:14 . 2009-11-20 18:14	16384              c:\windows\Temp\Perflib_Perfdata_1d0.dat
+ 2009-10-06 16:34 . 2009-03-16 12:18	69448              c:\windows\system32\XAPOFX1_3.dll
+ 2009-10-06 16:34 . 2008-10-15 05:03	70992              c:\windows\system32\XAPOFX1_2.dll
+ 2009-10-06 16:34 . 2008-07-30 04:20	68616              c:\windows\system32\XAPOFX1_1.dll
+ 2009-10-06 16:34 . 2008-05-30 12:17	65032              c:\windows\system32\XAPOFX1_0.dll
+ 2009-10-06 16:34 . 2009-03-16 12:18	22360              c:\windows\system32\X3DAudio1_6.dll
+ 2009-10-06 16:34 . 2008-10-15 05:03	23376              c:\windows\system32\X3DAudio1_5.dll
+ 2009-10-06 16:34 . 2008-05-30 12:17	25608              c:\windows\system32\X3DAudio1_4.dll
+ 2009-07-20 07:34 . 2009-07-20 07:34	70936              c:\windows\system32\PhysXLoader.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	24344              c:\windows\system32\PhysXDevice.dll
- 2004-08-30 20:00 . 2009-04-03 08:22	67560              c:\windows\system32\perfc009.dat
+ 2004-08-30 20:00 . 2009-10-28 22:12	67560              c:\windows\system32\perfc009.dat
- 2008-10-10 13:37 . 2009-03-23 00:17	84661              c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-10-10 13:37 . 2009-09-07 15:53	84661              c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 1998-07-05 21:00 . 1998-07-05 21:00	33792              c:\windows\system32\CMDLGDE.DLL
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelTraditionalChinese.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelSwedish.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelSpanish.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelSimplifiedChinese.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelPortugese.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelKorean.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelJapanese.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelGerman.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	58648              c:\windows\system32\AgCPanelFrench.dll
+ 2008-01-21 19:01 . 2008-01-21 19:01	25088              c:\windows\Installer\cfd88f.msp
+ 2008-01-21 18:58 . 2008-01-21 18:58	51712              c:\windows\Installer\cfd88c.msp
+ 2008-01-21 15:33 . 2008-01-21 15:33	22016              c:\windows\Installer\cfd863.msp
+ 2007-11-08 01:28 . 2007-11-08 01:28	22016              c:\windows\Installer\ce0a80.msp
+ 2007-11-08 01:32 . 2007-11-08 01:32	74240              c:\windows\Installer\ce0a7c.msp
+ 2007-11-08 01:21 . 2007-11-08 01:21	24576              c:\windows\Installer\ce0a79.msp
+ 2008-10-15 09:22 . 2008-10-15 09:22	86528              c:\windows\Installer\472ab.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	48128              c:\windows\Installer\21a8312.msi
+ 2009-03-05 11:58 . 2009-03-05 11:58	23552              c:\windows\Installer\14f37e.msi
+ 2009-03-05 11:56 . 2009-03-05 11:56	26112              c:\windows\Installer\14f33c.msi
- 2009-01-11 16:55 . 2009-01-11 16:55	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-02-09 01:49 . 2009-02-09 01:49	2048              c:\windows\system32\sysprs7.dll
+ 2004-08-30 20:00 . 2001-08-30 20:54	3328              c:\windows\system32\dllcache\pciide.sys
+ 2009-07-11 23:12 . 2009-07-11 23:12	632656              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09	554832              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08	479232              c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2009-10-06 16:34 . 2009-03-16 12:18	517448              c:\windows\system32\XAudio2_4.dll
+ 2009-10-06 16:34 . 2008-10-15 05:03	514384              c:\windows\system32\XAudio2_3.dll
+ 2009-10-06 16:34 . 2008-07-30 04:20	509448              c:\windows\system32\XAudio2_2.dll
+ 2009-10-06 16:34 . 2008-05-30 12:19	507400              c:\windows\system32\XAudio2_1.dll
+ 2009-10-06 16:34 . 2009-03-16 12:18	235352              c:\windows\system32\xactengine3_4.dll
+ 2009-10-06 16:34 . 2008-10-15 05:03	235856              c:\windows\system32\xactengine3_3.dll
+ 2009-10-06 16:34 . 2008-07-30 04:20	238088              c:\windows\system32\xactengine3_2.dll
+ 2009-10-06 16:34 . 2008-05-30 12:18	238088              c:\windows\system32\xactengine3_1.dll
+ 2001-06-17 23:00 . 2001-06-17 23:00	101888              c:\windows\system32\VB6STKIT.DLL
+ 2000-10-02 07:27 . 2000-10-02 07:27	125712              c:\windows\system32\vb6de.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	197912              c:\windows\system32\physxcudart_20.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	288024              c:\windows\system32\PhysXCplUI.exe
+ 2009-06-19 18:06 . 2009-06-19 18:06	288024              c:\windows\system32\PhysXCompatCplUI.exe
+ 2004-08-30 20:00 . 2009-10-28 22:12	432856              c:\windows\system32\perfh009.dat
- 2004-08-30 20:00 . 2009-04-03 08:22	432856              c:\windows\system32\perfh009.dat
+ 2001-04-29 14:04 . 2001-04-29 14:04	158208              c:\windows\system32\MSCMCDE.DLL
+ 2009-07-18 03:21 . 2009-07-18 03:21	257440              c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-10-06 16:34 . 2009-03-09 13:27	453456              c:\windows\system32\d3dx10_41.dll
+ 2009-10-06 16:34 . 2008-10-15 04:22	452440              c:\windows\system32\d3dx10_40.dll
+ 2009-10-06 16:34 . 2008-07-10 09:01	467984              c:\windows\system32\d3dx10_39.dll
+ 2009-10-06 16:34 . 2008-05-30 12:11	467984              c:\windows\system32\d3dx10_38.dll
+ 2009-06-19 18:06 . 2009-06-19 18:06	116977              c:\windows\system32\AGEIA\AG1021\diag.bin
+ 2009-06-19 18:06 . 2009-06-19 18:06	214629              c:\windows\system32\AGEIA\AG1021\app.bin
+ 2009-06-19 18:06 . 2009-06-19 18:06	119473              c:\windows\system32\AGEIA\AG1011\diag.bin
+ 2009-06-19 18:06 . 2009-06-19 18:06	199885              c:\windows\system32\AGEIA\AG1011\app.bin
+ 2009-04-03 12:06 . 2009-04-03 12:06	634368              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vs_setup.msi
+ 2007-12-29 23:34 . 2007-12-29 23:34	432640              c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - ita\vs_setup.msi
+ 2008-12-25 20:00 . 2008-12-25 20:00	167424              c:\windows\Installer\f2c7b.msi
+ 2009-04-03 12:08 . 2009-04-03 12:08	428544              c:\windows\Installer\cfd8cc.msi
+ 2008-01-21 18:07 . 2008-01-21 18:07	164352              c:\windows\Installer\cfd891.msp
+ 2008-01-21 17:42 . 2008-01-21 17:42	117760              c:\windows\Installer\cfd890.msp
+ 2008-01-21 18:22 . 2008-01-21 18:22	145408              c:\windows\Installer\cfd88e.msp
+ 2008-01-21 18:53 . 2008-01-21 18:53	306688              c:\windows\Installer\cfd88d.msp
+ 2008-01-21 17:58 . 2008-01-21 17:58	719872              c:\windows\Installer\cfd88b.msp
+ 2008-01-21 15:43 . 2008-01-21 15:43	459264              c:\windows\Installer\cfd867.msp
+ 2008-01-21 15:36 . 2008-01-21 15:36	708608              c:\windows\Installer\cfd866.msp
+ 2008-01-21 15:30 . 2008-01-21 15:30	247808              c:\windows\Installer\cfd865.msp
+ 2008-01-21 15:39 . 2008-01-21 15:39	689664              c:\windows\Installer\cfd864.msp
+ 2009-04-03 12:08 . 2009-04-03 12:08	101376              c:\windows\Installer\cfd862.msi
+ 2009-04-03 12:06 . 2009-04-03 12:06	630272              c:\windows\Installer\cf306d.msi
+ 2007-11-08 01:34 . 2007-11-08 01:34	273920              c:\windows\Installer\ce0a7d.msp
+ 2009-04-03 12:06 . 2009-04-03 12:06	348160              c:\windows\Installer\ce0a76.msi
+ 2009-04-30 22:15 . 2009-04-30 22:15	836096              c:\windows\Installer\cb69ff8.msi
+ 2009-02-09 01:47 . 2009-02-09 01:47	911872              c:\windows\Installer\c3a6e15.msi
+ 2009-10-23 21:35 . 2009-10-23 21:35	169472              c:\windows\Installer\b67d5f1.msi
+ 2008-10-10 15:43 . 2008-10-10 15:43	954368              c:\windows\Installer\a54789.msi
+ 2008-10-15 11:39 . 2008-10-15 11:39	905728              c:\windows\Installer\7dfded.msi
+ 2008-10-15 09:23 . 2008-10-15 09:23	867840              c:\windows\Installer\67a30.msi
+ 2007-11-07 13:07 . 2007-11-07 13:07	999936              c:\windows\Installer\472b4.msp
+ 2007-11-07 12:56 . 2007-11-07 12:56	553472              c:\windows\Installer\472b1.msp
+ 2007-11-07 12:58 . 2007-11-07 12:58	908800              c:\windows\Installer\472ad.msp
+ 2007-11-07 12:54 . 2007-11-07 12:54	507392              c:\windows\Installer\472ac.msp
+ 2008-10-15 09:20 . 2008-10-15 09:20	331264              c:\windows\Installer\4131d.msi
+ 2008-10-22 12:12 . 2008-10-22 12:12	142848              c:\windows\Installer\329bfc.msi
+ 2008-10-22 12:12 . 2008-10-22 12:12	176640              c:\windows\Installer\329be9.msi
+ 2009-05-19 14:50 . 2009-05-19 14:50	146944              c:\windows\Installer\2c91ff.msi
+ 2009-01-22 14:21 . 2009-01-22 14:21	395776              c:\windows\Installer\2c54785.msi
+ 2009-01-22 12:06 . 2009-01-22 12:06	559104              c:\windows\Installer\2495ed5.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	503296              c:\windows\Installer\21a8338.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	506880              c:\windows\Installer\21a8333.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	516608              c:\windows\Installer\21a832d.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	513536              c:\windows\Installer\21a8327.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	512512              c:\windows\Installer\21a8321.msi
+ 2008-10-10 11:47 . 2008-10-10 11:47	265216              c:\windows\Installer\14cb7.msi
+ 2008-10-10 23:39 . 2008-10-10 23:39	375296              c:\windows\Installer\1269576.msi
- 2009-01-11 16:55 . 2009-01-11 16:55	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2009-01-11 16:55 . 2009-01-11 16:55	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2004-08-30 20:00 . 2004-08-30 20:00	1354240              c:\windows\system32\webfldrs.msi
+ 2009-07-18 03:21 . 2009-07-18 03:21	3883424              c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-10-06 16:34 . 2009-03-09 13:27	4178264              c:\windows\system32\D3DX9_41.dll
+ 2009-10-06 16:34 . 2008-10-15 04:22	4379984              c:\windows\system32\D3DX9_40.dll
+ 2009-10-06 16:34 . 2008-07-10 09:00	3851784              c:\windows\system32\D3DX9_39.dll
+ 2009-10-06 16:34 . 2008-05-30 12:11	3850760              c:\windows\system32\D3DX9_38.dll
+ 2009-10-06 16:34 . 2009-03-09 13:27	1846632              c:\windows\system32\D3DCompiler_41.dll
+ 2009-10-06 16:34 . 2008-10-15 04:22	2036576              c:\windows\system32\D3DCompiler_40.dll
+ 2009-10-06 16:34 . 2008-07-10 09:00	1493528              c:\windows\system32\D3DCompiler_39.dll
+ 2009-10-06 16:34 . 2008-05-30 12:11	1491992              c:\windows\system32\D3DCompiler_38.dll
+ 2008-10-10 16:16 . 2008-10-10 16:16	1807360              c:\windows\Installer\f31ca.msi
+ 2009-01-01 18:14 . 2009-01-01 18:14	3954176              c:\windows\Installer\d347b7.msi
+ 2009-01-01 18:14 . 2009-01-01 18:14	2575872              c:\windows\Installer\d347b0.msi
+ 2009-04-03 12:08 . 2009-04-03 12:08	1118720              c:\windows\Installer\cfd88a.msi
+ 2007-11-08 01:30 . 2007-11-08 01:30	3962368              c:\windows\Installer\ce0a7f.msp
+ 2007-11-08 01:13 . 2007-11-08 01:13	6766592              c:\windows\Installer\ce0a7e.msp
+ 2007-11-08 01:26 . 2007-11-08 01:26	4340224              c:\windows\Installer\ce0a7b.msp
+ 2007-11-08 01:24 . 2007-11-08 01:24	5353472              c:\windows\Installer\ce0a7a.msp
+ 2007-11-08 01:18 . 2007-11-08 01:18	2059264              c:\windows\Installer\ce0a78.msp
+ 2007-11-08 01:16 . 2007-11-08 01:16	1313280              c:\windows\Installer\ce0a77.msp
+ 2008-10-16 10:43 . 2008-10-16 10:43	8990208              c:\windows\Installer\bafd3.msi
+ 2008-10-16 10:42 . 2008-10-16 10:42	1549312              c:\windows\Installer\badf3.msi
+ 2009-01-08 02:12 . 2009-01-08 02:12	1396224              c:\windows\Installer\b3ec22.msi
+ 2009-10-06 16:32 . 2009-10-06 16:32	1500160              c:\windows\Installer\b090cfd.msi
+ 2008-10-15 11:37 . 2008-10-15 11:37	3153408              c:\windows\Installer\7dfdd9.msi
+ 2008-10-15 11:34 . 2008-10-15 11:34	1726976              c:\windows\Installer\7dfdb8.msi
+ 2008-10-15 11:34 . 2008-10-15 11:34	2847744              c:\windows\Installer\7dfdb0.msi
+ 2008-10-10 15:54 . 2008-10-10 15:54	2901504              c:\windows\Installer\7ae72.msi
+ 2008-10-10 17:38 . 2008-10-10 17:38	2662400              c:\windows\Installer\7a885.msi
+ 2008-10-15 09:54 . 2008-10-15 09:54	8064512              c:\windows\Installer\67a96.msi
+ 2008-10-15 09:54 . 2008-10-15 09:54	8062464              c:\windows\Installer\67a8f.msi
+ 2008-10-15 09:53 . 2008-10-15 09:53	8062464              c:\windows\Installer\67a88.msi
+ 2008-10-15 09:53 . 2008-10-15 09:53	1013248              c:\windows\Installer\67a81.msi
+ 2008-10-15 09:53 . 2008-10-15 09:53	8086528              c:\windows\Installer\67a7a.msi
+ 2008-10-15 09:53 . 2008-10-15 09:53	8256000              c:\windows\Installer\67a73.msi
+ 2008-10-15 09:52 . 2008-10-15 09:52	8095232              c:\windows\Installer\67a6c.msi
+ 2008-10-15 09:52 . 2008-10-15 09:52	8176128              c:\windows\Installer\67a65.msi
+ 2008-10-15 09:50 . 2008-10-15 09:50	3680768              c:\windows\Installer\67a55.msi
+ 2008-10-15 09:46 . 2008-10-15 09:46	1142784              c:\windows\Installer\67a3e.msi
+ 2008-10-31 11:48 . 2008-10-31 11:48	5142528              c:\windows\Installer\4832bcf.msi
+ 2007-11-07 12:50 . 2007-11-07 12:50	6055936              c:\windows\Installer\472b3.msp
+ 2007-11-07 13:00 . 2007-11-07 13:00	3407360              c:\windows\Installer\472b2.msp
+ 2007-11-07 12:46 . 2007-11-07 12:46	3010560              c:\windows\Installer\472b0.msp
+ 2007-11-07 13:02 . 2007-11-07 13:02	6473216              c:\windows\Installer\472af.msp
+ 2007-11-07 13:12 . 2007-11-07 13:12	2533376              c:\windows\Installer\472ae.msp
+ 2008-10-31 13:36 . 2008-10-31 13:36	3855360              c:\windows\Installer\41c88a3.msi
+ 2008-10-22 12:16 . 2008-10-22 12:16	5377536              c:\windows\Installer\329c06.msi
+ 2008-10-11 10:59 . 2008-10-11 10:59	1644032              c:\windows\Installer\21a834e.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	1656320              c:\windows\Installer\21a8349.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	1656320              c:\windows\Installer\21a8343.msi
+ 2008-10-11 10:58 . 2008-10-11 10:58	1656320              c:\windows\Installer\21a833d.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	2365440              c:\windows\Installer\21a831c.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	1650688              c:\windows\Installer\21a8317.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	1644544              c:\windows\Installer\21a830c.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	2027008              c:\windows\Installer\21a8306.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	1753088              c:\windows\Installer\21a8301.msi
+ 2008-10-11 10:57 . 2008-10-11 10:57	2417152              c:\windows\Installer\21a82fc.msi
+ 2009-02-11 20:24 . 2009-02-11 20:24	1430528              c:\windows\Installer\1a8c9e1c.msi
+ 2009-02-11 20:24 . 2009-02-11 20:24	1116160              c:\windows\Installer\1a8c9e18.msi
+ 2009-02-11 20:23 . 2009-02-11 20:23	1405440              c:\windows\Installer\1a8c9e11.msi
+ 2009-02-11 19:56 . 2009-02-11 19:56	9897472              c:\windows\Installer\1a7489ac.msi
+ 2009-03-05 12:35 . 2009-03-05 12:35	3578880              c:\windows\Installer\15233c.msi
+ 2009-03-05 12:34 . 2009-03-05 12:34	3485696              c:\windows\Installer\152335.msi
+ 2009-03-05 12:32 . 2009-03-05 12:32	3722752              c:\windows\Installer\152312.msi
+ 2009-03-05 12:30 . 2009-03-05 12:30	3094016              c:\windows\Installer\1522ea.msi
+ 2009-03-05 12:29 . 2009-03-05 12:29	3123200              c:\windows\Installer\1522e2.msi
+ 2009-03-05 12:29 . 2009-03-05 12:29	3103744              c:\windows\Installer\1522da.msi
+ 2009-03-05 12:28 . 2009-03-05 12:28	3095552              c:\windows\Installer\1522ca.msi
+ 2009-03-05 12:27 . 2009-03-05 12:27	3102720              c:\windows\Installer\1522c1.msi
+ 2009-03-05 12:27 . 2009-03-05 12:27	3109888              c:\windows\Installer\1522b7.msi
+ 2009-03-05 12:25 . 2009-03-05 12:25	3192832              c:\windows\Installer\1522af.msi
+ 2009-03-05 12:06 . 2009-03-05 12:06	3214848              c:\windows\Installer\14f427.msi
+ 2009-03-05 12:05 . 2009-03-05 12:05	3082752              c:\windows\Installer\14f41e.msi
+ 2009-03-05 12:05 . 2009-03-05 12:05	3084800              c:\windows\Installer\14f417.msi
+ 2009-03-05 12:05 . 2009-03-05 12:05	3078656              c:\windows\Installer\14f410.msi
+ 2009-03-05 12:04 . 2009-03-05 12:04	3080192              c:\windows\Installer\14f409.msi
+ 2009-03-05 12:04 . 2009-03-05 12:04	3079168              c:\windows\Installer\14f402.msi
+ 2009-03-05 12:04 . 2009-03-05 12:04	3207680              c:\windows\Installer\14f3f6.msi
+ 2009-03-05 12:03 . 2009-03-05 12:03	4038656              c:\windows\Installer\14f3ee.msi
+ 2009-03-05 12:03 . 2009-03-05 12:03	3082240              c:\windows\Installer\14f3e7.msi
+ 2009-03-05 12:02 . 2009-03-05 12:02	3080704              c:\windows\Installer\14f3e0.msi
+ 2009-03-05 12:02 . 2009-03-05 12:02	3085312              c:\windows\Installer\14f3d9.msi
+ 2009-03-05 12:02 . 2009-03-05 12:02	3082752              c:\windows\Installer\14f3d2.msi
+ 2009-03-05 12:02 . 2009-03-05 12:02	3085824              c:\windows\Installer\14f3cb.msi
+ 2009-03-05 12:01 . 2009-03-05 12:01	3180032              c:\windows\Installer\14f3c4.msi
+ 2009-03-05 12:01 . 2009-03-05 12:01	3102208              c:\windows\Installer\14f3bd.msi
+ 2009-03-05 12:00 . 2009-03-05 12:00	4921344              c:\windows\Installer\14f3a2.msi
+ 2009-03-05 12:00 . 2009-03-05 12:00	3122688              c:\windows\Installer\14f399.msi
+ 2009-03-05 12:00 . 2009-03-05 12:00	3837440              c:\windows\Installer\14f392.msi
+ 2009-03-05 11:59 . 2009-03-05 11:59	4914176              c:\windows\Installer\14f38b.msi
+ 2009-03-05 11:58 . 2009-03-05 11:58	3101184              c:\windows\Installer\14f36d.msi
+ 2009-03-05 11:57 . 2009-03-05 11:57	3095040              c:\windows\Installer\14f360.msi
+ 2009-03-05 11:57 . 2009-03-05 11:57	3099648              c:\windows\Installer\14f359.msi
+ 2009-03-05 11:57 . 2009-03-05 11:57	3279360              c:\windows\Installer\14f352.msi
+ 2009-03-05 11:56 . 2009-03-05 11:56	3078656              c:\windows\Installer\14f34b.msi
+ 2009-03-05 11:56 . 2009-03-05 11:56	3291648              c:\windows\Installer\14f335.msi
+ 2009-03-05 11:55 . 2009-03-05 11:55	3089408              c:\windows\Installer\14f32e.msi
+ 2009-03-05 11:54 . 2009-03-05 11:54	3191808              c:\windows\Installer\14f320.msi
+ 2009-03-05 11:54 . 2009-03-05 11:54	3156480              c:\windows\Installer\14f319.msi
+ 2009-03-05 11:54 . 2009-03-05 11:54	3080192              c:\windows\Installer\14f30c.msi
+ 2009-03-05 11:53 . 2009-03-05 11:53	3122176              c:\windows\Installer\14f304.msi
+ 2009-03-05 11:53 . 2009-03-05 11:53	3521536              c:\windows\Installer\14f2fc.msi
+ 2009-03-05 11:52 . 2009-03-05 11:52	3082752              c:\windows\Installer\14f2f4.msi
+ 2009-03-05 11:51 . 2009-03-05 11:51	3079680              c:\windows\Installer\14f2ed.msi
+ 2009-03-05 11:51 . 2009-03-05 11:51	3079680              c:\windows\Installer\14f2df.msi
+ 2009-03-05 11:51 . 2009-03-05 11:51	3079680              c:\windows\Installer\14f2d1.msi
+ 2009-03-05 11:50 . 2009-03-05 11:50	3211776              c:\windows\Installer\14f2c3.msi
+ 2009-03-05 11:50 . 2009-03-05 11:50	3184128              c:\windows\Installer\14f2bc.msi
+ 2009-03-05 11:49 . 2009-03-05 11:49	3092992              c:\windows\Installer\14f2b5.msi
+ 2009-03-05 11:48 . 2009-03-05 11:48	3116544              c:\windows\Installer\14f267.msi
+ 2009-03-05 11:48 . 2009-03-05 11:48	3152896              c:\windows\Installer\14f259.msi
+ 2009-03-05 11:48 . 2009-03-05 11:48	3233792              c:\windows\Installer\14f252.msi
+ 2009-03-05 11:47 . 2009-03-05 11:47	3076608              c:\windows\Installer\14f24b.msi
+ 2009-03-05 11:39 . 2009-03-05 11:39	3180544              c:\windows\Installer\14f244.msi
- 2009-01-11 16:54 . 2009-01-11 16:54	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-10-07 20:34 . 2009-10-07 20:34	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-01-11 16:54 . 2009-01-11 16:54	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2006-10-30 02:05 . 2006-10-30 02:05	11390464              c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpf.msi
+ 2009-10-06 16:42 . 2009-10-06 16:42	24721920              c:\windows\Installer\b090d01.msi
+ 2008-10-15 09:51 . 2008-10-15 09:51	10850304              c:\windows\Installer\67a5e.msi
+ 2009-03-12 15:39 . 2009-03-12 15:39	10960384              c:\windows\Installer\41cbb24.msi
+ 2008-10-11 11:00 . 2008-10-11 11:00	18181632              c:\windows\Installer\21a8355.msi
+ 2009-10-06 16:42 . 2009-10-06 16:42	15699216              c:\windows\Installer\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}\shift.exe
.
-- Snapshot per reimpostare la data corrente --
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\programmi\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 09:18	2215960	----a-w-	c:\programmi\BS_Player\tbBS_P.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\programmi\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\programmi\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STYLEXP"="c:\programmi\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 1372160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2008-09-06 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-30 15360]
c:\documents and settings\____neo____\Menu Avvio\Programmi\Esecuzione automatica\
YzShadow.lnk - c:\programmi\Yzshadow\YzShadow.exe [2008-10-10 151552]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\programmi\TGTSoft\StyleXP\Logon\CurrentLogon.EXE"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Acrobat.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^____neo____^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
path=c:\documents and settings\____neo____\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"c:\\Programmi\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"c:\\Programmi\\WinMX\\WinMX.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\uusee\\UUSeePlayer.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17.29.38 33808]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [10/10/2008 16.43.54 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [10/10/2008 16.43.54 5248]
R2 CachemanXPService;CachemanXP;c:\programmi\CachemanXP\CachemanXP.exe [15/10/2008 13.46.33 243200]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [24/04/2009 12.57.30 92008]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17.06.48 24592]
S3 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit;c:\programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [09/03/2008 23.04.52 65536]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - CLASSPNP_2
*Deregistered* - CLASSPNP_2
.
.
------- Scansione supplementare -------
.
uStart Page = 
hxxp://search.conduit.com?SearchSource= ... =CT1750559uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: Aggiungi a PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Aggiungi destinazione link a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\____neo____\Dati applicazioni\Mozilla\Firefox\Profiles\smd0zhxh.default\
FF - prefs.js: browser.startup.homepage - 
www.tiscali.itFF - component: c:\programmi\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-V-Ray for 3dsmax 2009 for x86 - c:\programmi\Autodesk\3ds Max 2009\Chaos Group\V-Ray\3dsmax 2009 for x86\uninstall\wininstaller.exe-uninstall=c:\programmi\Autodesk\3ds Max 2009\Chaos Group\V-Ray\3dsmax 2009 for x86\uninstall\install.log
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, 
http://www.gmer.netRootkit scan 2009-11-20 19:14
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ... 
scansione entrate autostart nascoste ... 
Scansione files nascosti ... 
Scansione completata con successo
Files nascosti: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, 
http://www.gmer.netdevice: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A88B770]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bfc3
\Driver\ACPI -> ACPI.sys @ 0xf758bcb8
\Driver\atapi -> 0x8a88b770
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9
 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9
 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a
NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xf787fba0
 PacketIndicateHandler -> NDIS.sys @ 0xf788cb21
 SendHandler -> NDIS.sys @ 0xf786a87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK 
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:a4,48,e3,be,70,05,6b,5b,7e,a7,20,5c,e7,a9,58,eb,3f,cd,63,86,d6,
   19,70,5d,34,30,a5,85,a0,95,fa,1d,a2,97,c1,03,2e,10,1a,6e,06,ed,d0,9b,23,84,\
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:a4,48,e3,be,70,05,6b,5b,7e,a7,20,5c,e7,a9,58,eb,3f,cd,63,86,d6,
   19,70,5d,34,30,a5,85,a0,95,fa,1d,a2,97,c1,03,2e,10,1a,6e,06,ed,d0,9b,23,84,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(1796)
c:\programmi\Yzshadow\YzShadow.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\ATKKBService.exe
c:\programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
c:\windows\system32\CTsvcCDA.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-11-20 19:19 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2009-11-20 18:19
ComboFix2.txt  2009-05-20 10:09
ComboFix3.txt  2009-04-04 11:24
Pre-Run: 44.595.232.768 byte disponibili
Post-Run: 44.699.070.464 byte disponibili
- - End Of File - - 09977573F6B27F6DDFE75170DED67611