ComboFix 09-09-25.01 - fakkO 16/12/2009 19.46.00.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.2047.1592 [GMT 1:00]
Eseguito da: c:\documents and settings\fakkO\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-0C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00200000-EE94-0012-94EE-120094EE1200}
FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-1482476501-1708537768-854245398-1003
c:\recycler\S-1-5-21-1482476501-1708537768-854245398-1003\desktop.ini
c:\recycler\S-1-5-21-1482476501-1708537768-854245398-1003\INFO2
c:\recycler\S-1-5-21-3897356463-2329793908-788896330-9364
c:\recycler\S-1-5-21-3897356463-2329793908-788896330-9364\Desktop.ini
c:\recycler\S-1-5-21-6322350947-7483479891-091406629-8462
c:\recycler\S-1-5-21-6322350947-7483479891-091406629-8462\Desktop.ini
c:\recycler\S-1-5-21-7030841866-6838815133-502676803-0953
c:\recycler\S-1-5-21-7030841866-6838815133-502676803-0953\Desktop.ini
.
((((((((((((((((((((((((( Files Creati Da 2009-11-16 al 2009-12-16 )))))))))))))))))))))))))))))))))))
.
2009-12-16 12:31 . 2009-12-16 12:31 -------- d-----w- c:\programmi\TrendMicro
2009-12-15 14:54 . 2009-12-15 14:54 -------- d-----w- c:\programmi\uTorrent
2009-12-15 14:53 . 2009-12-16 09:32 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\uTorrent
2009-12-14 20:40 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-14 20:40 . 2009-12-14 20:40 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-12-14 20:40 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-14 20:11 . 2009-12-16 09:58 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-12-14 18:48 . 2009-12-14 18:48 -------- d-----w- c:\programmi\Ask.com
2009-12-14 16:56 . 2009-12-14 16:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Azureus
2009-12-14 16:56 . 2009-12-16 09:37 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Azureus
2009-12-14 16:54 . 2009-12-14 16:55 -------- d-----w- c:\programmi\Vuze
2009-12-07 18:39 . 2009-12-07 18:39 -------- d--h--w- c:\windows\PIF
2009-12-02 13:27 . 2009-12-02 13:27 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Nikon
2009-12-02 13:22 . 2001-08-30 22:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-02 13:22 . 2008-04-14 02:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-01 08:57 . 2009-12-01 08:57 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\RETScreen
2009-12-01 08:45 . 2009-12-01 08:45 -------- d-----w- c:\programmi\RETScreen
2009-12-01 08:31 . 2009-12-01 08:31 -------- d-----w- c:\documents and settings\fakkO\.ta
2009-11-30 10:48 . 2009-11-30 10:48 -------- d-----w- c:\documents and settings\fakkO\.autodesk
2009-11-29 09:49 . 2009-11-29 09:49 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Malwarebytes
2009-11-29 09:49 . 2009-11-29 09:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-28 11:58 . 2009-11-28 11:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-11-28 11:56 . 2009-11-29 09:49 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\SUPERAntiSpyware.com
2009-11-28 11:56 . 2009-11-29 09:49 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-11-26 15:17 . 2009-12-16 17:37 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\LimeWire
2009-11-26 15:16 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-26 15:15 . 2009-11-26 15:17 -------- d-----w- c:\programmi\LimeWire
2009-11-24 16:26 . 2009-11-24 16:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\id Software
2009-11-23 09:51 . 2009-11-23 09:52 -------- d-----w- c:\programmi\VcaSlu
2009-11-18 15:01 . 2009-12-16 18:08 138504 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-18 15:01 . 2009-11-18 15:01 -------- d-----w- c:\documents and settings\fakkO\Impostazioni locali\Dati applicazioni\PunkBuster
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-16 18:43 . 2005-08-24 13:45 84354 ----a-w- c:\windows\system32\perfc010.dat
2009-12-16 18:43 . 2005-08-24 13:45 489648 ----a-w- c:\windows\system32\perfh010.dat
2009-12-16 18:08 . 2009-11-07 18:22 214488 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-10 22:01 . 2009-10-24 13:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-12-10 11:23 . 2009-10-24 15:56 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-04 11:15 . 2009-11-09 13:38 -------- d-----w- c:\programmi\IsoReflex
2009-12-01 08:44 . 2009-10-24 13:04 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-11-26 15:28 . 2005-08-24 14:14 -------- d-----w- c:\programmi\Java
2009-11-24 16:26 . 2009-11-07 18:22 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-24 16:26 . 2009-11-07 18:22 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-23 09:51 . 2009-11-09 13:38 253952 ------w- c:\windows\Setup1.exe
2009-11-23 09:51 . 2009-10-24 14:59 74752 ----a-w- c:\windows\ST6UNST.EXE
2009-11-16 14:53 . 2009-11-16 14:53 -------- d-----w- c:\programmi\DvbTco
2009-11-16 14:52 . 2009-11-16 14:52 -------- d-----w- c:\programmi\TraveConDwg
2009-11-16 14:51 . 2009-11-16 14:50 -------- d-----w- c:\programmi\PacchettoComune
2009-11-16 11:34 . 2009-10-24 14:37 -------- d-----w- c:\programmi\T-Splines for Rhino
2009-11-10 20:34 . 2009-11-10 20:34 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Canon
2009-11-10 20:30 . 2009-11-08 22:19 -------- d-----w- c:\programmi\Canon
2009-11-10 20:30 . 2005-08-25 05:18 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-10 20:29 . 2009-11-10 20:29 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\ScanSoft
2009-11-10 20:29 . 2009-11-10 20:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SSScanWizard
2009-11-10 20:29 . 2009-11-10 20:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SSScanAppDataDir
2009-11-10 20:29 . 2009-11-10 20:28 -------- d-----w- c:\programmi\File comuni\ScanSoft Shared
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\programmi\ScanSoft
2009-11-08 22:22 . 2009-11-08 22:22 -------- d--h--w- c:\documents and settings\All Users\Dati applicazioni\CanonBJ
2009-11-08 22:21 . 2009-11-08 22:21 -------- d--h--w- c:\programmi\CanonBJ
2009-11-08 15:18 . 2009-10-24 11:24 122144 ----a-w- c:\documents and settings\fakkO\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-08 14:53 . 2009-10-24 13:19 -------- d-----w- c:\programmi\Microsoft Works
2009-11-07 20:31 . 2009-11-07 19:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-11-07 20:00 . 2009-11-07 20:00 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-07 20:00 . 2009-11-07 20:00 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\skypePM
2009-11-07 18:22 . 2009-11-07 18:22 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\id Software
2009-11-05 21:10 . 2009-11-05 21:10 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\ArcSoft
2009-11-01 21:51 . 2009-10-24 14:27 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Nero
2009-10-30 09:46 . 2009-10-30 09:46 -------- d-----w- c:\programmi\Microsoft
2009-10-30 09:45 . 2009-10-30 09:45 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-10-30 09:45 . 2009-10-28 15:44 -------- d-----w- c:\programmi\Windows Live
2009-10-30 09:41 . 2009-10-30 09:41 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-10-29 19:34 . 2009-10-29 19:34 -------- d-----w- c:\programmi\MAXON
2009-10-29 19:31 . 2009-10-24 13:49 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\MAXON
2009-10-29 11:57 . 2009-10-24 14:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McNeel
2009-10-29 10:25 . 2009-10-29 10:25 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-10-29 09:08 . 2009-10-29 09:08 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Conviva
2009-10-28 15:57 . 2009-10-28 15:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-10-28 15:54 . 2009-10-28 15:54 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-10-28 15:46 . 2009-10-28 15:45 -------- dcsh--w- c:\programmi\File comuni\WindowsLiveInstaller
2009-10-28 15:44 . 2009-10-28 15:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WLInstaller
2009-10-27 20:02 . 2009-10-27 20:02 -------- d-----w- c:\programmi\File comuni\Nikon
2009-10-27 20:02 . 2009-10-27 20:02 -------- d-----w- c:\programmi\Nikon
2009-10-27 20:01 . 2009-10-27 20:01 -------- d-----w- c:\programmi\ArcSoft
2009-10-26 14:28 . 2009-10-24 11:06 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Autodesk
2009-10-26 14:28 . 2009-10-24 11:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autodesk
2009-10-25 19:26 . 2009-10-25 19:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TSplines
2009-10-25 10:33 . 2009-10-24 13:08 -------- d-----w- c:\programmi\QuickTime
2009-10-25 10:31 . 2009-10-25 10:31 -------- d-----w- c:\programmi\File comuni\Apple
2009-10-25 10:31 . 2009-10-25 10:31 -------- d-----w- c:\programmi\Apple Software Update
2009-10-25 10:31 . 2009-10-25 10:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-10-25 10:03 . 2009-10-25 09:15 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\AdobeUM
2009-10-25 10:02 . 2005-08-25 09:28 -------- d-----w- c:\programmi\File comuni\Adobe
2009-10-25 09:55 . 2009-10-25 09:55 -------- d-----w- c:\programmi\MSXML 6.0
2009-10-25 09:51 . 2009-10-24 10:23 134 ----a-w- c:\documents and settings\fakkO\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-10-24 21:04 . 2009-10-24 21:04 -------- d-----w- c:\programmi\MSXML 4.0
2009-10-24 20:54 . 2009-10-24 20:54 -------- d-----w- c:\programmi\id Software
2009-10-24 19:39 . 2009-10-24 19:39 -------- d-----w- c:\programmi\D-Tools
2009-10-24 15:58 . 2009-10-24 15:58 0 ----a-w- c:\windows\nsreg.dat
2009-10-24 15:56 . 2009-10-24 15:56 -------- d-----w- c:\programmi\Avira
2009-10-24 15:56 . 2009-10-24 15:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-10-24 14:45 . 2009-10-24 14:45 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\McNeel
2009-10-24 14:45 . 2009-10-24 14:45 -------- d-----w- c:\programmi\Penguin SR3
2009-10-24 14:44 . 2009-10-24 14:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InstallShield
2009-10-24 14:43 . 2009-10-24 14:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ASGvis
2009-10-24 14:43 . 2005-08-24 14:05 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-10-24 14:34 . 2009-10-24 14:34 -------- d-----w- c:\programmi\Flamingo 1.1
2009-10-24 14:30 . 2009-10-24 14:30 -------- d-----w- c:\programmi\File comuni\McNeel Shared
2009-10-24 14:29 . 2009-10-24 14:29 -------- d-----w- c:\programmi\Rhinoceros 4.0
2009-10-24 14:26 . 2009-10-24 14:23 -------- d-----w- c:\programmi\Rhinoceros 3.0
2009-10-24 14:23 . 2009-10-24 14:23 -------- d-----w- c:\programmi\Common Files
2009-10-24 14:20 . 2009-10-24 14:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Adobe Systems
2009-10-24 14:20 . 2009-10-24 14:20 -------- d-----w- c:\programmi\File comuni\Adobe Systems Shared
2009-10-24 14:07 . 2009-10-24 11:06 -------- d-----w- c:\programmi\Autodesk
2009-10-24 14:07 . 2009-10-24 11:06 -------- d-----w- c:\programmi\File comuni\Autodesk Shared
2009-10-24 14:04 . 2009-10-24 14:04 -------- d-----w- c:\programmi\MSBuild
2009-10-24 14:01 . 2009-10-24 14:01 -------- d-----w- c:\programmi\Reference Assemblies
2009-10-24 13:45 . 2009-10-24 13:45 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\vlc
2009-10-24 13:37 . 2009-10-24 13:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-10-24 13:29 . 2009-10-24 13:29 -------- d-----w- c:\programmi\File comuni\Macrovision Shared
2009-10-24 13:18 . 2009-10-24 13:18 -------- d-----w- c:\programmi\Microsoft.NET
2009-10-24 13:18 . 2009-10-24 13:18 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Advanced Chemistry Development
2009-10-24 13:09 . 2009-10-24 13:09 -------- d-----w- c:\documents and settings\fakkO\Dati applicazioni\Apple Computer
2009-10-24 13:08 . 2009-10-24 13:08 -------- d-----w- c:\programmi\iTunes
2009-10-24 13:08 . 2009-10-24 13:08 -------- d-----w- c:\programmi\iPod
2009-10-24 13:08 . 2009-10-24 13:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-10-24 13:06 . 2009-10-24 13:06 -------- d-----w- c:\programmi\Garzanti Linguistica
2009-10-24 13:05 . 2009-10-24 13:05 -------- d-----w- c:\programmi\Sygate
2009-10-24 13:03 . 2009-10-24 13:03 -------- d-----w- c:\programmi\VideoLAN
2009-10-24 13:02 . 2009-10-24 13:02 -------- d-----w- c:\programmi\7-Zip
2009-10-24 13:01 . 2009-10-24 13:01 -------- d-----w- c:\programmi\Google
2009-10-24 11:34 . 2009-10-24 11:30 -------- d-----w- c:\programmi\Nero
2009-10-24 11:34 . 2009-10-24 11:34 -------- d-----w- c:\programmi\Windows Sidebar
2009-10-24 11:33 . 2009-10-24 11:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 16:28 1174920 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 344064]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"SoundMAXPnP"="c:\programmi\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544]
"THotkey"="c:\programmi\Toshiba\Toshiba Applet\thotkey.exe" [2005-08-10 356352]
"Tvs"="c:\programmi\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"SmoothView"="c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"Hazon clic"="c:\programmi\Garzanti Linguistica\Hazon clic\HAZON.EXE" [2003-08-04 643072]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2006-06-14 278528]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"DAEMON Tools-1033"="c:\programmi\D-Tools\daemon.exe" [2004-08-22 81920]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-09-05 417792]
"CanonMyPrinter"="c:\programmi\Canon\MyPrinter\BJMyPrt.exe" [2008-03-18 1848648]
"OpwareSE2"="c:\programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2005-04-12 88358]
"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2005-08-04 266240]
"NDSTray.exe"="NDSTray.exe" [BU]
"TFncKy"="TFncKy.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\fakkO\Menu Avvio\Programmi\Esecuzione automatica\
LimeWire On Startup.lnk - c:\programmi\LimeWire\LimeWire.exe [2009-9-30 503808]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2009-10-24 25214]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
NkvMon.exe.lnk - c:\programmi\Nikon\NkView6\NkvMon.exe [2009-10-27 233472]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"c:\\Programmi\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\ASGvis\\DRSpawner\\DRSpawner.exe"=
"c:\\Programmi\\id Software\\Quake 4\\quake4Ded.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Rhinoceros 4.0\\System\\Rhino4.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [09/03/2008 23.04.52 65536]
.
Contenuto della cartella 'Scheduled Tasks'
2009-10-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-12-16 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2009-07-10 16:29]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.ask.com?o=13170&l=disIE: Convert link target to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\fakkO\Dati applicazioni\Mozilla\Firefox\Profiles\9im1evlf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.hotmail.com/FF - prefs.js: keyword.URL -
hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\documents and settings\fakkO\Dati applicazioni\Mozilla\Firefox\Profiles\9im1evlf.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-CINEMA 4D Release 11 - c:\windows\unvise32.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-12-16 19:46
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\vsdatant]
"ImagePath"=""
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2009-12-16 19.48.18
ComboFix-quarantined-files.txt 2009-12-16 18:48
Pre-Run: 45.282.652.160 byte disponibili
Post-Run: 45.756.772.352 byte disponibili
281 --- E O F --- 2009-12-10 22:02