ComboFix 10-01-19.01 - Marco 19/01/2010 22:16:33.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.39.1040.18.3572.2580 [GMT 1:00]
Eseguito da: c:\users\Marco\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
.
((((((((((((((((((((((((( Files Creati Da 2009-12-19 al 2010-01-19 )))))))))))))))))))))))))))))))))))
.
2010-01-19 21:20 . 2010-01-19 21:20 -------- d-----w- c:\users\Marco\AppData\Local\temp
2010-01-19 21:20 . 2010-01-19 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-13 17:40 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 17:40 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-01-12 16:40 . 2009-07-30 13:54 121848 ----a-w- c:\windows\system32\drivers\savonaccess.sys
2010-01-12 16:40 . 2008-05-23 08:39 20288 ----a-w- c:\windows\system32\drivers\SophosBootDriver.sys
2010-01-10 20:13 . 2010-01-10 20:17 -------- d-----w- c:\program files\Diary Link
2010-01-10 20:13 . 2010-01-10 20:13 -------- d-----w- c:\program files\Borland
2009-12-26 13:02 . 2009-12-26 13:02 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-24 08:48 . 2009-12-24 08:48 -------- d-----w- c:\programdata\WinZip
2009-12-22 22:02 . 2009-12-22 22:02 -------- d-----w- c:\users\Marco\AppData\Local\Sophos
2009-12-20 21:27 . 2010-01-19 20:00 -------- d-----w- C:\My Folder_3
2009-12-20 21:25 . 2010-01-14 18:12 -------- d-----w- C:\My Folder_2
2009-12-20 21:24 . 2010-01-19 19:58 -------- d-----w- C:\My Folder
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 20:59 . 2009-07-14 08:21 689472 ----a-w- c:\windows\system32\perfh010.dat
2010-01-19 20:59 . 2009-07-14 08:21 124626 ----a-w- c:\windows\system32\perfc010.dat
2010-01-19 18:26 . 2009-12-17 20:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-14 16:45 . 2009-12-16 17:32 -------- d-----w- c:\programdata\Microsoft Help
2010-01-14 10:12 . 2009-12-16 17:10 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-07 20:16 . 2010-01-07 20:16 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-12-20 19:52 . 2009-12-20 19:16 -------- d-----w- c:\program files\Newsoft
2009-12-20 19:18 . 2009-12-20 19:18 -------- d-----w- c:\program files\directx
2009-12-20 19:15 . 2009-12-20 19:15 -------- d-----w- c:\program files\Digital Photo Navigator 1.0
2009-12-20 19:15 . 2009-12-16 19:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-20 19:14 . 2009-12-17 08:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-20 19:10 . 2009-12-16 20:35 -------- d-----w- c:\programdata\NVIDIA
2009-12-20 19:07 . 2009-12-20 19:07 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-20 18:16 . 2003-04-05 12:33 20458 ----a-w- c:\windows\hpoins01.dat
2009-12-20 18:16 . 2009-12-20 18:08 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-20 18:16 . 2009-12-20 18:16 77004 ----a-w- c:\windows\system32\drivers\AFS.SYS
2009-12-20 18:09 . 2009-12-20 18:09 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-19 11:36 . 2009-12-17 20:18 -------- d-----w- c:\program files\Windows Live
2009-12-19 08:55 . 2009-12-19 08:55 -------- d-----w- c:\programdata\SafeNet Sentinel
2009-12-19 08:55 . 2009-12-19 08:55 -------- d-----w- c:\program files\SafeNet Sentinel
2009-12-19 08:55 . 2009-12-19 08:55 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2009-12-19 08:51 . 2009-12-16 20:28 108824 ----a-w- c:\users\Marco\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-19 08:41 . 2009-12-16 17:36 -------- d-----w- c:\program files\Microsoft Works
2009-12-18 08:50 . 2009-12-18 08:50 -------- d-----w- c:\program files\Common Files\Deterministic Networks
2009-12-18 08:50 . 2009-12-18 08:50 -------- d-----w- c:\program files\Cisco Systems
2009-12-17 20:19 . 2009-12-17 20:19 -------- d-----w- c:\program files\Microsoft
2009-12-17 20:19 . 2009-12-17 20:19 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-----w- c:\program files\Common Files\Windows Live
2009-12-17 20:12 . 2009-12-17 20:12 4844296 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-17 20:11 . 2009-12-17 20:11 -------- d-----w- c:\users\Marco\AppData\Roaming\Malwarebytes
2009-12-17 20:11 . 2009-12-17 20:11 -------- d-----w- c:\programdata\Malwarebytes
2009-12-17 17:51 . 2009-12-17 17:51 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-12-17 12:23 . 2009-12-17 12:22 -------- d-----w- c:\program files\Microsoft Games
2009-12-17 12:09 . 2009-12-17 12:09 -------- d-----w- c:\users\Marco\AppData\Roaming\Thunderbird
2009-12-17 10:28 . 2009-12-17 10:28 -------- d-----w- c:\program files\Leica
2009-12-17 09:42 . 2009-12-17 09:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-17 09:07 . 2009-12-17 09:07 -------- d-----w- c:\programdata\nView_Profiles
2009-12-17 08:53 . 2009-12-16 17:48 -------- d-----w- c:\program files\Dell
2009-12-17 08:30 . 2009-12-17 08:30 -------- d-----w- c:\users\Marco\AppData\Roaming\Creative
2009-12-17 08:30 . 2009-12-17 08:30 -------- d-----w- c:\programdata\Creative
2009-12-17 08:19 . 2009-12-17 08:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
2009-12-17 08:16 . 2009-12-17 08:16 -------- d-----w- c:\program files\Creative
2009-12-17 08:15 . 2009-12-17 08:15 -------- d-----w- c:\program files\Dell Webcam
2009-12-16 20:45 . 2009-12-16 20:45 224816 ----a-r- c:\users\Marco\AppData\Roaming\Microsoft\Installer\{2220CF3A-EBD6-4070-94D0-0C7337B537A7}\ARPPRODUCTICON.exe
2009-12-16 20:44 . 2009-12-16 20:42 -------- d-----w- c:\programdata\Dell
2009-12-16 20:29 . 2009-12-16 20:29 1230960 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_3F6C343113693CD9.dll
2009-12-16 19:14 . 2009-12-16 19:14 -------- d-----w- c:\program files\Intel
2009-12-16 19:02 . 2009-12-16 19:02 -------- d-----w- c:\program files\Google
2009-12-16 19:01 . 2009-12-16 18:17 -------- d-----w- c:\program files\Java
2009-12-16 18:26 . 2009-12-16 18:26 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2009-12-16 18:26 . 2009-12-16 18:26 -------- d-----w- c:\program files\DellTPad
2009-12-16 18:14 . 2009-12-16 18:14 -------- d-----w- c:\program files\WIDCOMM
2009-12-16 17:48 . 2009-12-16 17:48 45056 ----a-r- c:\users\Marco\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2009-12-16 17:48 . 2009-12-16 17:48 10134 ----a-r- c:\users\Marco\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
2009-12-16 17:36 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2009-12-16 17:36 . 2009-12-16 17:36 -------- d-----w- c:\program files\Microsoft.NET
2009-12-16 17:32 . 2009-12-16 17:32 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-12-16 17:22 . 2009-12-16 17:21 -------- d-----w- c:\programdata\Sophos
2009-12-16 17:22 . 2009-12-16 17:21 -------- d-----w- c:\program files\Sophos
2009-12-16 17:21 . 2009-12-16 17:21 -------- d-----w- c:\program files\Common Files\Cisco Systems
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\programdata\Preferiti
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\programdata\Modelli
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\programdata\Menu Avvio
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\programdata\Documenti
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\programdata\Dati applicazioni
2009-12-16 16:54 . 2009-12-16 16:54 -------- d-sh--we c:\program files\File comuni
2009-12-16 16:24 . 2009-12-16 16:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2009-12-03 15:14 . 2009-12-17 20:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-17 20:11 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-29 07:22 . 2009-12-17 13:51 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-16 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 249856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-06-11 656384]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-07-08 413827]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-7-16 1245472]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
Sophos AutoUpdate Monitor.lnk - c:\program files\Sophos\AutoUpdate\ALMon.exe [2009-9-4 429096]
VPN Client.lnk - c:\windows\Installer\{229205AC-74D7-4045-BE2E-F3276B498EF1}\Icon3E5562ED7.ico [2009-12-18 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Sophos\SOPHOS~1\sophos_detoured.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [20/12/2009 19:16 77004]
R1 SAVOnAccess;SAVOnAccess;c:\windows\System32\drivers\savonaccess.sys [12/01/2010 17:40 121848]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [27/04/2009 13:40 293968]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [16/07/2009 12:10 382752]
R2 SAVAdminService;Report sullo stato di Sophos Anti-Virus;c:\program files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [07/09/2009 12:11 104488]
R2 SAVService;Sophos Anti-Virus;c:\program files\Sophos\Sophos Anti-Virus\SavService.exe [07/09/2009 12:11 93736]
R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [17/09/2009 01:03 369952]
R2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [17/09/2009 01:00 292128]
R3 acpials;Filtro sensore luce ambientale;c:\windows\System32\drivers\acpials.sys [14/07/2009 09:34 7680]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [16/12/2009 19:15 29472]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\System32\drivers\CtClsFlt.sys [17/12/2009 09:15 143968]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\System32\drivers\e1y6232.sys [16/12/2009 20:13 221912]
R3 netw5v32;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 32 bit;c:\windows\System32\drivers\netw5v32.sys [10/06/2009 22:18 4231168]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [03/06/2008 09:30 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [18/09/2008 17:03 277440]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [14/05/2009 09:01 4440064]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\System32\drivers\CtAudDrv.sys [17/12/2009 09:15 134144]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [17/12/2009 21:11 38224]
S4 SophosBootDriver;SophosBootDriver;c:\windows\System32\drivers\SophosBootDriver.sys [12/01/2010 17:40 20288]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.fastweb.it/portale/IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2010-01-19 22:22:15
ComboFix-quarantined-files.txt 2010-01-19 21:22
Pre-Run: 241.274.454.016 byte disponibili
Post-Run: 241.500.008.448 byte disponibili
- - End Of File - - 7367756DE2FF234050D8D04EC1F08562