ComboFix 10-09-19.03 - uno 20/09/2010 18.40.07.1.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1014.290 [GMT 2:00]
Eseguito da: c:\programmi\ComboFix.exe
AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\uno\Dati applicazioni\BITS
c:\documents and settings\uno\Dati applicazioni\BITS\BITS.ini
c:\documents and settings\uno\Dati applicazioni\BITS\DHTTable.dat
c:\documents and settings\uno\Dati applicazioni\BITS\ProxyList.ini
c:\documents and settings\uno\Dati applicazioni\FlashGetBHO
c:\documents and settings\uno\Dati applicazioni\FlashGetBHO\FlashGetBHO3.dll
c:\documents and settings\uno\Dati applicazioni\FlashGetBHO\FlashGetHook.dll
c:\documents and settings\uno\Dati applicazioni\FlashGetBHO\GetAllUrl.htm
c:\documents and settings\uno\Dati applicazioni\FlashGetBHO\GetUrl.htm
c:\documents and settings\uno\Dati applicazioni\hotfix.exe
c:\documents and settings\uno\Dati applicazioni\MSA
c:\documents and settings\uno\Dati applicazioni\Pyemur
c:\documents and settings\uno\Dati applicazioni\Pyemur\esci.exe
c:\documents and settings\uno\Dati applicazioni\Qiids
c:\documents and settings\uno\Dati applicazioni\Qiids\weuci.eco
c:\documents and settings\uno\Dati applicazioni\Qiids\weuci.tmp
c:\documents and settings\uno\Dati applicazioni\SystemProc
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\8.GooglePlusVideos.dll
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GooglePlusVideosXPCOM.dll
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat
c:\programmi\WinPCap
c:\programmi\WinPCap\daemon_mgm.exe
c:\programmi\WinPCap\npf_mgm.exe
c:\programmi\WinPCap\rpcapd.exe
c:\windows\system32\drivers\mbtgu.sys
c:\windows\system32\drivers\npf.sys
c:\windows\system32\muzapp.exe
c:\windows\system32\o6p92zpg.dll
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\secushr.dat
c:\windows\system32\secustat.dat
c:\windows\system32\srcr.dat
c:\windows\system32\sshnas21.dll
c:\windows\system32\vbzlib1.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FCI
-------\Legacy_SSHNAS
-------\Service_NPF
-------\Service_uqxd
((((((((((((((((((((((((( Files Creati Da 2010-08-20 al 2010-09-20 )))))))))))))))))))))))))))))))))))
.
2010-09-20 10:34 . 2010-09-20 10:34 3847043 ----a-r- c:\programmi\ComboFix.exe
2010-09-19 19:38 . 2010-09-19 19:38 186368 ----a-w- c:\windows\Wcakia.exe
2010-09-19 08:56 . 2010-09-19 08:56 -------- d-----w- C:\FOUND.000
2010-09-14 19:28 . 2010-09-14 19:28 -------- d-----w- c:\programmi\MSXML 4.0
2010-09-12 16:55 . 2010-09-12 16:55 -------- d-----w- c:\windows\system32\wbem\Repository
2010-09-11 16:01 . 2010-09-11 16:01 -------- d-sh--w- c:\windows\ftpcache
2010-09-11 12:04 . 2010-09-11 12:04 -------- d-----w- C:\FOUND.105
2010-09-10 08:29 . 2010-09-10 08:29 -------- d-----w- C:\FOUND.104
2010-09-07 15:49 . 2010-09-07 15:49 -------- d-----w- C:\FOUND.103
2010-09-06 15:17 . 2010-09-06 15:17 -------- d-----w- C:\FOUND.102
2010-08-27 15:29 . 2010-08-27 15:29 -------- d-----w- C:\FOUND.101
2010-08-25 15:52 . 2010-08-25 15:52 -------- d-----w- C:\FOUND.100
2010-08-21 18:12 . 2010-08-21 18:12 -------- d-----w- c:\programmi\backups
2010-08-21 18:00 . 2010-08-21 18:00 388608 ----a-w- c:\programmi\HijackThis.exe
2010-08-21 17:59 . 2010-08-21 17:59 293376 ----a-w- c:\programmi\gmer.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-20 16:50 . 2009-10-10 08:09 12 ----a-w- c:\windows\bthservsdp.dat
2010-09-20 10:32 . 2010-08-21 18:01 12192 ----a-w- c:\programmi\hijackthis.log
2010-09-20 09:43 . 2010-09-20 09:43 12487 ----a-w- c:\programmi\hijackthis3
2010-07-17 17:34 . 2010-07-17 17:34 38977024 ----a-w- c:\programmi\FormatFactory245_2ndRelease.exe
2010-07-11 16:14 . 2010-02-14 15:30 9053 ----a-w- c:\documents and settings\uno\Impostazioni locali\Dati applicazioni\bff.dat
2010-05-09 18:21 . 2010-05-09 18:20 29920697 ----a-w- c:\programmi\BeatportSync_101_NI_Win.zip
2010-05-09 18:20 . 2010-05-09 18:20 256808 ----a-w- c:\programmi\SoftonicDownloader66951.exe
2010-04-30 13:13 . 2010-04-30 13:15 13525424 ----a-w- c:\programmi\Dropbox 0.7.110.exe
2010-04-20 19:30 . 2010-04-20 19:30 7888272 ----a-w- c:\programmi\aTube_Catcher.exe
2010-04-03 14:51 . 2010-04-03 14:51 3137560 ----a-w- c:\programmi\foobar2000_v1.0.1.exe
2010-03-14 15:18 . 2010-03-14 15:18 155752 ----a-w- c:\programmi\tdsskiller.zip
2010-03-07 13:23 . 2010-03-07 08:53 16542024 ----a-w- c:\programmi\OODefrag11Professional64Enu.exe
2010-02-28 19:10 . 2010-02-28 19:10 1786857 ----a-w- c:\programmi\rcsetup135.zip
2010-02-14 15:24 . 2010-02-14 15:24 5632146 ----a-w- c:\programmi\setup_xrecode2_1.0.0.118_full.exe
2010-02-14 09:21 . 2010-02-14 09:20 7091840 ----a-w- c:\programmi\wuinstall.exe
2010-02-06 13:53 . 2009-05-15 17:15 12174235 ----a-w- c:\programmi\FreeYouTubeToMP3Converter.exe
2010-01-23 18:10 . 2010-01-23 18:10 9437208 ----a-w- c:\programmi\dap87.exe
2010-01-23 18:01 . 2010-01-23 18:01 30458368 ----a-w- c:\programmi\JDownloader-0.9579-s-it.exe
2010-01-23 10:22 . 2010-01-23 10:22 31141564 ----a-w- c:\programmi\FreeStudio.exe
2010-01-23 10:15 . 2010-01-23 10:15 10656841 ----a-w- c:\programmi\FreeYouTubeDownload.exe
2009-12-27 16:17 . 2009-12-27 16:17 33647104 ----a-w- c:\programmi\FF_FFSetup220-s-it.exe
2009-12-13 13:41 . 2009-12-13 13:41 1289999 ----a-w- c:\programmi\Setup MJ Studio 1.09.exe
2009-08-05 16:54 . 2009-08-05 16:54 9694356 ----a-w- c:\programmi\spybotsd152.zip
2009-07-08 19:09 . 2009-07-08 19:09 3081554 ----a-w- c:\programmi\foobar2000_0.9.6.8.exe
2009-07-07 16:49 . 2009-05-09 16:28 1534320 ----a-w- c:\programmi\lame3[1].98b8.zip
2009-07-07 16:44 . 2009-07-07 16:44 1327643 ----a-w- c:\programmi\lame-398-2.tar.tar
2009-05-10 14:21 . 2009-05-10 14:21 2893583 ----a-w- c:\programmi\PrintScreen44_Setup.exe
2009-05-09 21:36 . 2009-05-09 21:36 1256389 ----a-w- c:\programmi\wrar371it.exe
2009-05-09 19:24 . 2009-05-09 19:24 21615 ----a-w- c:\programmi\runasdate.zip
2009-05-09 19:22 . 2009-05-09 19:22 468 ----a-w- c:\programmi\runasdate_italian.zip
2009-05-09 17:33 . 2009-05-09 17:33 16509288 ----a-w- c:\programmi\LimeWireWin.exe
2009-05-09 16:48 . 2009-05-09 16:48 24095711 ----a-w- c:\programmi\jaikoz.zip
2006-05-03 10:06 . 2009-06-02 16:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-06-02 16:54 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 13:43 . 2009-06-02 16:54 27648 --sh--w- c:\windows\system32\Smab0.dll
2008-02-04 19:26 . 2009-06-02 16:54 151040 --sh--w- c:\windows\system32\VistaUltm.dll
.
------- Sigcheck -------
[-] 2008-04-13 . 99BD46C2C790E52363DD1021DDCA3E8F . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\DropboxExt.13.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\programmi\DNA\btdna.exe" [2009-10-17 323392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024]
"Gadwin PrintScreen"="c:\programmi\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616]
"TomTomHOME.exe"="c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe" [2009-03-18 251240]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-07 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-07 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"ccApp"="c:\programmi\File comuni\Symantec Shared\ccApp.exe" [2008-08-14 115560]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-06-17 1817600]
"NeroFilterCheck"="c:\programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\uno\Menu Avvio\Programmi\Esecuzione automatica\
Dropbox.lnk - c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Reader Speed Launch.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"omveujxhslngjxmajlebTaskMgr"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2006-05-15 09:15 45056 ----a-w- c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Symantec\\Symantec Endpoint Protection\\Smc.exe"=
"c:\\Programmi\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"=
"c:\\Programmi\\File comuni\\Symantec Shared\\ccApp.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [09/05/2009 18.18.14 141312]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [24/05/2010 18.11.19 102448]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [18/11/2008 18.17.08 23888]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [09/05/2009 19.26.25 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [09/05/2009 19.26.25 8320]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30/07/2009 14.56.39 664064]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'
2010-09-20 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2004\SystemOptimizer.exe [2004-03-31 15:00]
2010-09-20 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 15:38]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.virgilio.it/uSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext =
hxxp://it.intl.acer.yahoo.com/uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) =
hxxp://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.comIE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
SafeBoot-Symantec Antvirus
AddRemove-AutocompletePro3_is1 - c:\programmi\AutocompletePro\unins000.exe
AddRemove-{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1 - k:\programmi\Free Video Joiner\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-09-20 18:54
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="6B116B910058543A6BAA4A163C43B05BDB043E184D9A19A7651908FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808C038D530D6EB3452A9C6AECB7A5D1407DA848F2E4FF908CC986E7CB4E86748CBD77FB5A2BB6DC21DEDBB39D801C323C8A9FE11725ABBD7D7E0E1975A802F48BBC9351AFBC4FADB3E9D82C3F66395478297A758EE1F25381ABB7942E4B73147266AFAEF9EA5653A8A50277EA52E571CB09A4436CEBF6DA0D6FEC9DAD5A6C9557798D841868BC4ACB809C141FAC305CCEF789D72DE721436B3DAEC35D4789338FC85D70F5436F9365F1F6EDA2E99DDB9424E7F469280D8583B4D0216AB6C74EA6DB788CBCAF8270DFB3B4B8C9DB7E5F30D0B3ADFFDCA40165C2CA83B4BD48E19DD08FCE0D1BC341BEEDD7D09C83DE5C51973A4DFDC4194B3E81F0752C59ACFA44A25CA2B76FE4BFEFADAAB7B56D9EAA9959E955E8AEAE2AB98A5477FCF38E3A411908C78E6CE5C0CCA5501008E53434F917769E40CE1FB28048D9658C7BCBDDF779FE20E79D01AC9E9CB2F28DD83849983BE81700454F40C2BFC2868AACB93D6A3FC6E2524BC7C6F480C687855D78520458842F3BF8527E86EECAEAF9B1C60B8A12557E682DF3EEE3B37E3E9A9CFE3AF133C95D4AA4AAF0A962A669EE17A60ECE0EAC67556995E687A455E6A340200C51016E5EDD70E6FE94B550C9FE7C3978B3573EC6402DE2033228197597119FB98C0A4250D7B4E8C3B1E62E10BBC6DCB62D3B97BBB0EB60ADA348A520D82CFC18C0E4CC873F19D6FE07F9A2BB194FD05735A8AA877A63F689C92D2574FACF7FBBFC44548D838234573C69B3555C38F9474C68631879AA749EB8720705BD8789C80189B9F647097FD402C55CA2DC6540BCE7EA6D04FDEB401EDBF8E6FE21348D5539CAE51B65F4AD147D00D3F65BC8CBE9E46B14CA88A3EA57EC98C268A0C77A16ECBB0E0616F1DB63D365AE61C671149374C46E9DD5AAF922C9B5D6D6C1B25BABD03AC56E9AE076C0A432B1CE3AFCC091E1DD5F430AE8B68388C172015B60622E0837B414A4F11724BC0BF3D459D3FA10BAE283AD189E3081A5A249F84FBE59CABF34E2E70275B0ED05EAD2BB9E2FA776D57D40DEC15631A7CA445CCB1AC20B0A55B2835BFAF16C81FAD5DCAB0CFA8B4E5D14AC41D9AC3093EEF8A11832EA72C8AA8626C0C878870EFA58B070EDD02C84ABDCA3CF08CD68470A4DCD859077F1DC8ACA672A06F0D942EA1484D282757E5249FEBD0ED7C0000DA8DF4910266C2D9841EF6673CCE110C7B5EF88EC9698B80B0DD97668BA4B8B1F7DD64B0449C1DF89694256E8F2E196EAA7F56C0B10915D2E0440AE2365F0C9474A88B2ED79ED1D7080FD832C0BBB89AC689EDDE148B81DDDB82D6314D2C1B"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3744)
c:\progra~1\ALICET~1\SMARTB~1\SBHook.dll
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\DropboxExt.13.dll
c:\documents and settings\uno\Dati applicazioni\Dropbox\bin\MSVCP71.dll
c:\windows\system32\ieframe.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\programmi\File comuni\Nero\Lib\NeroDigitalExt.dll
c:\programmi\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\Symantec\Symantec Endpoint Protection\Smc.exe
c:\programmi\File comuni\Symantec Shared\ccSvcHst.exe
c:\acer\Empowering Technology\admServ.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\Symantec\Symantec Endpoint Protection\SmcGui.exe
c:\programmi\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\Spyware Terminator\sp_rsser.exe
c:\programmi\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\windows\system32\fxssvc.exe
c:\windows\system32\rundll32.exe
c:\windows\eHome\ehmsas.exe
c:\windows\RTHDCPL.EXE
c:\docume~1\uno\IMPOST~1\Temp\RtkBtMnt.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\programmi\File comuni\Nero\Lib\NMIndexingService.exe
c:\windows\system32\msiexec.exe
c:\programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Ora fine scansione: 2010-09-20 18:57:15 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-09-20 16:57
Pre-Run: 34.448.900.096 byte disponibili
Post-Run: 34.325.463.040 byte disponibili
- - End Of File - - DF46C5B995C9EC0042E99FFD9ED31D78