ComboFix 11-08-03.03 - LANA 03/08/2011 22:55:05.1.8 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.8180.6839 [GMT 2:00]
Eseguito da: c:\users\LANA\Desktop\werwwj.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
ADS - Windows: deleted 192 bytes in 1 streams. .
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\LANA\Documents\Readiris.DUS
.
.
((((((((((((((((((((((((( Files Creati Da 2011-07-03 al 2011-08-03 )))))))))))))))))))))))))))))))))))
.
.
2011-08-03 20:58 . 2011-08-03 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-03 20:58 . 2011-08-03 20:58 -------- d-----w- c:\users\admin\AppData\Local\temp
2011-08-03 20:33 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70E62CE0-5394-4B3B-A61A-51DB703D2DBA}\mpengine.dll
2011-08-03 20:32 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-21 22:19 . 2010-05-06 03:21 125456 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2011-07-21 22:19 . 2010-06-01 20:28 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-21 22:19 . 2010-06-01 19:42 38912 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-21 22:19 . 2010-06-01 19:41 30208 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-21 22:19 . 2010-06-01 19:35 55296 ----a-w- c:\windows\system32\coinst.dll
2011-07-21 14:47 . 2011-04-06 01:22 258048 ----a-w- c:\windows\SysWow64\SET229E.tmp
2011-07-19 09:21 . 2011-07-19 09:37 -------- d-----w- c:\users\LANA\AppData\Local\AnVir
2011-07-18 21:25 . 2011-06-07 07:37 18488 ----a-w- c:\windows\system32\drivers\rspAux64.sys
2011-07-18 21:25 . 2011-07-18 21:25 -------- d-----w- c:\program files\LatencyMon
2011-07-18 08:57 . 2011-07-18 08:57 -------- d-----w- c:\users\LANA\AppData\Local\BattCursor
2011-07-18 08:53 . 2011-07-18 08:53 -------- d-----w- c:\program files\BattCursor
2011-07-15 18:17 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-07-15 18:15 . 2011-06-03 06:44 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-15 18:15 . 2011-06-03 05:47 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-15 18:15 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-07-15 18:15 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-07-14 22:41 . 2009-10-30 14:05 15872 ----a-w- c:\windows\system32\drivers\d557whnt.sys
2011-07-14 22:41 . 2009-10-30 14:05 15872 ----a-w- c:\windows\system32\drivers\d557wh.sys
2011-07-14 22:41 . 2009-10-30 14:05 346624 ----a-w- c:\windows\system32\drivers\d557bus.sys
2011-07-14 22:41 . 2009-09-22 07:10 17408 ----a-w- c:\windows\system32\drivers\wwussf64.sys
2011-07-14 22:41 . 2009-09-22 07:10 12800 ----a-w- c:\windows\system32\drivers\wwuss64.sys
2011-07-14 22:41 . 2009-10-30 14:05 371200 ----a-w- c:\windows\system32\drivers\d557mgmt.sys
2011-07-14 22:41 . 2009-10-30 14:05 15360 ----a-w- c:\windows\system32\drivers\d557cmnt.sys
2011-07-14 22:41 . 2009-10-30 14:05 15360 ----a-w- c:\windows\system32\drivers\d557cm.sys
2011-07-14 22:41 . 2009-10-30 07:32 264232 ----a-w- c:\windows\system32\drivers\WwanUsbMp64.sys
2011-07-14 22:41 . 2009-10-30 14:05 427008 ----a-w- c:\windows\system32\drivers\d557mdm.sys
2011-07-14 22:41 . 2009-10-30 14:05 19456 ----a-w- c:\windows\system32\drivers\d557mdfl.sys
2011-07-14 22:41 . 2009-07-10 12:53 96296 ----a-w- c:\windows\system32\drivers\d554gps64.sys
2011-07-13 13:29 . 2011-07-13 13:43 -------- d-----w- c:\users\LANA\.idlerc
2011-07-13 13:07 . 2011-07-15 05:19 -------- d-----w- c:\program files\Python27
2011-07-12 21:33 . 2011-07-12 21:33 0 ---ha-w- c:\users\admin\AppData\Local\BIT4EBC.tmp
2011-07-12 21:32 . 2011-07-12 21:32 -------- d-----w- c:\users\admin\AppData\Roaming\Intel
2011-07-12 21:32 . 2011-07-12 21:32 -------- d-----w- c:\users\admin\AppData\Local\Broadcom
2011-07-12 21:32 . 2011-07-12 21:32 -------- d-----w- c:\users\admin\AppData\Roaming\Synaptics
2011-07-12 21:32 . 2011-07-12 21:32 -------- d-----w- c:\users\admin\AppData\Roaming\PC Suite
2011-07-12 14:31 . 2011-07-12 14:31 -------- d-----w- c:\users\LANA\AppData\Local\Freemake
2011-07-12 14:30 . 2011-07-14 21:34 -------- d-----w- c:\program files (x86)\Freemake
2011-07-06 20:05 . 2011-07-06 20:05 -------- d-----w- C:\IDE
2011-07-05 08:08 . 2011-07-05 08:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 09:06 . 2011-04-20 14:25 283024 ----a-w- C:\DUMP0c6e.tmp
2011-07-20 22:02 . 2011-04-20 14:25 280056 ----a-w- C:\DUMP6ac3.tmp
2011-07-20 21:43 . 2011-04-20 14:25 282760 ----a-w- C:\DUMP6bbc.tmp
2011-07-19 23:11 . 2011-04-20 14:25 282760 ----a-w- C:\DUMP402a.tmp
2011-07-19 22:59 . 2011-04-20 14:25 282824 ----a-w- C:\DUMP817e.tmp
2011-07-19 22:33 . 2011-04-20 14:25 282760 ----a-w- C:\DUMP314c.tmp
2011-07-19 22:27 . 2011-04-20 14:25 288128 ----a-w- C:\DUMP8d41.tmp
2011-07-13 04:53 . 2011-05-01 17:37 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-30 08:38 . 2011-01-06 15:37 92688 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 08:38 . 2011-01-06 15:37 41712 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38 . 2011-01-06 15:36 252344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38 . 2011-01-06 15:36 16016 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37 . 2010-12-28 23:42 285256 ----a-w- c:\windows\SysWow64\guard32.dll
2011-06-30 08:37 . 2010-12-28 23:42 363560 ----a-w- c:\windows\system32\guard64.dll
2011-06-16 21:24 . 2011-05-16 19:48 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-12 22:19 . 2011-06-12 22:19 0 ---ha-w- c:\users\LANA\AppData\Local\BIT52EF.tmp
2011-06-10 19:26 . 2011-04-20 22:06 525544 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-03 05:57 . 2011-07-15 18:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-24 11:42 . 2011-06-30 23:16 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-30 23:16 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-30 23:16 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-30 23:16 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-30 23:16 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-21 17:30 . 2011-05-21 17:30 2110728 ----a-w- c:\windows\SysWow64\Apblend.dll
2011-05-21 17:30 . 2011-05-21 17:30 1398024 ----a-w- c:\windows\SysWow64\Imagereog.dll
2011-05-21 17:30 . 2011-05-21 17:30 1171456 ----a-w- c:\windows\SysWow64\PicNotify.dll
2011-05-21 17:30 . 2011-05-21 17:30 11016 ----a-w- c:\windows\SysWow64\biologon.dll
2011-05-21 17:30 . 2011-05-21 17:30 1025288 ----a-w- c:\windows\SysWow64\CamOpEx.dll
2011-05-21 17:30 . 2011-05-21 17:30 778240 ----a-w- c:\windows\system32\EncIcons.dll
2011-05-21 17:30 . 2011-05-21 17:30 622592 ----a-w- c:\windows\system32\SimpleExt.dll
2011-05-21 17:30 . 2011-05-21 17:30 2219520 ----a-w- c:\windows\system32\Apblend64.dll
2011-05-21 17:30 . 2011-05-21 17:30 1766400 ----a-w- c:\windows\system32\imagereog.dll
2011-05-21 17:30 . 2011-05-21 17:30 1502720 ----a-w- c:\windows\system32\IcnOvrly.dll
2011-05-21 17:10 . 2011-05-21 17:09 876032 ----a-w- c:\windows\SysWow64\DevIL.dll
2011-05-21 17:10 . 2011-05-21 17:09 77824 ----a-w- c:\windows\SysWow64\ILU.dll
2011-05-21 17:10 . 2011-05-21 17:09 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-05-21 17:10 . 2011-05-21 17:09 32768 ----a-w- c:\windows\SysWow64\ILUT.dll
2011-05-21 17:10 . 2011-05-21 17:09 1044480 ----a-w- c:\windows\SysWow64\3DImageRenderer.dll
2011-05-07 19:51 . 2011-05-07 19:51 41144 ----a-w- c:\windows\system32\drivers\UMDF\gpsdirect.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-20 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\users\LANA\Downloads\winxpvirtualcdcontrolpanel_21\VCdRom.sys [2001-12-19 8576]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-07-22 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-04-20 339624]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-01 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-04-20 421032]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 MSSQL$TARGET;SQL Server (TARGET);c:\program files (x86)\Target-Software\TargetHelpdesk\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-03-21 341312]
R2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-03-21 68928]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
R2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\LANA\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [2010-11-25 14544]
R2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port;c:\windows\system32\DRIVERS\d554gps64.sys [x]
R3 d554scard;Dell Wireless 5540 HSPA Mini-Card USIM Port;c:\windows\system32\DRIVERS\d554scard.sys [x]
R3 d557mdfl;Dell Wireless 5540 HSPA Mini-Card Modem Filter (Win7);c:\windows\system32\DRIVERS\d557mdfl.sys [x]
R3 d557mdm;Dell Wireless 5540 HSPA Mini-Card Modem (Win7);c:\windows\system32\DRIVERS\d557mdm.sys [x]
R3 d557mgmt;Dell Wireless 5540 HSPA Mini-Card Device Management (Win7);c:\windows\system32\DRIVERS\d557mgmt.sys [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-12 340240]
R3 netw5v64;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NETwNs64;___ Driver scheda Intel(R) Wireless WiFi Link 5000 Series per Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 O&O CleverCache;O&O CleverCache;c:\program files\OO Software\CleverCache\ooccag.exe [2009-12-09 844616]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 rspAux;rspAux;c:\windows\system32\DRIVERS\rspAux64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WwanUsbServ;Ericsson WWAN Wireless Module Device Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
S3 d557bus;Dell Wireless 5540 HSPA Mini-Card Device (Win7);c:\windows\system32\DRIVERS\d557bus.sys [x]
S3 ecnssndis;Service for enabling selective suspend to NDIS device;c:\windows\system32\Drivers\wwuss64.sys [x]
S3 ecnssndisfltr;SSNDIS filter service;c:\windows\system32\Drivers\wwussf64.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 17:03]
.
2011-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 17:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
hxxp://www.google.it/mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 62.13.169.92 62.13.169.93
TCP: Interfaces\{416F6314-760E-4837-B4B4-5B624EA7B0B8}: NameServer = 8.8.4.4,194.20.0.24
TCP: Interfaces\{A1DE6E55-8F13-43EE-BBCC-B05D0C626DF8}: NameServer = 62.13.169.92 62.13.169.93
FF - ProfilePath - c:\users\LANA\AppData\Roaming\Mozilla\Firefox\Profiles\ae8in03n.default\
FF - prefs.js: browser.startup.homepage -
http://www.google.itFF - prefs.js: network.proxy.type - 0
.
.
------- Associazioni dei file -------
.
.reg=OOREGEDIT.Document
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-LECTOR 2007 - c:\progra~2\LECTOR\LECTOR~1\Setup.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}*]
@=hex:8f,8a,3e,64,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{20EF7B60-CE85-4048-A409-02CB203268EE}*]
@=hex:3c,ea,97,63,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{242E582C-66A8-478C-8BCA-0AF9F1D38D39}*]
@=hex:31,b3,38,63,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{29638F0C-042B-4B50-A2D2-8E8E7CA71E4F}*]
@=hex:07,63,e5,62,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{3B84C2D7-708C-48EF-8ED7-0C5FC0F030C6}*]
@=hex:50,7c,ae,62,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}*]
@=hex:27,2c,5b,62,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@=hex:7c,73,20,30,a3,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}*]
@=hex:d1,80,a1,61,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*]
@=hex:ff,03,3d,30,a3,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@=hex:1e,9a,ed,2c,a3,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{B67DA794-42D6-4DFE-AE29-0334338228C9}*]
@=hex:38,03,dd,61,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{C4B20040-7D5A-4558-9E19-B7DF94366F97}*]
@=hex:c2,d1,54,30,a3,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{C55AC07F-5B51-486C-811A-750184298D58}*]
@=hex:c6,9b,ed,63,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\{C7A40493-BF23-4B53-AB2A-4A923B3EE34B}*]
@=hex:3f,24,16,62,a4,0a,cc,01
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC7.00.00.01PROSTATION"="9FF31245A4057A56C11F9135588A85FC4F8F34A16758294056EAA450389AE9A03B623031077A0C6BC099A2BDBC37790EA751B9B050EF392B51EDA18A3A56F70E8344806673A119602B389A1C0CDA62BC39B27D35CB6F3009FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A2D97226D213B555C038D530D6EB3452DE4B12EB2B466313BA7DB1DD72D06AAA0AEBE319F1C9F3A09E3F5037A5E1F9E11EBB22D6C8223E1558AC3813F10501F133AADEC5505B486FA928239AE38737C2D1D32F775409F0A7F5C7B62FD44E16FDC30AFB8414E1C0B904DFD4FE3FE1279B66E9531517C637BDDA986B168AFE54F07AE9B877F6D59AEC067BC5E55CAAB6456FE8F0ABB87C4DBD7180D861E73D6ADDBB3F58F5150294682D241902BEF3D88FA2CEAD6DC91EF38249F1445F22028BCD0E92E30B6D8472041B18373B50207E3B592EF13DBBF472DC94743912D41C6EBB9F7E24F3E54F7C0692A7CD2CDC67247F912CEB34E49E918EAA2305AD80ABCC18BF362B24C52B7CAC7D38CA2518D5C384EC040B1F000B1F4E072CB91C09A8E44661FA49423B3144296A4464A996CA5E6B3205857E2A7FED48C655ACFB345AFB9F1CA696A8D4D0269F875791EFD17979424A8E5507E713D19A2F737A9DAE6056EE2DA5EEE4884D7AAAAB930E66276B9D12C41AB6219FB4A5D725737E86862B3EF5F376713BACBC9DD54EAEDA29577AD6D35130A9E899244609B4D25D71318284E5F4B000210089EC220E703C8E0A573675C66EF52F857616278B27FACA847EF9E85679C2C0A1F24D06A938B91C4505CF592088A2F7751579227E1683343C0DF59BE58EA479968DA76988759F8E785DBD5579C4FDFCE0BADB5D835BE304F6F0D38B12BFD4DD463C652932AEFE5575899A3396FC18A920FAAA2F3546CDC1B9BE71BE70F14633FC3D7896537C2B13EF0B8832DB9F469EF238D56252BAB8AD6BE1B1ADB69CB0F4EC1ED277BD0DBB2002B5AC82D2ADA3B17CACD4363D2FDE37D6957AC1C24D0F522AC0EB04E49F8D88AAB02E4B2BBE8AE9C164205E7E2E3D85AB6D375D14A220AC2BDCC0E9630CC08A49F739A6367D9E042EBFB681C1D89670FD4F5653CDD1E79B4D7DD04974B93A1AA35A8121692743718F7518BAD262F1864474CAECB822ABE751819EB77A27A0DF647D38BF5E0FA1D5180C4C19260F9689D9EA8BE4BFF1F892DB1BB1BD79E360B597D79875531A280ADD61DA1FD2BD16EDFD93926B73AF1DCB755098591B972BAB2FB45E2EAA43871ADCA6D2C394DCC0DE56255EA487612CFB09FCDEFA2B79730580B5C847E99A344772DE46F248EDADB7E6AAF1A9D31D7D3CE8509B071BD872BAC44D9E13BABE6806E065C98B710AB50C1EFD5485548FAB5BC74CE458"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-08-03 23:00:26
ComboFix-quarantined-files.txt 2011-08-03 21:00
.
Pre-Run: 46.974.169.088 byte disponibili
Post-Run: 47.913.742.336 byte disponibili
.
- - End Of File - - CF7640647904BDA10A4B256E93A6261E