ComboFix 11-05-23.02 - Marco 24/05/2011 14:20:04.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.4095.2544 [GMT 2:00]
Eseguito da: c:\users\Marco\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: Firewall ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marco\270.61-desktop-win7-winvista-64bit-international-whql.exe
c:\users\Marco\FreeStudio.exe
c:\users\Marco\mod_sa.v4.3.0.0.SA-MP.v0.3c-R3.Setup.exe
c:\users\Marco\sa-mp-0.3c-R3-install.exe
c:\users\Marco\sixaxisdriver.exe
c:\users\Marco\TeamSpeak3-Client-win64-3.0.0-rc1.exe
c:\users\Marco\wlsetup-custom.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-04-24 al 2011-05-24 )))))))))))))))))))))))))))))))))))
.
.
2011-05-24 12:27 . 2011-05-24 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-24 12:16 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91A58720-042F-467F-86ED-B2CCDB924E5D}\mpengine.dll
2011-05-24 11:18 . 2011-05-24 11:18 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-24 11:18 . 2011-05-24 11:18 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-05-24 11:18 . 2011-05-24 11:18 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-24 11:18 . 2011-05-24 11:18 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-24 11:18 . 2011-05-24 11:18 -------- d-----w- c:\program files (x86)\OpenAL
2011-05-24 11:17 . 2011-05-24 11:17 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared
2011-05-24 11:15 . 2011-05-24 11:15 -------- d-----w- c:\program files (x86)\Futuremark
2011-05-21 21:31 . 2011-05-21 22:00 -------- d-----w- c:\programdata\Messenger Plus!
2011-05-21 21:30 . 2011-05-21 21:31 -------- d-----w- c:\program files (x86)\BabylonToolbar
2011-05-21 21:30 . 2011-05-21 21:30 -------- d-----w- c:\program files (x86)\Yuna Software
2011-05-21 18:32 . 2011-05-21 18:33 -------- d-----w- c:\users\UpdatusUser
2011-05-21 18:32 . 2011-05-24 11:17 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-05-21 18:31 . 2011-05-21 18:33 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-05-21 18:31 . 2011-05-24 10:17 -------- d-----w- c:\programdata\NVIDIA
2011-05-21 18:29 . 2011-05-21 18:29 -------- d-----w- C:\NVIDIA
2011-05-21 17:56 . 2011-05-24 12:14 -------- d-----w- c:\program files (x86)\Call Of Duty Modern Warfare 2
2011-05-20 20:43 . 2011-05-20 20:43 -------- d-----w- c:\program files (x86)\Microsoft
2011-05-20 20:42 . 2011-05-20 20:42 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2011-05-20 20:42 . 2011-05-20 20:43 -------- d-----w- c:\program files (x86)\Windows Live
2011-05-20 20:42 . 2011-05-20 20:42 -------- d-----w- c:\windows\PCHEALTH
2011-05-20 20:40 . 2011-05-20 20:40 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-20 17:49 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll
2011-05-20 17:49 . 2011-05-24 10:17 -------- d-----w- c:\program files (x86)\MSI Afterburner
2011-05-20 17:17 . 2011-05-20 17:31 -------- d-----w- c:\program files (x86)\Call Of Duty Black Ops
2011-05-20 14:19 . 2008-05-30 12:11 540688 ----a-w- c:\windows\system32\d3dx10_38.dll
2011-05-20 14:08 . 2011-05-20 14:18 -------- d--h--w- c:\windows\msdownld.tmp
2011-05-20 13:55 . 2011-05-24 10:30 -------- d-----w- c:\program files (x86)\GTAsa
2011-05-19 15:56 . 2011-05-19 15:56 -------- d-----w- c:\programdata\PACE Anti-Piracy
2011-05-19 15:56 . 2011-05-19 15:56 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2011-05-19 13:46 . 2011-05-19 13:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-05-19 13:25 . 2011-05-19 13:25 -------- d-----w- c:\program files (x86)\My Company Name
2011-05-19 13:25 . 2011-05-19 13:25 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-05-19 13:25 . 2011-05-19 13:25 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-05-19 13:25 . 2009-07-09 01:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-05-19 13:25 . 2009-06-23 01:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-05-19 13:25 . 2009-06-23 01:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-05-19 13:15 . 2011-05-19 13:15 -------- d-----w- c:\program files (x86)\Adobe Story
2011-05-19 12:57 . 2011-05-19 12:57 -------- d-----w- c:\program files (x86)\RocketDock
2011-05-19 12:34 . 2011-05-19 12:35 -------- d-----w- c:\program files (x86)\TutoreDattilo
2011-05-19 11:24 . 2011-05-19 11:24 -------- d-----w- c:\program files (x86)\qBittorrent
2011-05-17 22:10 . 2009-07-14 01:41 44544 ----a-w- c:\windows\system32\themeservice.dll.backup
2011-05-17 22:10 . 2009-07-14 01:41 332288 ----a-w- c:\windows\system32\uxtheme.dll.backup
2011-05-17 22:10 . 2009-07-14 01:16 2755072 ----a-w- c:\windows\SysWow64\themeui.dll.backup
2011-05-17 22:10 . 2009-07-14 01:11 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll.backup
2011-05-17 21:33 . 2011-05-17 21:37 -------- d-----w- c:\program files (x86)\7tsp
2011-05-16 17:14 . 2010-08-12 09:46 758272 ----a-w- c:\windows\system32\cohelper.dll
2011-05-16 17:14 . 2010-08-09 20:33 11164 ----a-w- c:\windows\system32\drivers\nvphy.bin
2011-05-16 17:05 . 2011-05-16 17:05 -------- d-----w- c:\windows\system32\SPReview
2011-05-16 17:04 . 2011-05-16 17:04 -------- d-----w- c:\windows\system32\EventProviders
2011-05-16 17:01 . 2009-07-14 01:41 419840 ----a-w- c:\windows\system32\systemcpl.dll
2011-05-16 17:00 . 2010-11-20 10:43 32768 ----a-w- c:\windows\system32\drivers\usbser.sys
2011-05-15 22:33 . 2011-05-15 22:33 -------- d-----w- c:\program files (x86)\Cheat Engine 6
2011-05-15 18:07 . 2011-05-15 18:07 -------- d-----w- c:\program files (x86)\FreeTime
2011-05-15 18:00 . 2011-05-15 18:00 -------- d-----w- c:\programdata\NokiaAccount
2011-05-15 17:58 . 2011-05-15 17:58 -------- d-----w- c:\windows\SysWow64\QuickTime
2011-05-15 17:58 . 2011-05-15 17:58 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2011-05-15 17:58 . 2011-05-15 17:58 -------- d-----w- c:\programdata\TechSmith
2011-05-15 17:58 . 2011-05-15 17:58 -------- d-----w- c:\program files (x86)\TechSmith
2011-05-15 17:54 . 2011-05-15 17:54 -------- d-----w- c:\programdata\PC Suite
2011-05-15 17:53 . 2011-05-15 17:54 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2011-05-15 17:53 . 2011-05-15 17:53 -------- d-----w- c:\program files\DIFX
2011-05-15 17:53 . 2008-08-28 10:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-05-15 17:53 . 2011-05-15 17:53 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-15 17:53 . 2011-05-15 17:53 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-05-15 17:53 . 2010-12-02 13:14 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2011-05-15 17:52 . 2011-05-15 17:53 -------- d-----w- c:\program files (x86)\Nokia
2011-05-15 17:52 . 2011-05-15 17:52 -------- d-----w- c:\programdata\NokiaInstallerCache
2011-05-15 17:45 . 2011-05-19 13:31 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-05-15 17:43 . 2011-05-19 13:29 -------- d-----w- c:\program files\Common Files\Adobe
2011-05-15 17:42 . 2011-05-15 17:42 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-05-15 17:39 . 2011-05-15 17:39 -------- d-----w- c:\programdata\SpeedBit
2011-05-15 17:39 . 2011-05-15 17:39 -------- d-----w- c:\program files (x86)\Common Files\SpeedBit
2011-05-15 17:39 . 2011-05-15 17:39 84480 ----a-w- c:\windows\SysWow64\EasyHook32.dll
2011-05-15 17:39 . 2011-05-15 17:39 -------- d-----w- c:\program files (x86)\DAP
2011-05-15 17:39 . 2011-05-15 17:39 172032 ----a-w- c:\windows\SysWow64\AniGIF.ocx
2011-05-15 17:38 . 2011-05-19 13:14 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-05-15 17:35 . 2011-05-19 13:28 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-05-15 17:30 . 2011-05-15 17:30 -------- d-----w- c:\windows\W7SBC
2011-05-15 17:30 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer_edit_w7sbc.exe
2011-05-15 17:30 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer_backup_w7sbc.exe
2011-05-15 17:30 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2011-05-15 17:25 . 2011-05-15 17:25 -------- d-----w- c:\programdata\Skype Extras
2011-05-15 17:24 . 2011-05-15 17:24 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Home Edition 6.0
2011-05-15 17:24 . 2011-05-15 17:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-15 17:24 . 2011-05-15 17:34 -------- d-----r- c:\program files (x86)\Skype
2011-05-15 17:24 . 2011-05-15 17:24 -------- d-----w- c:\programdata\Skype
2011-05-15 17:23 . 2011-05-20 16:15 -------- d-----w- c:\program files (x86)\Common Files\Plasmoo
2011-05-15 17:23 . 2011-05-20 16:16 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-05-15 17:23 . 2011-05-15 17:23 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin7.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin6.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin5.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin4.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin3.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin2.dll
2011-05-15 17:19 . 2011-05-15 17:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin.dll
2011-05-15 17:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-05-15 17:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-05-15 17:19 . 2011-05-15 17:19 -------- d-----w- c:\program files (x86)\QuickTime
2011-05-15 17:19 . 2011-05-15 17:19 -------- d-----w- c:\programdata\Apple Computer
2011-05-15 17:18 . 2011-05-15 17:18 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-05-15 17:18 . 2011-05-15 17:18 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-05-15 17:18 . 2011-05-15 17:18 -------- d-----w- c:\programdata\Apple
2011-05-15 17:16 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-15 17:16 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-15 17:16 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-05-15 17:16 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-15 17:10 . 2011-05-15 17:10 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2011-05-15 17:09 . 2009-07-14 01:41 2851328 ----a-w- c:\windows\system32\themeui.dll.backup
2011-05-15 16:55 . 2011-05-15 16:55 -------- d-----w- c:\program files\CCleaner
2011-05-15 16:54 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-05-15 16:54 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-05-15 16:54 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-15 16:54 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-05-15 16:54 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-05-15 16:54 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-05-15 16:54 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-15 16:54 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-05-15 16:54 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-15 16:54 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-05-15 16:54 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-05-15 16:52 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-15 16:52 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-17 22:10 . 2009-07-13 23:54 2851328 ----a-w- c:\windows\system32\themeui.dll
2011-05-17 22:10 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2011-05-17 22:10 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2011-05-17 22:10 . 2009-07-13 23:39 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2011-05-17 22:10 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2011-05-17 21:50 . 2009-07-14 02:36 152064 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-17 21:50 . 2009-07-14 02:36 175104 ----a-w- c:\windows\system32\msclmd.dll
2011-04-08 05:14 . 2010-10-08 01:17 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-07 21:19 . 2011-04-07 21:19 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-07 02:08 . 2011-03-07 02:08 93552 ----a-w- c:\windows\SysWow64\ElbyCDIO.dll
2011-03-07 00:52 . 2011-03-07 00:52 134512 ----a-w- c:\windows\SysWow64\ElbyVCD.dll
2011-03-04 06:17 . 2011-05-15 16:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-05-15 16:53 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-02-28 16:01 . 2010-03-05 08:13 947472 ----a-w- c:\windows\SysWow64\msjava.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2011-05-15 2918576]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-21 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"BabylonToolbar"="c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 XPADFL02;XPAD Filter Service 02;c:\windows\system32\DRIVERS\xpadfl02.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-14 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 cpuz130;cpuz130;c:\users\Marco\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-05-27 14648]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - CPUZ130
*NewlyCreated* - RTCORE64
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4121679050-1716997509-1928721487-1000Core.job
- c:\users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 16:59]
.
2011-05-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4121679050-1716997509-1928721487-1000UA.job
- c:\users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 16:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-14 2918656]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=40b2ede7000000000000001f1fb8ecaf&tlver=1.4.19.19&affID=17159
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: &Clean Traces - c:\program files (x86)\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files (x86)\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files (x86)\DAP\dapextie2.htm
IE: Free YouTube Download - c:\users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: {CB601B5C-5A8F-4255-819C-7F9A68BFF10C} = 195.50.140.182,195.50.140.116
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
FF - ProfilePath - c:\users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\meb7b2jm.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=40b2ede7000000000000001f1fb8ecaf&tlver=1.4.19.19&instlRef=sst&affID=17159&q=
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:ea,8a,37,4d,b4,a5,ab,72,25,86,c0,7e,d7,c8,79,f3,a9,ea,8f,84,e8,
e8,df,74,d0,c2,81,33,44,58,5b,d2,88,b3,d4,f7,ef,ba,ed,e2,52,06,96,79,69,8a,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@
denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@
denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@
denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@
denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:ea,8a,37,4d,b4,a5,ab,72,25,86,c0,7e,d7,c8,79,f3,a9,ea,8f,84,e8,
e8,df,74,d0,c2,81,33,44,58,5b,d2,88,b3,d4,f7,ef,ba,ed,e2,52,06,96,79,69,8a,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@
denied: (A) (Users)
@
denied: (A) (Everyone)
@
Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@
denied: (Full) (Everyone)
.
Ora fine scansione: 2011-05-24 14:28:37
ComboFix-quarantined-files.txt 2011-05-24 12:28
.
Pre-Run: 342.594.007.040 byte disponibili
Post-Run: 342.998.904.832 byte disponibili
.
- - End Of File - - 4B56D279D966021DF4D2433A8289E4C1
@