ComboFix 11-03-29.01 - Erika 29/03/2011 23:02:18.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.3894.2733 [GMT 2:00]
Eseguito da: c:\users\Erika\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Erika\AppData\Local\GamePlayLabs Plugin\BHO.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-02-28 al 2011-03-29 )))))))))))))))))))))))))))))))))))
.
.
2011-03-29 21:06 . 2011-03-29 21:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-28 19:54 . 2011-03-28 19:54 -------- d--h--w- c:\programdata\Common Files
2011-03-28 19:53 . 2011-03-28 23:11 -------- d-----w- c:\programdata\AVG10
2011-03-28 19:47 . 2011-03-28 19:53 -------- d-----w- c:\programdata\MFAData
2011-03-28 19:27 . 2011-03-28 19:27 -------- d-----w- c:\program files\CCleaner
2011-03-28 18:20 . 2011-03-28 19:38 -------- d-----w- c:\programdata\PC Tools
2011-03-27 01:20 . 2004-06-02 11:19 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-03-27 01:20 . 2004-05-30 10:13 106609 ----a-w- c:\windows\SysWow64\MaJUtilLib.dll
2011-03-27 01:20 . 2004-03-22 07:14 49152 ----a-r- c:\windows\SysWow64\MaJGUILib.dll
2011-03-23 21:24 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-23 21:24 . 2011-03-23 21:24 -------- d-----w- c:\programdata\Malwarebytes
2011-03-23 21:24 . 2011-03-23 21:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-23 21:24 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-22 09:16 . 2011-02-02 17:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-03-19 12:23 . 2011-03-19 12:23 -------- d-----w- c:\programdata\TomTom
2011-03-19 12:23 . 2011-03-19 12:23 -------- d-----w- c:\program files (x86)\TomTom International B.V
2011-03-19 12:22 . 2011-03-19 12:23 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2011-03-19 12:22 . 2011-03-19 12:22 -------- d-----w- c:\program files (x86)\TomTom DesktopSuite
2011-03-19 10:02 . 2011-03-19 10:02 -------- d-----w- c:\program files (x86)\MarkAny
2011-03-19 10:02 . 2011-03-19 10:02 -------- d-----w- c:\program files (x86)\Samsung
2011-03-19 10:00 . 2011-03-19 10:00 -------- d-----w- C:\Manual-PCProgram
2011-03-19 08:14 . 2011-03-19 08:14 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-03-17 09:13 . 2009-12-21 01:42 90624 ----a-w- c:\windows\system32\Primomonnt.dll
2011-03-17 09:13 . 2011-03-17 09:13 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-03-16 12:05 . 2011-03-16 12:05 -------- d-----w- c:\windows\it
2011-03-16 11:59 . 2011-03-16 11:59 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-16 11:59 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-03-16 11:58 . 2011-03-16 11:59 -------- d-----w- c:\program files\Windows Live
2011-03-16 11:58 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-03-16 11:58 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-03-16 11:58 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-03-16 11:58 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-03-16 11:57 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-03-16 11:57 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-03-16 11:57 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-03-16 11:57 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-03-16 11:57 . 2011-03-16 11:57 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40031b001cbe3d106\InstallManager_WLE_WLE.exe
2011-03-16 11:56 . 2011-03-16 11:56 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\35c35bf51cbe3d105\MeshBetaRemover.exe
2011-03-16 11:56 . 2011-03-16 11:56 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\32cf65431cbe3d104\DSETUP.dll
2011-03-16 11:56 . 2011-03-16 11:56 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\32cf65431cbe3d104\DXSETUP.exe
2011-03-16 11:56 . 2011-03-16 11:56 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\32cf65431cbe3d104\dsetup32.dll
2011-03-16 11:56 . 2011-03-16 11:56 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2d8679541cbe3d103\DSETUP.dll
2011-03-16 11:56 . 2011-03-16 11:56 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2d8679541cbe3d103\DXSETUP.exe
2011-03-16 11:56 . 2011-03-16 11:56 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2d8679541cbe3d103\dsetup32.dll
2011-03-15 20:07 . 2011-03-15 20:07 -------- d-----w- c:\programdata\{23D58E70-3B83-4B83-A227-68770F84F5EC}
2011-03-14 07:16 . 2011-03-14 07:16 -------- d-----r- c:\program files (x86)\Skype
2011-03-14 07:16 . 2011-03-14 07:16 -------- d-----w- c:\programdata\Skype
2011-03-10 22:55 . 2011-03-10 22:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-03-10 20:24 . 2011-03-10 20:24 -------- d-----w- c:\program files (x86)\Native Instruments
2011-03-10 20:24 . 2006-07-11 15:16 61440 ----a-w- c:\windows\SysWow64\NI_DFD_1_4.dll
2011-03-10 20:24 . 2006-05-19 15:54 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_1.dll
2011-03-10 20:24 . 2005-04-04 17:00 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_0_3.dll
2011-03-10 20:23 . 2011-03-10 20:24 -------- d-----w- c:\program files (x86)\Finale GPO 2.0
2011-03-10 20:23 . 2011-03-10 20:23 -------- d-----w- C:\PSFonts
2011-03-10 20:23 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2011-03-10 20:22 . 2011-03-10 20:23 -------- d-----w- c:\program files (x86)\Finale 2007
2011-03-10 18:53 . 2011-03-10 18:53 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-03-10 08:50 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-10 08:50 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-10 08:49 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-03-10 08:49 . 2009-10-10 02:41 109056 ----a-w- c:\windows\system32\drivers\sdbus.sys
2011-03-10 08:49 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-03-10 08:49 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-03-10 08:20 . 2011-03-10 08:20 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-10 08:20 . 2011-03-10 08:20 -------- d-----w- c:\windows\system32\Wat
2011-03-10 00:15 . 2011-03-10 00:15 -------- d-----w- c:\users\Public\CyberLink
2011-03-09 20:33 . 2011-03-09 20:33 -------- d-----w- c:\programdata\Recovery
2011-03-09 17:54 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-09 17:54 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-09 17:54 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-09 17:54 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-09 17:54 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-09 17:54 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-09 17:54 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-09 17:54 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-09 17:54 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-09 17:54 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-09 17:54 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-03-09 17:50 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-03-09 17:50 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2011-03-09 17:50 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2011-03-09 17:50 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2011-03-09 17:50 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2011-03-09 17:50 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2011-03-09 17:50 . 2010-09-01 05:14 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-03-09 17:50 . 2010-09-01 04:26 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2011-03-09 17:50 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2011-03-09 17:50 . 2010-09-01 05:12 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2011-03-09 17:39 . 2011-02-23 15:04 238968 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-09 17:38 . 2011-03-28 19:43 -------- d-----w- c:\programdata\AVAST Software
2011-03-09 17:23 . 2011-03-09 17:23 -------- d-----w- C:\Intel
2011-03-09 12:11 . 2011-03-09 12:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-09 12:10 . 2011-03-26 00:12 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-09 12:08 . 2011-03-09 12:08 -------- d-----w- c:\program files (x86)\Static Windows Live Mail Backup
2011-03-09 11:57 . 2011-03-09 11:57 -------- d-----w- c:\program files\Symantec
2011-03-09 11:38 . 2011-03-09 11:38 -------- d-----w- c:\users\Public\Symantec
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 10:01 . 2009-07-21 11:22 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-03-16 12:08 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-09 12:03 . 2010-02-11 04:02 588472 ----a-w- c:\windows\SysWow64\ezsvc7x.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-03-09 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SMSTray"="c:\program files (x86)\Samsung\EmoDio\SMSTray.exe" [2009-03-21 484888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-23 225280]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-03-23 c:\windows\Tasks\HPCeeScheduleForErika.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2009-12-22 5977600]
"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2009-10-13 995840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-11 172032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2418376
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Invia a Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\17c3by8x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/webhp?client=firef ... con+Google
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe
AddRemove-WT065226 - c:\program files (x86)\HP Games\Blasterball 3\Uninstall.exe
AddRemove-WT065277 - c:\program files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe
AddRemove-WT065290 - c:\program files (x86)\HP Games\Mah Jong Medley\Uninstall.exe
AddRemove-WT065295 - c:\program files (x86)\HP Games\Polar Bowler\Uninstall.exe
AddRemove-WT065296 - c:\program files (x86)\HP Games\Polar Golfer\Uninstall.exe
AddRemove-WT065297 - c:\program files (x86)\HP Games\Super Collapse 3\Uninstall.exe
AddRemove-WT065305 - c:\program files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe
AddRemove-WT065307 - c:\program files (x86)\HP Games\World of Goo\Uninstall.exe
AddRemove-WT065308 - c:\program files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe
AddRemove-WT065414 - c:\program files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe
AddRemove-WT065426 - c:\program files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe
AddRemove-WT065446 - c:\program files (x86)\HP Games\Peggle\Uninstall.exe
AddRemove-WT065454 - c:\program files (x86)\HP Games\Slingo Deluxe\Uninstall.exe
AddRemove-WT065459 - c:\program files (x86)\HP Games\Zuma Deluxe\Uninstall.exe
AddRemove-WT074389 - c:\program files (x86)\HP Games\Diner Dash\Uninstall.exe
AddRemove-WT074421 - c:\program files (x86)\HP Games\FATE\Uninstall.exe
AddRemove-WT074441 - c:\program files (x86)\HP Games\THE GAME OF LIFE\Uninstall.exe
AddRemove-WT074442 - c:\program files (x86)\HP Games\Virtual Families\Uninstall.exe
AddRemove-WT074585 - c:\program files (x86)\HP Games\Yahtzee\Uninstall.exe
AddRemove-WT075041 - c:\program files (x86)\HP Games\Farm Frenzy\Uninstall.exe
AddRemove-WT075046 - c:\program files (x86)\HP Games\StoneLoops of Jurassica\Uninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-03-29 23:07:42
ComboFix-quarantined-files.txt 2011-03-29 21:07
.
Pre-Run: 159.784.939.520 byte disponibili
Post-Run: 159.682.613.248 byte disponibili
.
- - End Of File - - 86D22FF4B608212EBD8BE5925D958F8A