Salve a tutti... non funzionandomi più il firewall ho deciso di seguire questa guida del vostro sito : http://www.tomshw.it/forum/sicurezza/197489-win7-problema-con-il-firewall.html
allora chiudo tutto, apro combofix, e aspetto.. al riavvio posso notare che il problema era sparito e che il firewall si attivava senza alcun problema... soltanto che non mi apriva ne il task manager, ne alcuna applicazione dandomi un errore che ora non ricordo(relativo alle voci di registro)... ho deciso allora di riavviare il computer credendo che fosse un problema temporaneo, ma per mia sfortuna è tuttora spento, poichè alla riaccensione parte windows 7 con il caricamento(quello con il logo) e poi si riavvia all'infinito...ho provato ad aprire il ripristino ma niente...non parte nemmeno in modalità provvisoria.. ho deciso così di attaccare l'hard disk ad un altro computer e recuperare il log di combofix e da li ho notato che ha cancellato diversi file nella directory di windows(oltre a numerosi file della mia stampante)... vi allego il file così spero potrete aiutarmi..
allora chiudo tutto, apro combofix, e aspetto.. al riavvio posso notare che il problema era sparito e che il firewall si attivava senza alcun problema... soltanto che non mi apriva ne il task manager, ne alcuna applicazione dandomi un errore che ora non ricordo(relativo alle voci di registro)... ho deciso allora di riavviare il computer credendo che fosse un problema temporaneo, ma per mia sfortuna è tuttora spento, poichè alla riaccensione parte windows 7 con il caricamento(quello con il logo) e poi si riavvia all'infinito...ho provato ad aprire il ripristino ma niente...non parte nemmeno in modalità provvisoria.. ho deciso così di attaccare l'hard disk ad un altro computer e recuperare il log di combofix e da li ho notato che ha cancellato diversi file nella directory di windows(oltre a numerosi file della mia stampante)... vi allego il file così spero potrete aiutarmi..
ComboFix 12-06-12.01 - Leonardo 12/06/2012 20:28:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4044.2831 [GMT 2:00]
Eseguito da: c:\users\Leonardo\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\program files (x86)\WinPCap
c:\programdata\HP
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\1025.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\synonyms-1025.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\1026.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\synonyms-1026.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\1028.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\synonyms-1028.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\1029.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\synonyms-1029.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\1030.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\synonyms-1030.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\1031.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\synonyms-1031.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\1032.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\synonyms-1032.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\1033.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\synonyms-1033.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\1034.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\synonyms-1034.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\1035.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\synonyms-1035.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\1036.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\synonyms-1036.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\1037.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\synonyms-1037.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\1038.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\synonyms-1038.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\1040.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\synonyms-1040.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\1041.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\synonyms-1041.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\1042.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\synonyms-1042.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\1043.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\synonyms-1043.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\1044.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\synonyms-1044.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\1045.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\synonyms-1045.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\1046.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\synonyms-1046.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\1048.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\synonyms-1048.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\1049.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\synonyms-1049.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\1050.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\synonyms-1050.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\1051.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\synonyms-1051.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\1053.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\synonyms-1053.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\1054.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\synonyms-1054.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\1055.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\synonyms-1055.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1057\1057.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1057\synonyms-1057.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\1060.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\synonyms-1060.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\1061.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\synonyms-1061.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\1062.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\synonyms-1062.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\1063.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\synonyms-1063.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\2052.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\synonyms-2052.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\AC_RunActiveContent.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\cueFunctions.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\hubURL.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\bullet.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\checkbox.PNG
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\cmyk-color-bar.svg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\collapsed.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\expanded.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\hyphen.PNG
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\icon_warning_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\projector_icon.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\registration-circle.svg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\RightArrow.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\spacer.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\well.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\masterStyle.css
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_black_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_color_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_com.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_com_load_media.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_copy_text_or_mixed_docs.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_gtk_printer_parts.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_ink_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_envelope.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_large_paper.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_small_paper.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_back.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_back_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_bottom.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_bottom_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_front.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_front_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_inside.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_inside_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\globalAnivewerParts_V2.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\booklet_reload.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\booklet_reload.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\c_panel.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\c_panel_2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cart_slots.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cartridge_number.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clean1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cleanout_door.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cleanout_door_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_back.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_bottom.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_front.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_inside.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\close_lid.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\colorlok.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\diagnostics.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\fcvr_ajr.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\fcvr_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_10.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4a.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4b.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4c.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4d.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_5.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_6.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_8.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_9.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\globe.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_document.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_envelope.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_photo_horizontal.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_poster.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_tasktray.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_web.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_blk1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_callouts.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_date.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_date.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\inkcart4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\inkcart5_no_co.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\input_tray_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ironon_media.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_brochure.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_env3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr4 .png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_pcard.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_photo_in_tray.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_photo_in_tray2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan_open.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_transp.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_booklet.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_label.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_poster.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\model_number.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\notouch.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\open_lid.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\opentype_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\output_tray_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\phone_list_urls_lar_weuro_ap.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\poster_layout.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\poster_layout.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\printer_parts.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\projector_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\pwr_cord.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ar_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_bg_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_cs_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_da_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_de_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_el_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_en_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_es_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_et_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fi_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_he_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hu_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_id_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_it_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ko_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lt_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lv_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ms_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_nl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_no_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pt_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ro_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ru_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sk_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sv_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_th_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_tr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_uk_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_cn.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_tw.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_doc.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_energystar_logo_ww.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_fcc_statement_class_b_us.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_notice_to_users_ko_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_power_cord_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_rohs_table_generic_zh_cn.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_vcci_class_b_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_weee_eu.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\release_pcart.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\release_pcart_no_co.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\truetype_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\unpack_cart.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\usb_pc.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_gtk.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_hd.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_wide.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\topicmap.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\XmlFileCache\CN0BD33P2505HW\DevMgmt\DiscoveryTree.xml
c:\programdata\HP\hpwebreg\HP Deskjet 1050 J410 series.ini
c:\users\Leonardo\AppData\Local\TempDIR
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\inf\ndiscap64.inf
c:\windows\system\VI30AUT.DLL
c:\windows\system32\consrv.dll
c:\windows\system32\dds_trash_log.cmd
c:\windows\System64
c:\windows\SysWow64\c6to4.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\SET263C.tmp
c:\windows\SysWow64\SET28AD.tmp
c:\windows\SysWow64\SET2A63.tmp
c:\windows\SysWow64\SET2B6D.tmp
c:\windows\SysWow64\SET2C48.tmp
c:\windows\SysWow64\SETF51.tmp
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-12 al 2012-06-12 )))))))))))))))))))))))))))))))))))
.
.
2012-06-12 18:37 . 2012-06-12 18:37 -------- d-----w- c:\users\leonardo_2\AppData\Local\temp
2012-06-12 18:37 . 2012-06-12 18:37 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-12 14:16 . 2012-06-12 14:16 -------- d-----w- c:\users\Leonardo\DoctorWeb
2012-06-12 12:53 . 2012-06-12 12:56 3993600 ----a-w- c:\program files (x86)\GUT4318.tmp
2012-06-12 12:53 . 2012-06-12 12:53 -------- d-----w- c:\program files (x86)\GUM4317.tmp
2012-06-12 12:47 . 2012-06-12 13:30 -------- d-----w- c:\users\Leonardo\AppData\Local\Google
2012-06-12 01:00 . 2012-06-12 01:00 -------- d-----w- c:\users\Leonardo\AppData\Roaming\OpenOffice.org
2012-06-11 12:47 . 2012-06-11 12:47 -------- d-----w- c:\users\Leonardo\AppData\Local\Songr
2012-06-11 12:46 . 2012-06-11 12:46 -------- d-----w- c:\program files (x86)\Songr
2012-06-11 12:34 . 2012-06-11 13:03 -------- d-----w- c:\programdata\Acunetix WVS 8
2012-05-27 19:48 . 2012-05-27 19:49 -------- d-----w- c:\program files (x86)\Remote Mouse
2012-05-27 15:47 . 2012-05-27 15:59 -------- d-----w- C:\metasploit
2012-05-27 14:38 . 2012-05-27 14:38 -------- d-----w- c:\users\Leonardo\AppData\Local\libimobiledevice
2012-05-27 13:05 . 2012-05-27 13:05 -------- d-----w- c:\users\Leonardo\AppData\Roaming\Subversion
2012-05-19 22:18 . 2005-08-03 14:05 35892 ----a-w- c:\windows\SysWow64\SER9PL.sys
2012-05-19 22:18 . 2005-08-03 14:04 26719 ----a-w- c:\windows\SysWow64\SERSPL.VXD
2012-05-19 22:17 . 2012-05-19 22:17 -------- d-----w- c:\program files (x86)\Zamzom
2012-05-17 21:17 . 2012-05-17 21:17 -------- d-----w- c:\program files\Nokia
2012-05-17 21:02 . 2012-05-17 21:02 10454 ----a-w- c:\windows\SysWow64\drivers\parldr2k.sys
2012-05-17 21:02 . 2012-05-17 21:02 -------- d-----w- c:\program files (x86)\MyApp
2012-05-17 20:48 . 2012-05-17 20:48 -------- d-----w- c:\users\Leonardo\AppData\Roaming\Nokia
2012-05-17 14:52 . 2012-05-17 14:52 -------- d-----w- c:\program files (x86)\ODEON
2012-05-17 14:50 . 2012-05-17 14:50 -------- d-----w- c:\users\Leonardo\AppData\Local\Symbian-Toys.com
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\program files\HP
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\program files (x86)\HP
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\users\Leonardo\AppData\Local\HP
2012-05-15 15:52 . 2012-06-06 19:03 -------- d-----w- c:\program files (x86)\Cracked Steam
2012-05-15 15:45 . 2012-05-15 15:45 -------- d-----w- c:\program files (x86)\RAR Password Recovery Magic
2012-05-15 15:42 . 2012-05-15 22:03 -------- d-----w- c:\users\Leonardo\AppData\Roaming\dclogs
2012-05-15 01:01 . 2012-05-15 01:01 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-15 01:01 . 2012-05-15 01:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-12 14:28 . 2012-06-12 14:28 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A87B9F1-BDF7-4435-956B-03EF0A244A73}\offreg.dll
2012-05-08 17:02 . 2012-06-12 11:08 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A87B9F1-BDF7-4435-956B-03EF0A244A73}\mpengine.dll
2012-05-05 11:18 . 2012-03-30 17:51 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 11:18 . 2012-03-17 19:02 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 11:18 . 2012-03-30 18:18 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 22:23 . 2012-05-04 22:23 110592 ----a-w- c:\windows\system32\jhead.exe
2012-05-02 13:10 . 2012-05-02 13:10 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-04-28 15:33 . 2010-06-24 09:33 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-04-22 11:51 . 2012-05-10 12:52 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2012-04-15 13:47 . 2009-07-14 00:10 15340 ----a-w- c:\windows\system32\wshelper.dll
2012-04-05 23:07 . 2011-05-15 03:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 13:56 . 2012-04-14 23:23 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 06:05 . 2012-05-11 11:04 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-11 11:04 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-11 11:04 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-11 11:04 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-11 11:04 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-28 21:20 . 2012-03-28 21:20 0 ----a-w- c:\windows\SysWow64\sho445F.tmp
2012-03-17 07:58 . 2012-05-11 11:04 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FFFFF47A-45FD-450C-91DF-81C72E1FADB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
.
c:\users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 qgmtdmhp;qgmtdmhp;c:\windows\system32\drivers\qgmtdmhp.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL -D C:/METASP~1/POSTGR~1/data [x]
R2 PowerOffer Service;Pos Service;c:\users\Leonardo\AppData\Local\PosService\Pos.exe [2011-12-16 164352]
R2 ServUpdater;Serv Updater;c:\users\Leonardo\AppData\Local\ServUpdater\ServiceUpd.exe [2011-12-16 156160]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 Nbdrv;NetBalancer;c:\windows\system32\DRIVERS\nbdrv.sys [x]
R3 NessusMp60;Nessus NDIS 6.X MPR Protocol Driver;c:\windows\system32\DRIVERS\NessusMp60.sys [x]
R3 NessusSp60;Nessus NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\NessusSp60.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
R4 AcuWVSSchedulerv7;Acunetix WVS Scheduler v7;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe [2011-04-06 675128]
R4 EasyRedirect;EasyRedirect;c:\program files\Easy-Hide-IP\rdr\EasyRedirect.exe [2012-02-28 3325768]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2012-04-23 957064]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 metasploitPostgreSQL-1;metasploitPostgreSQL-1;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL-1 -D C:/METASP~1/POSTGR~1/data [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-01-19 9216]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-01-18 11839488]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:18]
.
2012-06-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998741689-1339742048-1282253608-1000Core.job
- c:\users\Leonardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 21:08]
.
2012-06-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998741689-1339742048-1282253608-1000UA.job
- c:\users\Leonardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 21:08]
.
2012-06-12 c:\windows\Tasks\HPCeeScheduleForHP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2012-06-06 c:\windows\Tasks\HPCeeScheduleForLeonardo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF28210.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
qmofiltr
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.findeer.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
LSP: mswsock.dll
TCP: Interfaces\{9F7E3738-764F-414F-BD7F-CEF1E0E536B7}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{B9BBFC62-36DA-40B1-AEC7-361039CC48F6}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{CEA655EB-278D-4B7E-9928-23FF2994F69C}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{D3AA0ADB-FEA4-429D-8481-867859331105}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E294443F-E897-4E4F-B026-2AF6E0A2D6FF}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\14C6963656D24383235313530333: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\14C6963656D26333935393836353: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\55352593131313: NameServer = 176.31.229.24,176.31.229.25
FF - ProfilePath - c:\users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\hogq5cd5.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Call of Duty Modern Warfare 2_is1 - c:\program files (x86)\Activision\Modern Warfare 2\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-GetFLV_is1 - c:\program files (x86)\GetFLV\unins000.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL-1]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL-1\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL-1]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL-1\" -D \"C:/METASP~1/POSTGR~1/data\""
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @DenieD: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @DenieD: (2) (LocalSystem)
"Timestamp"=hex:fe,aa,64,47,e9,02,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @DenieD: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,74,d6,c3,28,b3,db,4a,bb,a6,73,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,74,d6,c3,28,b3,db,4a,bb,a6,73,\
.
[HKEY_USERS\S-1-5-21-998741689-1339742048-1282253608-1000\Software\SecuROM\License information*]
"datasecu"=hex:6b,70,d9,9a,ea,89,10,d6,74,c7,e7,5f,fe,29,ba,11,08,1d,68,68,f9,
27,bf,39,b3,3a,65,b2,ad,45,b6,99,8f,88,a6,20,14,9b,f2,ae,98,08,e1,7b,6d,88,\
"rkeysecu"=hex:8a,ca,31,b5,72,11,9f,e1,c6,ca,99,ca,ce,aa,4d,ef
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @DenieD: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @DenieD: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @DenieD: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\metasp~1\POSTGR~1\bin\pg_ctl.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\windows\SysWOW64\vmnat.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Ora fine scansione: 2012-06-12 20:45:49 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-06-12 18:45
.
Pre-Run: 159.829.168.128 byte disponibili
Post-Run: 160.494.604.288 byte disponibili
.
- - End Of File - - 2E8681B9BC69E185DBB289E9C1480F87
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4044.2831 [GMT 2:00]
Eseguito da: c:\users\Leonardo\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\program files (x86)\WinPCap
c:\programdata\HP
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\1025.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1025\synonyms-1025.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\1026.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1026\synonyms-1026.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\1028.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1028\synonyms-1028.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\1029.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1029\synonyms-1029.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\1030.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1030\synonyms-1030.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\1031.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1031\synonyms-1031.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\1032.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1032\synonyms-1032.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\1033.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1033\synonyms-1033.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\1034.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1034\synonyms-1034.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\1035.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1035\synonyms-1035.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\1036.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1036\synonyms-1036.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\1037.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1037\synonyms-1037.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\1038.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1038\synonyms-1038.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\1040.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1040\synonyms-1040.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\1041.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1041\synonyms-1041.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\1042.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1042\synonyms-1042.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\1043.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1043\synonyms-1043.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\1044.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1044\synonyms-1044.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\1045.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1045\synonyms-1045.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\1046.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1046\synonyms-1046.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\1048.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1048\synonyms-1048.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\1049.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1049\synonyms-1049.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\1050.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1050\synonyms-1050.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\1051.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1051\synonyms-1051.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\1053.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1053\synonyms-1053.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\1054.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1054\synonyms-1054.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\1055.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1055\synonyms-1055.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1057\1057.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1057\synonyms-1057.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\1060.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1060\synonyms-1060.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\1061.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1061\synonyms-1061.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\1062.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1062\synonyms-1062.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\1063.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\1063\synonyms-1063.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\2052.cab
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\2052\synonyms-2052.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\AC_RunActiveContent.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\cueFunctions.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\hubURL.js
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\bullet.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\checkbox.PNG
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\cmyk-color-bar.svg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\collapsed.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\expanded.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\hyphen.PNG
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\icon_warning_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\projector_icon.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\registration-circle.svg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\RightArrow.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\spacer.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\images\well.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\Accessory\masterStyle.css
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_black_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_color_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_com.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_com_load_media.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_copy.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_copy_text_or_mixed_docs.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_gtk_printer_parts.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_ink_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_envelope.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_large_paper.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_load_media_small_paper.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_back.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_back_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_bottom.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_bottom_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_front.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_front_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_inside.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_paper_jam_inside_R.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\dj2050_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\flash\globalAnivewerParts_V2.swf
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\booklet_reload.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\booklet_reload.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\c_panel.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\c_panel_2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cart_slots.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cartridge_number.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clean1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cleanout_door.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\cleanout_door_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_back.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_bottom.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_front.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\clear_jam_inside.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\close_lid.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\colorlok.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\diagnostics.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\fcvr_ajr.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\fcvr_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_10.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4a.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4b.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4c.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_4d.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\Flashing_light_5.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_6.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_8.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\flashing_light_9.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\globe.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_document.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_envelope.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_photo_horizontal.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_poster.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_tasktray.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\icon_web.gif
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_blk1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_callouts.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_date.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ink_cart_date.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\inkcart4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\inkcart5_no_co.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\input_tray_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ironon_media.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_brochure.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_env3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr3.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr4 .png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_papr4.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_pcard.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_photo_in_tray.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_photo_in_tray2.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan_close.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_scan_open.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\ld_transp.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_booklet.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_label.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\load_poster.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\model_number.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\notouch.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\open_lid.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\opentype_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\output_tray_1.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\phone_list_urls_lar_weuro_ap.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\poster_layout.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\poster_layout.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\printer_parts.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\projector_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\pwr_cord.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ar_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_bg_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_cs_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_da_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_de_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_el_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_en_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_es_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_et_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fi_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_he_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hu_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_id_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_it_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ko_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lt_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lv_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ms_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_nl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_no_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pt_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ro_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ru_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sk_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sl_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sv_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_th_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_tr_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_uk_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_cn.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_tw.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_doc.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_energystar_logo_ww.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_fcc_statement_class_b_us.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_notice_to_users_ko_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_power_cord_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_rohs_table_generic_zh_cn.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_vcci_class_b_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\reg_weee_eu.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\release_pcart.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\release_pcart_no_co.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\truetype_icon.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\unpack_cart.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\graphics\online\usb_pc.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_gtk.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_hd.jpg
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\images\global_product_bg_blue_wide.png
c:\programdata\HP\HP Deskjet 1050 J410 series\Help\topicmap.xml
c:\programdata\HP\HP Deskjet 1050 J410 series\XmlFileCache\CN0BD33P2505HW\DevMgmt\DiscoveryTree.xml
c:\programdata\HP\hpwebreg\HP Deskjet 1050 J410 series.ini
c:\users\Leonardo\AppData\Local\TempDIR
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\inf\ndiscap64.inf
c:\windows\system\VI30AUT.DLL
c:\windows\system32\consrv.dll
c:\windows\system32\dds_trash_log.cmd
c:\windows\System64
c:\windows\SysWow64\c6to4.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\SET263C.tmp
c:\windows\SysWow64\SET28AD.tmp
c:\windows\SysWow64\SET2A63.tmp
c:\windows\SysWow64\SET2B6D.tmp
c:\windows\SysWow64\SET2C48.tmp
c:\windows\SysWow64\SETF51.tmp
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-12 al 2012-06-12 )))))))))))))))))))))))))))))))))))
.
.
2012-06-12 18:37 . 2012-06-12 18:37 -------- d-----w- c:\users\leonardo_2\AppData\Local\temp
2012-06-12 18:37 . 2012-06-12 18:37 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-12 14:16 . 2012-06-12 14:16 -------- d-----w- c:\users\Leonardo\DoctorWeb
2012-06-12 12:53 . 2012-06-12 12:56 3993600 ----a-w- c:\program files (x86)\GUT4318.tmp
2012-06-12 12:53 . 2012-06-12 12:53 -------- d-----w- c:\program files (x86)\GUM4317.tmp
2012-06-12 12:47 . 2012-06-12 13:30 -------- d-----w- c:\users\Leonardo\AppData\Local\Google
2012-06-12 01:00 . 2012-06-12 01:00 -------- d-----w- c:\users\Leonardo\AppData\Roaming\OpenOffice.org
2012-06-11 12:47 . 2012-06-11 12:47 -------- d-----w- c:\users\Leonardo\AppData\Local\Songr
2012-06-11 12:46 . 2012-06-11 12:46 -------- d-----w- c:\program files (x86)\Songr
2012-06-11 12:34 . 2012-06-11 13:03 -------- d-----w- c:\programdata\Acunetix WVS 8
2012-05-27 19:48 . 2012-05-27 19:49 -------- d-----w- c:\program files (x86)\Remote Mouse
2012-05-27 15:47 . 2012-05-27 15:59 -------- d-----w- C:\metasploit
2012-05-27 14:38 . 2012-05-27 14:38 -------- d-----w- c:\users\Leonardo\AppData\Local\libimobiledevice
2012-05-27 13:05 . 2012-05-27 13:05 -------- d-----w- c:\users\Leonardo\AppData\Roaming\Subversion
2012-05-19 22:18 . 2005-08-03 14:05 35892 ----a-w- c:\windows\SysWow64\SER9PL.sys
2012-05-19 22:18 . 2005-08-03 14:04 26719 ----a-w- c:\windows\SysWow64\SERSPL.VXD
2012-05-19 22:17 . 2012-05-19 22:17 -------- d-----w- c:\program files (x86)\Zamzom
2012-05-17 21:17 . 2012-05-17 21:17 -------- d-----w- c:\program files\Nokia
2012-05-17 21:02 . 2012-05-17 21:02 10454 ----a-w- c:\windows\SysWow64\drivers\parldr2k.sys
2012-05-17 21:02 . 2012-05-17 21:02 -------- d-----w- c:\program files (x86)\MyApp
2012-05-17 20:48 . 2012-05-17 20:48 -------- d-----w- c:\users\Leonardo\AppData\Roaming\Nokia
2012-05-17 14:52 . 2012-05-17 14:52 -------- d-----w- c:\program files (x86)\ODEON
2012-05-17 14:50 . 2012-05-17 14:50 -------- d-----w- c:\users\Leonardo\AppData\Local\Symbian-Toys.com
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\program files\HP
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\program files (x86)\HP
2012-05-16 17:26 . 2012-05-16 17:26 -------- d-----w- c:\users\Leonardo\AppData\Local\HP
2012-05-15 15:52 . 2012-06-06 19:03 -------- d-----w- c:\program files (x86)\Cracked Steam
2012-05-15 15:45 . 2012-05-15 15:45 -------- d-----w- c:\program files (x86)\RAR Password Recovery Magic
2012-05-15 15:42 . 2012-05-15 22:03 -------- d-----w- c:\users\Leonardo\AppData\Roaming\dclogs
2012-05-15 01:01 . 2012-05-15 01:01 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-15 01:01 . 2012-05-15 01:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-12 14:28 . 2012-06-12 14:28 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A87B9F1-BDF7-4435-956B-03EF0A244A73}\offreg.dll
2012-05-08 17:02 . 2012-06-12 11:08 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A87B9F1-BDF7-4435-956B-03EF0A244A73}\mpengine.dll
2012-05-05 11:18 . 2012-03-30 17:51 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 11:18 . 2012-03-17 19:02 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 11:18 . 2012-03-30 18:18 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 22:23 . 2012-05-04 22:23 110592 ----a-w- c:\windows\system32\jhead.exe
2012-05-02 13:10 . 2012-05-02 13:10 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-04-28 15:33 . 2010-06-24 09:33 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-04-22 11:51 . 2012-05-10 12:52 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2012-04-15 13:47 . 2009-07-14 00:10 15340 ----a-w- c:\windows\system32\wshelper.dll
2012-04-05 23:07 . 2011-05-15 03:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 13:56 . 2012-04-14 23:23 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 06:05 . 2012-05-11 11:04 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-11 11:04 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-11 11:04 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-11 11:04 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-11 11:04 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-28 21:20 . 2012-03-28 21:20 0 ----a-w- c:\windows\SysWow64\sho445F.tmp
2012-03-17 07:58 . 2012-05-11 11:04 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FFFFF47A-45FD-450C-91DF-81C72E1FADB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
.
c:\users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 qgmtdmhp;qgmtdmhp;c:\windows\system32\drivers\qgmtdmhp.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL -D C:/METASP~1/POSTGR~1/data [x]
R2 PowerOffer Service;Pos Service;c:\users\Leonardo\AppData\Local\PosService\Pos.exe [2011-12-16 164352]
R2 ServUpdater;Serv Updater;c:\users\Leonardo\AppData\Local\ServUpdater\ServiceUpd.exe [2011-12-16 156160]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 Nbdrv;NetBalancer;c:\windows\system32\DRIVERS\nbdrv.sys [x]
R3 NessusMp60;Nessus NDIS 6.X MPR Protocol Driver;c:\windows\system32\DRIVERS\NessusMp60.sys [x]
R3 NessusSp60;Nessus NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\NessusSp60.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
R4 AcuWVSSchedulerv7;Acunetix WVS Scheduler v7;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe [2011-04-06 675128]
R4 EasyRedirect;EasyRedirect;c:\program files\Easy-Hide-IP\rdr\EasyRedirect.exe [2012-02-28 3325768]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2012-04-23 957064]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 metasploitPostgreSQL-1;metasploitPostgreSQL-1;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL-1 -D C:/METASP~1/POSTGR~1/data [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-01-19 9216]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-01-18 11839488]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:18]
.
2012-06-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998741689-1339742048-1282253608-1000Core.job
- c:\users\Leonardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 21:08]
.
2012-06-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998741689-1339742048-1282253608-1000UA.job
- c:\users\Leonardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 21:08]
.
2012-06-12 c:\windows\Tasks\HPCeeScheduleForHP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2012-06-06 c:\windows\Tasks\HPCeeScheduleForLeonardo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF28210.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
qmofiltr
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.findeer.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
LSP: mswsock.dll
TCP: Interfaces\{9F7E3738-764F-414F-BD7F-CEF1E0E536B7}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{B9BBFC62-36DA-40B1-AEC7-361039CC48F6}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{CEA655EB-278D-4B7E-9928-23FF2994F69C}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{D3AA0ADB-FEA4-429D-8481-867859331105}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E294443F-E897-4E4F-B026-2AF6E0A2D6FF}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\14C6963656D24383235313530333: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\14C6963656D26333935393836353: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{E4A03A6C-3B96-46FD-BC2D-A5EF662B54C7}\55352593131313: NameServer = 176.31.229.24,176.31.229.25
FF - ProfilePath - c:\users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\hogq5cd5.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Call of Duty Modern Warfare 2_is1 - c:\program files (x86)\Activision\Modern Warfare 2\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-GetFLV_is1 - c:\program files (x86)\GetFLV\unins000.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL-1]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL-1\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL-1]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL-1\" -D \"C:/METASP~1/POSTGR~1/data\""
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @DenieD: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @DenieD: (2) (LocalSystem)
"Timestamp"=hex:fe,aa,64,47,e9,02,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @DenieD: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,74,d6,c3,28,b3,db,4a,bb,a6,73,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,10,74,d6,c3,28,b3,db,4a,bb,a6,73,\
.
[HKEY_USERS\S-1-5-21-998741689-1339742048-1282253608-1000\Software\SecuROM\License information*]
"datasecu"=hex:6b,70,d9,9a,ea,89,10,d6,74,c7,e7,5f,fe,29,ba,11,08,1d,68,68,f9,
27,bf,39,b3,3a,65,b2,ad,45,b6,99,8f,88,a6,20,14,9b,f2,ae,98,08,e1,7b,6d,88,\
"rkeysecu"=hex:8a,ca,31,b5,72,11,9f,e1,c6,ca,99,ca,ce,aa,4d,ef
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @DenieD: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @DenieD: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @DenieD: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\metasp~1\POSTGR~1\bin\pg_ctl.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\windows\SysWOW64\vmnat.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\metasp~1\POSTGR~1\bin\postgres.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Ora fine scansione: 2012-06-12 20:45:49 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-06-12 18:45
.
Pre-Run: 159.829.168.128 byte disponibili
Post-Run: 160.494.604.288 byte disponibili
.
- - End Of File - - 2E8681B9BC69E185DBB289E9C1480F87
