MegaLab.it


http://www.megalab.it/forum/

smitfraudfix non parte

./viewtopic.php?f=21&t=48208&start=0

Pagina 1 di 1

smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 4:40 pm
da tempurio
ciao ragazzi! come sempre, appena sento che c'è un software che pulisce io lo provo! che è la mia passione!...dunque sbirciando nel forum trovo questo smitfraudfix specializzato in rogue-software se non sbaglio....quindi lo scarico e lo lancio, ma poi appare "impossibile accedere alla periferica, al file o al percorso, è probabile che non si disponga delle autorizzazioni necessarie" cosa può essere?...e grazie come sempre....

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 5:28 pm
da Amantide
tempurio ha scritto:ciao ragazzi! come sempre, appena sento che c'è un software che pulisce io lo provo! che è la mia passione!...dunque sbirciando nel forum trovo questo smitfraudfix specializzato in rogue-software se non sbaglio....quindi lo scarico e lo lancio, ma poi appare "impossibile accedere alla periferica, al file o al percorso, è probabile che non si disponga delle autorizzazioni necessarie" cosa può essere?...e grazie come sempre....

Non è che ti sei beccato qualche schifezza a forza di provare tutti questi programmi? Vedi se riesci a far funzionare Combofix.

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 6:28 pm
da tempurio
non parte neanche Combofix e riporta lo stesso messaggio!

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 6:47 pm
da ste_95
Sei su Vista? Hai provato a fare clic destro --> Avvia come amministratore?

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 7:15 pm
da tempurio
uso internet explorer 8 beta 2, non c'è altro account! su internet va lento, e spybot search&destroy spesso viene disattivato e forse non conta niente ma in due settimane ho ricevuto troppi aggiornamenti ; windows,win media player, vlc 2 volte, adobe, internet exp...e3cc.., il mio sospetto è che ho qualche rogue-software o degli script in qualche software fidato! perché facendo un'analisi con hijacker e gmer all'inizio va bene ma poi si ripresenta la stesso problema! se volete vi mando i rispettivi log!

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 7:17 pm
da nannolo
tempurio ha scritto:Se volete vi mando i rispettivi log!
Io dico che è il caso. [std]

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 7:42 pm
da tempurio
vi mando solo hj perché gmer e sophos quando li mando mi si inpalla il pc

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.27.34, on 25/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\apps\ABoard\ABoard.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\apps\ABoard\AOSD.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\slserv.exe
C:\Programmi\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/webhp?sourceid=nav ... t&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SUPERAntiSpyware Professional.lnk = C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.avp.it/kos/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3187009593
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MBAMService - Unknown owner - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 7724 bytes

Re: smitfraudfix non parte

MessaggioInviato: mar nov 25, 2008 9:53 pm
da Amantide
Nel log di Hijackthis non si vede nulla di anomalo.
Vedi se riesci ad eseguire dalla modalità provvisoria ComboFix rinominato

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 12:30 am
da tempurio
spiegati meglio! cosa sarebbe questo combofix rinominato?^.....quel link mi inceppa la memoria! non posso seguirti....(aiuto)......ho scaricato pincopallino.exe ma quando lo lancio mi dice di aggiornarlo! io gli dico di no e me lo cancella! è normale? perché tutti questi aggiornamenti?

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 1:30 pm
da Amantide
Alcuni malware bloccano l'esecuzione o addirittura lo scaricamento di vari tool di rimozione riconoscendo i loro nomi ed a volte si riesce ad aggirare questo problema rinominando il tool.
Forse ti chiede di aggiornarlo perché avevo caricato su mediafire tempo fa, prova con questo nuovo file.

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 2:02 pm
da tempurio
mi si impalla anche in modalità provvisoria! trovo difficoltà ad entrare solo nel vostro sito! gli altri vanno!comunque sono riuscito a far partire combofix ma in modalità normale, vi posto il log

ComboFix 08-11-26.03 - claudia 2008-11-26 13.03.10.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1644 [GMT 1:00]
Eseguito da: d:\documents and settings\claudia\Documenti\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2008-10-26 al 2008-11-26 )))))))))))))))))))))))))))))))))))
.

2008-11-26 11:31 . 2008-11-26 11:31 <DIR> d-------- C:\pincopallino
2008-11-24 20:44 . 2008-11-24 20:44 <DIR> d-------- d:\documents and settings\FIDEL\Nuova cartella
2008-11-24 14:02 . 2008-11-24 14:02 <DIR> d--hs---- d:\documents and settings\claudia\PrivacIE
2008-11-24 13:54 . 2008-11-24 13:55 <DIR> d--h-c--- c:\windows\ie8
2008-11-24 12:54 . 2008-11-24 12:54 2,021 --a------ d:\documents and settings\FIDEL\RicercaOpPianificate_versione_N.D.zip
2008-11-22 18:41 . 2008-11-22 18:41 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\vlc
2008-11-20 14:49 . 2008-11-20 14:51 <DIR> d-------- d:\documents and settings\FIDEL\file di sistema
2008-11-20 11:06 . 2004-03-09 01:00 152,848 --a------ c:\windows\system32\comdlg32.ocx
2008-11-19 16:49 . 2008-11-19 16:49 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-11-19 16:49 . 2008-11-19 16:49 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-19 16:48 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-11-19 00:33 . 2008-09-15 08:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2008-11-19 00:33 . 2008-09-15 08:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-11-19 00:33 . 2008-09-15 08:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-11-19 00:33 . 2008-09-15 08:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-11-19 00:33 . 2008-09-15 08:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-11-18 23:59 . 2008-11-18 23:59 <DIR> d-------- c:\programmi\File comuni\PCSuite
2008-11-18 19:08 . 2008-11-18 19:09 <DIR> d-------- C:\PerfLogs
2008-11-18 18:36 . 2008-11-18 18:37 25,992 --a------ c:\windows\system32\pgdfgsvc.exe
2008-11-17 22:37 . 2008-11-18 21:01 <DIR> d-------- c:\programmi\7-Zip
2008-11-14 22:44 . 2008-11-14 22:44 1,580,771 --a------ C:\backup.reg
2008-11-14 22:43 . 2008-11-14 22:43 135,168 --a------ C:\zip.exe
2008-11-14 22:43 . 2008-11-14 22:43 19,286 --a------ C:\cleanup.exe
2008-11-14 22:43 . 2008-11-14 22:43 574 --a------ C:\cleanup.bat
2008-11-14 13:24 . 2008-11-14 13:24 <DIR> d-------- c:\programmi\File comuni\Adobe
2008-11-14 13:21 . 2008-11-14 18:40 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\NOS
2008-11-14 13:21 . 2008-11-14 18:39 <DIR> d-------- c:\programmi\NOS
2008-11-13 13:06 . 2008-11-13 13:06 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\Avira
2008-11-13 13:06 . 2008-11-13 13:06 <DIR> d-------- c:\programmi\Avira
2008-11-12 21:08 . 2008-09-04 18:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 21:08 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 20:52 . 2008-11-12 20:52 <DIR> d-------- c:\windows\system32\Kaspersky Lab
2008-11-11 19:16 . 2008-11-11 19:16 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Canneverbe_Limited
2008-11-11 19:16 . 2008-11-13 12:40 <DIR> d-------- c:\programmi\CDBurnerXP
2008-11-11 18:41 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-11 18:39 . 2008-11-11 18:41 <DIR> d-------- c:\windows\system32\XPSViewer
2008-11-11 18:39 . 2008-11-11 18:39 <DIR> d-------- c:\programmi\Reference Assemblies
2008-11-11 18:39 . 2008-11-11 18:39 <DIR> d-------- c:\programmi\MSBuild
2008-11-11 18:38 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2008-11-11 18:38 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\dllcache\xpssvcs.dll
2008-11-11 18:38 . 2008-07-06 11:50 597,504 --------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-11-11 18:38 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2008-11-11 18:38 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\dllcache\xpsshhdr.dll
2008-11-11 18:38 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2008-11-11 18:38 . 2008-07-06 13:06 89,088 --------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-11-06 03:14 . 2008-11-06 03:14 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\CyberLink
2008-11-06 00:33 . 2008-11-09 19:30 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Desktopicon
2008-11-06 00:33 . 2008-11-06 00:36 <DIR> d-------- c:\programmi\Unlocker
2008-11-05 21:43 . 2008-11-24 12:47 1,943 --a------ c:\windows\imsins.BAK
2008-11-05 11:30 . 2008-11-19 20:03 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\dvdcss
2008-11-01 17:39 . 2008-11-01 17:39 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\Malwarebytes
2008-11-01 17:29 . 2004-09-03 12:45 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Risorse di stampa
2008-11-01 17:29 . 2004-09-03 12:45 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Risorse di rete
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Preferiti
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Modelli
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Menu Avvio
2008-11-01 17:29 . 2008-11-26 13:04 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Impostazioni locali
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Documenti
2008-11-01 17:29 . 2006-02-23 16:31 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\Symantec
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\ATI
2008-11-01 17:29 . 2008-11-01 17:39 <DIR> dr-h----- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni
2008-11-01 17:29 . 2008-11-01 17:29 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000
2008-11-01 17:07 . 2008-11-01 17:07 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Malwarebytes
2008-11-01 17:07 . 2008-11-23 10:37 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-01 17:07 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-01 17:07 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-01 16:22 . 2008-11-01 16:22 <DIR> d-------- c:\programmi\rustok ANTIROOTKIT
2008-10-28 16:09 . 2008-10-28 16:09 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\ArcSoft
2008-10-28 07:21 . 2008-11-26 11:16 <DIR> d-------- c:\programmi\Seagate
2008-10-26 06:44 . 2008-10-28 07:49 <DIR> d-------- d:\documents and settings\archivio PG2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-26 10:18 --------- d-----w c:\programmi\PEERGUARDIAN2
2008-11-26 10:09 --------- d-----w c:\programmi\eMule
2008-11-25 21:22 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-25 18:48 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Google Updater
2008-11-24 16:49 --------- d-----w c:\programmi\Google
2008-11-24 11:55 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Skype
2008-11-24 11:24 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\skypePM
2008-11-20 02:59 --------- d-----w c:\programmi\Nokia
2008-11-20 02:59 --------- d-----w c:\programmi\File comuni\Nokia
2008-11-18 23:36 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Nokia
2008-11-18 23:26 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Installations
2008-11-18 20:25 --------- d-----w c:\programmi\SUPERAntiSpyware
2008-11-09 14:50 --------- d-----w c:\programmi\Spybot - Search & Destroy
2008-11-06 02:16 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\CyberLink
2008-11-06 02:06 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2008-11-06 02:06 --------- d-----w c:\programmi\Ulead Systems
2008-11-06 02:02 --------- d-----w c:\programmi\Sonic
2008-11-06 01:56 --------- d-----w c:\programmi\File comuni\Ulead Systems
2008-11-05 11:23 --------- d-----w c:\programmi\CCleaner
2008-10-31 08:29 --------- d-----w c:\programmi\RootkitRevealer
2008-10-27 16:00 --------- d-----w c:\programmi\VideoLAN
2008-10-25 08:13 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\PC Suite
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:36 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-14 06:41 716,272 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-11 17:29 --------- d-----w c:\programmi\MSXML 6.0
2008-10-10 11:26 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\VadeRetro
2008-10-08 07:22 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-08 07:22 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-08 07:22 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Nokia
2008-10-08 07:09 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2008-10-08 07:09 --------- d-----w c:\programmi\PC Connectivity Solution
2008-10-07 20:38 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Sonic
2008-10-07 20:37 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Leadertech
2008-10-05 17:37 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Datalayer
2008-10-05 15:16 --------- d-----w c:\programmi\DIFX
2008-10-05 15:15 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\PC Suite
2008-10-05 15:06 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-10-05 15:06 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Panasonic
2008-10-05 15:04 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\InstallShield
2008-10-05 15:04 --------- d-----w c:\programmi\Panasonic
2008-10-05 14:59 --------- d-----w c:\programmi\File comuni\Ahead
2008-10-05 14:59 --------- d-----w c:\programmi\Ahead
2008-10-05 14:48 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\AdobeUM
2008-10-05 14:28 --------- d-----w c:\programmi\File comuni\Apple
2008-10-05 13:50 --------- d-----w c:\programmi\Lexmark X1100 Series
2008-10-05 13:27 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Apple Computer
2008-10-05 13:27 --------- d-----w c:\programmi\QuickTime
2008-10-05 13:26 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Apple Computer
2008-10-05 11:14 --------- d-----w c:\programmi\Microsoft CAPICOM 2.1.0.2
2008-10-05 08:35 --------- d-----w c:\programmi\File comuni\Skype
2008-10-05 08:27 --------- d-----w c:\programmi\Picasa2
2008-10-05 07:25 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\SUPERAntiSpyware.com
2008-10-05 07:25 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-10-05 06:42 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Symantec
2008-10-05 06:13 --------- d-----w c:\programmi\MSXML 4.0
2008-10-05 05:52 --------- d-----w c:\programmi\Telecom Italia
2008-10-05 05:38 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\File comuni\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\Common Files
2008-10-05 05:34 --------- d-----w c:\programmi\Alice ti aiuta
2008-10-05 05:21 155,995 ----a-w c:\windows\java\Packages\GPN5BFNN.ZIP
2008-10-05 05:07 --------- d-----w c:\programmi\Java
2008-10-05 02:47 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\ATI
2008-10-05 02:46 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\VadeRetro
2008-10-05 02:44 --------- d-----w c:\programmi\ShowTime
2008-10-05 02:44 --------- d-----w c:\programmi\Servizi in linea
2008-10-05 02:44 --------- d-----w c:\programmi\Realtek AC97
2008-10-05 02:41 --------- d-----w c:\programmi\File comuni\SureThing Shared
2008-10-05 02:40 --------- d-----w c:\programmi\Windows Media Components
2008-10-05 02:40 --------- d-----w c:\programmi\Realtek Sound Manager
2008-10-05 02:40 --------- d-----w c:\programmi\Real
2008-10-05 02:40 --------- d-----w c:\programmi\Norman
2008-10-05 02:40 --------- d-----w c:\programmi\microsoft frontpage
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\xing shared
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\Real
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\Java
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\InstallShield
2008-10-05 02:40 --------- d-----w c:\programmi\ATI Technologies
2008-10-05 02:40 --------- d-----w c:\programmi\AMD
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:24 1,846,400 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( snapshot@2008-11-14_19.32.35,62 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-13 16:39:20 71,680 -c--a-w c:\windows\ie8\admparse.dll
+ 2008-08-26 07:57:14 124,928 -c--a-w c:\windows\ie8\advpack.dll
+ 2008-04-14 02:13:37 35,328 -c--a-w c:\windows\ie8\corpol.dll
+ 2008-08-26 07:57:14 347,136 -c--a-w c:\windows\ie8\dxtmsft.dll
+ 2008-08-26 07:57:14 214,528 -c--a-w c:\windows\ie8\dxtrans.dll
+ 2007-08-13 16:18:02 60,416 -c--a-w c:\windows\ie8\hmmapi.dll
+ 2008-08-26 07:57:14 63,488 -c--a-w c:\windows\ie8\icardie.dll
+ 2008-08-25 08:39:58 70,656 -c--a-w c:\windows\ie8\ie4uinit.exe
+ 2008-08-26 07:57:14 153,088 -c--a-w c:\windows\ie8\ieakeng.dll
+ 2008-08-26 07:57:15 230,400 -c--a-w c:\windows\ie8\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\ie8\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\ie8\ieapfltr.dat
+ 2008-08-26 07:57:15 383,488 -c--a-w c:\windows\ie8\ieapfltr.dll
+ 2008-08-26 07:57:15 384,512 -c--a-w c:\windows\ie8\iedkcs32.dll
+ 2008-04-14 02:13:40 81,920 -c--a-w c:\windows\ie8\ieencode.dll
+ 2008-10-03 16:58:43 6,066,176 -c--a-w c:\windows\ie8\ieframe.dll
+ 2007-08-13 16:54:10 191,488 -c--a-w c:\windows\ie8\iepeers.dll
+ 2007-08-13 16:54:10 287,744 -c--a-w c:\windows\ie8\ieproxy.dll
+ 2008-08-26 07:57:17 44,544 -c--a-w c:\windows\ie8\iernonce.dll
+ 2008-08-26 07:57:17 267,776 -c--a-w c:\windows\ie8\iertutil.dll
+ 2007-08-13 16:39:12 55,296 -c--a-w c:\windows\ie8\iesetup.dll
+ 2007-08-13 16:54:10 180,736 -c--a-w c:\windows\ie8\ieui.dll
+ 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\ie8\iexplore.exe
+ 2007-08-13 16:36:06 36,352 -c--a-w c:\windows\ie8\imgutil.dll
+ 2007-08-13 16:39:02 92,672 -c--a-w c:\windows\ie8\inseng.dll
+ 2008-05-09 10:53:49 512,000 -c--a-w c:\windows\ie8\jscript.dll
+ 2008-08-26 07:57:18 27,648 -c--a-w c:\windows\ie8\jsproxy.dll
+ 2007-08-13 16:44:18 40,960 -c--a-w c:\windows\ie8\licmgr10.dll
+ 2008-08-26 07:57:18 459,264 -c--a-w c:\windows\ie8\msfeeds.dll
+ 2008-08-26 07:57:18 52,224 -c--a-w c:\windows\ie8\msfeedsbs.dll
+ 2007-08-13 16:36:40 12,288 -c--a-w c:\windows\ie8\msfeedssync.exe
+ 2007-08-13 16:32:30 45,568 -c--a-w c:\windows\ie8\mshta.exe
+ 2008-08-27 08:57:22 3,593,216 -c--a-w c:\windows\ie8\mshtml.dll
+ 2008-08-26 07:57:20 477,696 -c--a-w c:\windows\ie8\mshtmled.dll
+ 2007-08-13 16:01:12 48,128 -c--a-w c:\windows\ie8\mshtmler.dll
+ 2007-08-13 16:54:10 156,160 -c--a-w c:\windows\ie8\msls31.dll
+ 2008-08-26 07:57:21 193,024 -c--a-w c:\windows\ie8\msrating.dll
+ 2008-08-26 07:57:21 671,232 -c--a-w c:\windows\ie8\mstime.dll
+ 2008-08-26 07:57:21 102,912 -c--a-w c:\windows\ie8\occache.dll
+ 2008-08-26 07:57:21 44,544 -c--a-w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 15:43:38 215,776 -c--a-w c:\windows\ie8\spuninst.exe
+ 2008-09-08 20:27:20 49,736 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
+ 2008-06-12 10:28:10 234,016 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
+ 2008-06-12 10:28:10 401,952 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-08-26 07:57:21 105,984 -c--a-w c:\windows\ie8\url.dll
+ 2008-08-26 07:57:22 1,159,680 -c--a-w c:\windows\ie8\urlmon.dll
+ 2008-05-09 10:53:50 430,080 -c--a-w c:\windows\ie8\vbscript.dll
+ 2008-05-27 17:23:58 765,952 -c--a-w c:\windows\ie8\vgx.dll
+ 2008-08-26 07:57:22 233,472 -c--a-w c:\windows\ie8\webcheck.dll
+ 2007-08-13 16:45:16 206,336 -c--a-w c:\windows\ie8\winfxdocobj.exe
+ 2008-08-26 07:57:22 826,368 -c--a-w c:\windows\ie8\wininet.dll
+ 2008-11-18 23:33:59 3,262 ----a-r c:\windows\Installer\{CBDE9C7D-CF52-4558-B23E-B66359CB586A}\ARPPRODUCTICON.exe
+ 2008-11-18 23:01:02 15,086 ----a-r c:\windows\Installer\{D5577624-0626-4C4B-87AA-D966DA1739D6}\ARPPRODUCTICON.exe
- 2007-08-13 16:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\admparse.dll
- 2008-08-26 07:57:14 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\advpack.dll
- 2007-03-29 21:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
+ 2007-03-29 22:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
- 2008-04-14 02:13:37 35,328 ------w c:\windows\system32\corpol.dll
+ 2008-08-22 02:07:08 18,944 ----a-w c:\windows\system32\corpol.dll
- 2007-08-13 16:39:20 71,680 ------w c:\windows\system32\dllcache\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\dllcache\admparse.dll
- 2008-08-26 07:57:14 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-06-12 10:28:10 1,022,976 ------w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-22 02:07:08 18,944 ------w c:\windows\system32\dllcache\corpol.dll
- 2008-08-26 07:57:14 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 16:18:02 60,416 ------w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-08-22 02:00:28 68,608 ----a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-08-26 07:57:14 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:39:58 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:57:15 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 ------w c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\dllcache\ieapfltr.dat
- 2008-08-26 07:57:15 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\dllcache\ieframe.dll
- 2007-08-13 16:54:10 191,488 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-08-26 07:57:17 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:57:17 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 16:39:12 55,296 ------w c:\windows\system32\dllcache\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-08-23 05:56:15 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-09-08 20:25:44 637,984 ----a-w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-13 16:36:06 36,352 ------w c:\windows\system32\dllcache\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\dllcache\imgutil.dll
- 2007-08-13 16:39:02 92,672 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\dllcache\inseng.dll
- 2008-05-09 10:53:49 512,000 ------w c:\windows\system32\dllcache\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\dllcache\jscript.dll
- 2008-08-26 07:57:18 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2007-08-13 16:44:18 40,960 ------w c:\windows\system32\dllcache\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\dllcache\licmgr10.dll
- 2008-08-26 07:57:18 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 16:32:30 45,568 ------w c:\windows\system32\dllcache\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\dllcache\mshta.exe
- 2008-08-27 08:57:22 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:57:20 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 16:01:12 48,128 ------w c:\windows\system32\dllcache\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\dllcache\mshtmler.dll
- 2007-08-13 16:54:10 156,160 ------w c:\windows\system32\dllcache\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\dllcache\msls31.dll
- 2008-08-26 07:57:21 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:57:21 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:57:21 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:57:21 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 10:28:10 1,497,088 ------w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-12 10:28:10 474,112 ------w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-06-12 10:27:56 134,144 ------w c:\windows\system32\dllcache\sqmapi.dll
- 2008-08-26 07:57:21 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:57:22 1,159,680 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-05-09 10:53:50 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\dllcache\vbscript.dll
- 2008-05-27 17:23:58 765,952 ------w c:\windows\system32\dllcache\vgx.dll
+ 2008-08-22 02:07:20 755,200 ----a-w c:\windows\system32\dllcache\VGX.dll
- 2008-08-26 07:57:22 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:57:22 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\dllcache\wininet.dll
- 2008-11-13 12:09:55 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2008-11-25 11:37:23 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
- 2006-11-02 05:22:54 492,000 ------w c:\windows\system32\drivers\wdf01000.sys
+ 2008-03-27 15:27:46 503,008 ------w c:\windows\system32\drivers\wdf01000.sys
- 2006-11-02 05:22:52 32,224 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2008-03-27 15:27:48 35,040 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2008-09-15 07:56:24 17,664 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmb.sys
+ 2008-09-15 07:56:26 91,136 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcls.dll
+ 2008-09-15 07:56:26 659,968 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcocls.dll
+ 2008-09-15 07:29:28 1,112,288 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\wdfcoinstaller01007.dll
+ 2008-09-15 07:56:34 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbcj_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerfltj.sys
+ 2008-09-15 07:56:24 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbm_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerflt.sys
+ 2008-09-15 07:56:24 22,016 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbo_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmbo.sys
- 2008-08-26 07:57:14 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:57:14 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\icardie.dll
- 2006-06-29 06:05:44 26,112 ------w c:\windows\system32\idndl.dll
+ 2008-06-12 10:27:42 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-08-25 08:39:58 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:57:15 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\ieapfltr.dat
- 2008-08-26 07:57:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\ieframe.dll
- 2007-08-13 16:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\iepeers.dll
- 2008-08-26 07:57:17 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:57:17 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\iertutil.dll
- 2007-08-13 16:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\iesetup.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-22 02:06:24 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-13 16:54:10 180,736 ------w c:\windows\system32\ieui.dll
+ 2008-08-22 01:58:12 181,760 ----a-w c:\windows\system32\ieui.dll
- 2007-08-13 16:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\imgutil.dll
- 2007-08-13 16:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\inseng.dll
- 2008-05-09 10:53:49 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\jscript.dll
- 2008-08-26 07:57:18 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\jsproxy.dll
- 2007-08-13 16:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-05 16:55:38 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2008-08-26 07:57:18 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
+ 2008-08-22 02:05:22 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2007-08-13 16:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-08-27 08:57:22 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:57:20 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\mshtmled.dll
- 2007-08-13 16:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2007-08-13 16:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-08-26 07:57:21 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:57:21 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\mstime.dll
- 2006-06-28 15:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2008-06-12 10:27:44 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2008-02-01 14:17:04 90,624 ----a-w c:\windows\system32\nmwcdcls.dll
+ 2008-09-15 07:56:26 91,136 ----a-w c:\windows\system32\nmwcdcls.dll
- 2006-06-29 06:05:44 23,552 ------w c:\windows\system32\normaliz.dll
+ 2008-06-12 10:27:42 23,552 ----a-w c:\windows\system32\normaliz.dll
- 2008-08-26 07:57:21 102,912 ------w c:\windows\system32\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\occache.dll
- 2008-08-26 07:57:21 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:00 48,640 ------w c:\windows\system32\PrivacIE.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2008-07-08 13:06:04 18,808 ------w c:\windows\system32\spmsg.dll
+ 2008-06-12 10:28:10 18,464 ------w c:\windows\system32\spmsg.dll
- 2007-11-30 11:18:51 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-06-12 10:28:10 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-08-26 07:57:21 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:57:22 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\urlmon.dll
- 2008-05-09 10:53:50 430,080 ----a-w c:\windows\system32\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2008-08-26 07:57:22 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2007-08-13 16:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
+ 2008-08-22 02:08:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2008-08-26 07:57:22 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\wininet.dll
- 2008-04-14 02:13:58 121,856 ------w c:\windows\system32\xmllite.dll
+ 2008-06-12 10:28:02 121,856 ----a-w c:\windows\system32\xmllite.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 68856]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\claudia\Menu Avvio\Programmi\Esecuzione automatica\
SUPERAntiSpyware Professional.lnk - c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1805552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"noncercareprogsulweb"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
path=d:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Alice ti aiuta.lnk
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^PHOTOfunSTUDIO -viewer-.lnk]
path=d:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\PHOTOfunSTUDIO -viewer-.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO -viewer-.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^claudia^Menu Avvio^Programmi^Esecuzione automatica^Malwarebites.lnk]
path=d:\documents and settings\claudia\Menu Avvio\Programmi\Esecuzione automatica\Malwarebites.lnk
backup=c:\windows\pss\Malwarebites.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
c:\programmi\Tall Emu\Online Armor\oaui.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]
c:\progra~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2005-08-12 14:43 45056 c:\programmi\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
--a------ 2003-08-19 10:01 57344 c:\programmi\Lexmark X1100 Series\lxbkbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
--a------ 2008-10-22 16:10 399504 c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2006-04-21 14:41 438359 c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
--a------ 2008-04-14 03:14 172032 c:\windows\pchealth\helpctr\binaries\msconfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 03:14 1695232 c:\programmi\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]
--a------ 2005-09-18 17:40 1421824 c:\programmi\PEERGUARDIAN2\pg2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 11:16 1833296 c:\programmi\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 05:15 15872 c:\programmi\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2005-10-24 13:45 90112 c:\windows\soundman.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\PEERGUARDIAN2\\pg2.exe"=
"c:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=
"c:\\Programmi\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe"=
"c:\\Programmi\\Malwarebytes' Anti-Malware\\mbamgui.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\APPS\\skype\\Phone\\Skype.exe"=

R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-10-05 8192]
R3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys [2008-11-01 15504]
S2 MBAMService;MBAMService;"c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe" []
.
Contenuto della cartella 'Scheduled Tasks'

2008-11-26 c:\windows\Tasks\Garanzia estesa.job
- c:\apps\SMP\PBCARNOT.EXE []

2008-11-26 c:\windows\Tasks\Master CD_DVD Creator.job
- c:\apps\SMP\MCDCHECK.EXE []

2008-11-25 c:\windows\Tasks\User_Feed_Synchronization-{24B58A33-193D-4A91-B7EE-4467D5EEDD0A}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
.
------- Supplementare di scansione -------
.
uStart Page = hxxp://www.google.it/webhp?sourceid=nav ... t&ie=UTF-8
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 13:04:38
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(608)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2008-11-26 13.05.15
ComboFix-quarantined-files.txt 2008-11-26 12:05:13
ComboFix2.txt 2008-11-26 10:59:49

Pre-Run: 21.596.622.848 byte disponibili
Post-Run: 21,582,565,376 byte disponibili

566 --- E O F --- 2008-11-24 12:59:43

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 2:40 pm
da Amantide
Nel log di Combofix non si vede nulla di sospetto [uhm] Ammeno che non si tratta di un rootkit particolare non sarei nennemo tanto sicura che si tratta di un problema virale [boh]

Intanto vediamo se si tratta di uno degli ultimi conosciuti:
Scarica mbr.exe e salvalo nella directory C:\
Dopo vai su Start>> Esegui e digita c:\mbr.exe
Mbr.exe metterà qualche secondo a fare la scansione. Fatto ciò postami qui il contenuto del log creato che troverai in c:\mbr.log

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 2:50 pm
da tempurio
ammazza! neanche mezzo secondo! eccolo

Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
che dice tutto ok...

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 4:21 pm
da Amantide
Eh, anche questo possiamo scartare.

Vedi se riesci a fare la scansione con almeno uno di questi antirootkit e se non ti trovono nulla di sospetto direi che puoi iniziare a pensare ad un problema hardware [boh]
Prova a testare la RAM con Memtest ed anche hard disk.

Re: smitfraudfix non parte

MessaggioInviato: mer nov 26, 2008 4:44 pm
da tempurio
ok ma dove lo scarico? su internet non trovo niente.....intanto ho scaricato Panda antirootkit ma quando lo lancio dà errore! ora provo con McAfee....
Tutti gli orari sono UTC + 1 ora [ ora legale ]
Pagina 1 di 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/