Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

log combofix

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

log combofix

Messaggioda trottola 73 » mar dic 04, 2012 12:27 am

ecco il log di combofix potete aiutarmi
grazie

ComboFix 12-12-02.01 - Tony & Concetta 03/12/2012 23:41:23.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.2047.1062 [GMT 1:00]
Eseguito da: c:\users\Tony & Concetta\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tony & Concetta\AppData\Local\unins000.exe
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Creati Da 2012-11-03 al 2012-12-03 )))))))))))))))))))))))))))))))))))
.
.
2012-12-03 19:13 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B829C0A6-9235-456A-BBFC-2C8B5CC2DF30}\mpengine.dll
2012-12-02 19:10 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-01 12:19 . 2012-12-02 19:10 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\ServUpdater
2012-12-01 12:19 . 2012-12-01 12:19 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\PowerOffer
2012-12-01 12:19 . 2012-12-01 12:34 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\PosService
2012-11-30 16:50 . 2012-12-01 12:19 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\SoftwareUpdater
2012-11-30 16:49 . 2012-11-30 16:51 -------- d-----w- c:\program files (x86)\MyPcCleaner
2012-11-28 23:23 . 2012-11-29 00:21 -------- d-----w- c:\program files (x86)\SweetIM
2012-11-28 23:22 . 2012-11-30 19:38 -------- d-----w- c:\program files (x86)\JDownloader
2012-11-28 18:49 . 2012-11-28 18:49 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2C392C1-6E80-42B3-BE07-6A98D4424A5F}\gapaengine.dll
2012-11-27 22:38 . 2012-11-29 17:32 -------- d-----w- c:\program files (x86)\BearShare Applications
2012-11-27 22:38 . 2012-11-27 22:38 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\PackageAware
2012-11-27 22:26 . 2012-11-27 22:26 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Easy MP3 Recorder
2012-11-27 22:25 . 2012-11-27 22:33 -------- d-----w- c:\programdata\Tarma Installer
2012-11-27 22:25 . 2012-11-27 22:27 -------- d-----w- c:\program files (x86)\Moozy
2012-11-27 22:02 . 2012-11-27 22:02 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Babylon
2012-11-27 22:02 . 2012-11-27 22:02 -------- d-----w- c:\programdata\Babylon
2012-11-27 22:02 . 2012-11-27 22:02 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\YourFileDownloader
2012-11-26 20:00 . 2012-11-26 20:00 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\Windows Live Writer
2012-11-26 20:00 . 2012-11-26 20:00 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Windows Live Writer
2012-11-26 19:43 . 2012-11-26 19:43 -------- d-----w- c:\windows\it
2012-11-26 19:43 . 2012-11-26 19:43 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2012-11-26 19:42 . 2012-11-26 19:42 -------- dc----w- c:\windows\system32\DRVSTORE
2012-11-26 19:42 . 2012-09-12 14:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-11-26 19:42 . 2012-11-26 19:42 -------- d-----w- c:\program files\Windows Live
2012-11-26 19:42 . 2012-11-26 19:42 -------- d-----w- c:\windows\PCHEALTH
2012-11-26 19:42 . 2012-11-26 19:43 -------- d-----w- c:\program files (x86)\Windows Live
2012-11-26 19:39 . 2012-11-26 19:39 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2012-11-26 19:39 . 2012-11-26 19:39 -------- d-----r- c:\users\Tony & Concetta\SkyDrive
2012-11-26 19:39 . 2012-11-26 19:39 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-11-26 19:38 . 2012-12-02 23:50 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\Windows Live
2012-11-26 19:38 . 2012-11-26 19:38 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2012-11-21 18:10 . 2012-11-21 18:10 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Ubisoft
2012-11-21 17:47 . 2012-11-21 17:47 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\InstallShield
2012-11-21 16:51 . 2012-11-21 16:51 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Visan
2012-11-21 16:47 . 2012-11-21 16:51 -------- d-----w- c:\programdata\Visan
2012-11-21 16:37 . 2012-11-27 22:28 -------- d-----w- c:\program files (x86)\Microsoft
2012-11-21 16:37 . 2012-12-03 22:42 -------- d-----w- c:\programdata\HP Photo Creations
2012-11-21 16:37 . 2012-11-21 16:47 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-11-21 16:37 . 2012-11-23 22:59 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\HpUpdate
2012-11-21 16:36 . 2012-11-21 16:39 -------- d-----w- c:\programdata\HP
2012-11-21 16:36 . 2012-11-27 16:39 -------- d-----w- c:\program files (x86)\HP
2012-11-21 16:35 . 2012-11-21 16:35 -------- d-----w- c:\program files\HP
2012-11-21 16:35 . 2012-11-21 16:56 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\HP
2012-11-15 22:54 . 2012-07-26 08:00 2560 ----a-w- c:\windows\system32\drivers\it-IT\wdf01000.sys.mui
2012-11-15 22:54 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 22:54 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 22:54 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 22:48 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 22:48 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 22:48 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 22:48 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 22:48 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 22:48 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 22:48 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 16:39 . 2012-11-15 16:39 -------- d-----w- c:\programdata\ATI
2012-11-15 16:38 . 2012-11-15 16:38 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-15 16:38 . 2012-11-15 16:38 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-12 18:10 . 2012-11-12 18:10 -------- d-----w- c:\users\Tony & Concetta\AppData\Roaming\Apple Computer
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin7.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin6.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin5.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin4.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin3.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin2.dll
2012-11-11 22:27 . 2012-11-11 22:27 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugin\npqtplugin.dll
2012-11-11 22:27 . 2012-11-11 22:27 -------- d-----w- c:\program files (x86)\QuickTime
2012-11-11 22:27 . 2012-11-11 22:27 -------- d-----w- c:\programdata\Apple Computer
2012-11-11 21:53 . 2012-11-11 21:53 -------- d-----w- c:\users\Tony & Concetta\AppData\Local\Apple
2012-11-11 21:52 . 2012-11-11 21:52 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-11-10 00:35 . 2012-11-10 00:35 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2012-11-10 00:35 . 2012-11-11 18:32 -------- d-----w- c:\program files (x86)\McAfee
2012-11-10 00:35 . 2012-11-10 00:35 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 22:48 . 2012-01-31 15:09 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-08 22:02 . 2012-04-02 16:57 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-08 22:02 . 2012-01-31 10:48 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-02 18:55 . 2012-11-02 18:55 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-02 18:55 . 2012-11-02 18:55 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-02 18:55 . 2012-11-02 18:55 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-02 18:55 . 2012-11-02 18:55 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-02 18:55 . 2012-11-02 18:55 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-02 18:55 . 2012-11-02 18:55 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-02 18:55 . 2012-11-02 18:55 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-02 18:55 . 2012-11-02 18:55 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-02 18:55 . 2012-11-02 18:55 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-02 18:55 . 2012-11-02 18:55 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-02 18:55 . 2012-11-02 18:55 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-02 18:55 . 2012-11-02 18:55 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-02 18:55 . 2012-11-02 18:55 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-02 18:55 . 2012-11-02 18:55 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-02 18:55 . 2012-11-02 18:55 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-02 18:55 . 2012-11-02 18:55 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-02 18:55 . 2012-11-02 18:55 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-02 18:55 . 2012-11-02 18:55 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-02 18:55 . 2012-11-02 18:55 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-02 18:55 . 2012-11-02 18:55 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-02 18:55 . 2012-11-02 18:55 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-02 18:55 . 2012-11-02 18:55 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-02 18:55 . 2012-11-02 18:55 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-02 18:55 . 2012-11-02 18:55 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-02 18:55 . 2012-11-02 18:55 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-02 18:55 . 2012-11-02 18:55 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-02 18:55 . 2012-11-02 18:55 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-02 18:55 . 2012-11-02 18:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-02 18:55 . 2012-11-02 18:55 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-02 18:55 . 2012-11-02 18:55 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-02 18:55 . 2012-11-02 18:55 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-02 18:55 . 2012-11-02 18:55 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-02 18:55 . 2012-11-02 18:55 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-10-28 23:34 . 2012-03-29 23:15 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-10-28 23:34 . 2012-03-29 23:15 375632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 13:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 13:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 13:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-01 08:03 . 2012-10-01 08:03 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-10-01 08:03 . 2012-10-01 08:03 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-09-29 18:54 . 2012-05-20 17:06 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 06:43 . 2012-02-10 11:56 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 02:23 . 2012-07-28 04:09 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-07-28 02:15 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2011-12-06 03:16 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-09-28 01:39 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2011-12-06 02:51 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-07-28 01:32 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2011-12-06 02:11 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-09-28 01:11 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-07-28 01:13 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-14 19:19 . 2012-10-12 10:50 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-12 10:50 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-12 14:57 . 2012-09-12 14:57 322048 ----a-w- c:\windows\WLXPGSS.SCR
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
2;2 ServUpdater;Serv Updater [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 SoftwareUpd;Software Upd;c:\users\Tony & Concetta\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [2012-06-14 161280]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-02 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-02 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-31 1255736]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-10-23 103472]
S2 PowerOffer Service;Pos Service;c:\users\Tony & Concetta\AppData\Local\PosService\Pos.exe [2012-04-03 169472]
S3 AtcL001;Driver miniport NDIS per controller Atheros L1 Gigabit Ethernet;c:\windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - WS2IFSL
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 22:02]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10 21:43]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10 21:43]
.
2012-12-03 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2012-11-21 16:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2BFCAA8C-E22D-4F95-8B6C-6A4FE7DCF894}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-Advanced System Protector - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-10 - (no file)
AddRemove-{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1 - c:\users\Tony & Concetta\AppData\Local\unins000.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-3273029977-2768176677-1653674785-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3273029977-2768176677-1653674785-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Advanced System Protector\advancedsystemprotector.exe
c:\users\Tony & Concetta\AppData\Local\ServUpdater\ServiceUpd.exe
.
**************************************************************************
.
Ora fine scansione: 2012-12-03 23:51:51 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-12-03 22:51
.
Pre-Run: 72.844.292.096 byte disponibili
Post-Run: 73.376.043.008 byte disponibili
.
- - End Of File - - 8D139397859527D6E7ACA453AC38D945
Avatar utente
trottola 73
Neo Iscritto
Neo Iscritto
 
Messaggi: 1
Iscritto il: mar dic 04, 2012 12:20 am
Top

Re: log combofix

Messaggioda tecnico24 » mar dic 04, 2012 1:03 am

Combofix è un tool molto potente , va utilizzato in casi strettamente necessari.
Innanzitutto:
Che problemi riscontri?come mai hai voluto utilizzarlo?
Dal log vedo il solito PowerOffer.
Scarica OTL sul desktop:
http://oldtimer.geekstogo.com/OTL.exe
Avvia OTL.exe

Metti la spunta su SCAN ALL USERS.

Sotto output metti minimal output

Sotto File scans seleziona 60 Days

Spunta sia LOP Check che Purity Check.

premi su RUN SCAN

Al termine verrano rilasciati OTL.txt e Extras.txt
allegali sul forum tramite http://www.wikisend.com
Avatar utente
tecnico24
Senior Member
Senior Member
 
Messaggi: 380
Iscritto il: dom mag 20, 2007 4:31 pm
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising