Chi mi da un occhio su questo log di gmer del mio pc in
Ufficio ? che dite tutto ok ? grazieee
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-10-23 15:59:34
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.14 ----
SSDT E2A4B630 ZwConnectPort
SSDT \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys
(SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA99DF20]
SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xA9FDC6D0]
---- Kernel code sections - GMER 1.0.14 ----
? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys Impossibile trovare il file specificato. !
? C:\WINDOWS\system32\Drivers\PROCEXP100.SYS Impossibile trovare il file specificato. !
? C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\aswArKrn.sys Impossibile trovare il file specificato. !
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1664] SHELL32.dll!SHFileOperationW 7CA7FF28 5 Bytes JMP 018D1102 C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\ - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerHook.dll
.text C:\Windows\Explorer.exe[3352] SHELL32.dll!SHFileOperationW 7CA7FF28 5 Bytes JMP 10001102 C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\ - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat FLTMGR.SYS (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@NoPopUpsOnBoot 1
---- Files - GMER 1.0.14 ----
File C:\Documents and Settings\Administrator\Documenti\archivio-old\wincm\wincmm\2008\Mag 2008\Program_MIX\MIX - 2008\2008\MIX\GENNAIO 2008\sonic\CODEC_WMP11\wmplugins_com - The place to find and share plug-ins, skins, and visualizations to enhance your Windows Media experience_file\arrow_yellow.gif 47 bytes
File C:\Documents and Settings\Administrator\Documenti\archivio-old\wincm\wincmm\2008\Mag 2008\Program_MIX\MIX - 2008\2008\MIX\GENNAIO 2008\sonic\CODEC_WMP11\wmplugins_com - The place to find and share plug-ins, skins, and visualizations to enhance your Windows Media experience_file\btn_go_home.gif 508 bytes
Rootkit scan 2008-10-23 15:59:34
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.14 ----
SSDT E2A4B630 ZwConnectPort
SSDT \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys
(SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA99DF20]
SSDT \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xA9FDC6D0]
---- Kernel code sections - GMER 1.0.14 ----
? C:\WINDOWS\system32\Drivers\uphcleanhlp.sys Impossibile trovare il file specificato. !
? C:\WINDOWS\system32\Drivers\PROCEXP100.SYS Impossibile trovare il file specificato. !
? C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\aswArKrn.sys Impossibile trovare il file specificato. !
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1664] SHELL32.dll!SHFileOperationW 7CA7FF28 5 Bytes JMP 018D1102 C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\ - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerHook.dll
.text C:\Windows\Explorer.exe[3352] SHELL32.dll!SHFileOperationW 7CA7FF28 5 Bytes JMP 10001102 C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\ - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat FLTMGR.SYS (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00015300cf08
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@NoPopUpsOnBoot 1
---- Files - GMER 1.0.14 ----
File C:\Documents and Settings\Administrator\Documenti\archivio-old\wincm\wincmm\2008\Mag 2008\Program_MIX\MIX - 2008\2008\MIX\GENNAIO 2008\sonic\CODEC_WMP11\wmplugins_com - The place to find and share plug-ins, skins, and visualizations to enhance your Windows Media experience_file\arrow_yellow.gif 47 bytes
File C:\Documents and Settings\Administrator\Documenti\archivio-old\wincm\wincmm\2008\Mag 2008\Program_MIX\MIX - 2008\2008\MIX\GENNAIO 2008\sonic\CODEC_WMP11\wmplugins_com - The place to find and share plug-ins, skins, and visualizations to enhance your Windows Media experience_file\btn_go_home.gif 508 bytes
segue una miriade di file !!!
---- EOF - GMER 1.0.14 ----