Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

combofix eseguito

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

lentissimamente lento

Messaggioda sperdragon » mer lug 29, 2009 11:14 am

Ragazzi sono di nuovo in panne...
Il computer è diventao improvvisamente lentissimo
Ho beccato qualche puzza da qualche parte o
l'apparecchio sta diventando vecchio.
Vi allego il file log di hijackthis per un
eventuale controllo ed aiuto
Grazie anticipatamente

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.11.27, on 29/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\GIANCA~1\IMPOST~1\Temp\Rar$EX00.406\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programmi\myBabylon_English\tbmyB1.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programmi\myBabylon_English\tbmyB1.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Programmi\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe

--
End of file - 7989 bytes
Avatar utente
sperdragon
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: dom lug 26, 2009 9:14 pm
Top

Re: lentissimamente lento

Messaggioda crazy.cat » mer lug 29, 2009 12:29 pm

Hijakcthis pulito, puoi provare la scansione con combofix per vedere se lui trova qualcosa di "cattivo".

Se il problema lo riscontri navigando con Ie potresti provare a rimuovere qualche toolbar che appesantisco la navigazione per niente.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Re: lentissimamente lento

Messaggioda sperdragon » mer lug 29, 2009 12:39 pm

Grazie sei gentilissimo
Giancarlo
Avatar utente
sperdragon
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: dom lug 26, 2009 9:14 pm
Top
Top

combofix eseguito

Messaggioda sperdragon » mer lug 29, 2009 1:55 pm

Come suggeriva crazy.cat ho eseguito combofix
il cui file è allegato di seguito
Ci capite qualcosa?
Grazie

ComboFix 09-07-28.04 - giancarlo 29/07/2009 14.06.57.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1023.444 [GMT 2:00]
Eseguito da: c:\documents and settings\giancarlo\Desktop\giancaFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\-2004331300
C:\mygmoalp.exe

.
((((((((((((((((((((((((( Files Creati Da 2009-06-28 al 2009-07-29 )))))))))))))))))))))))))))))))))))
.

2009-07-29 10:36 . 2009-07-29 10:36 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-07-29 10:36 . 2009-07-29 10:38 -------- d-----w- c:\documents and settings\giancarlo\.housecall6.6
2009-07-29 10:35 . 2009-07-29 10:35 -------- d-----w- c:\windows\Sun
2009-07-29 10:34 . 2009-07-29 10:35 -------- d-----w- c:\programmi\Java
2009-07-29 10:34 . 2009-07-29 10:34 -------- d-----w- c:\programmi\File comuni\Java
2009-07-28 12:25 . 2009-07-28 12:25 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Malwarebytes
2009-07-28 12:25 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-28 12:25 . 2009-07-28 12:25 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-28 12:25 . 2009-07-28 12:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-07-28 12:25 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-28 10:26 . 2009-07-28 10:26 3277 ----a-w- c:\windows\ogozubijaxesabe.dll
2009-07-28 09:31 . 2009-07-28 09:31 3277 ----a-w- c:\windows\ejonomohagiqin.dll
2009-07-27 17:17 . 2009-07-29 09:39 117760 ----a-w- c:\documents and settings\giancarlo\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-07-27 17:16 . 2009-07-27 17:16 3285 ----a-w- c:\windows\ijaqinoq.dll
2009-07-27 17:15 . 2009-07-27 17:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-07-27 17:15 . 2009-07-27 17:15 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-07-27 17:15 . 2009-07-27 17:15 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\SUPERAntiSpyware.com
2009-07-27 16:41 . 2008-05-29 07:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-07-27 16:41 . 2009-07-27 16:41 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-07-27 16:41 . 2009-07-27 16:41 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\TuneUp Software
2009-07-27 16:40 . 2009-07-27 16:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-07-27 16:40 . 2009-07-27 16:41 -------- d-----w- c:\programmi\TuneUp Utilities 2008
2009-07-27 16:33 . 2009-07-27 16:33 3253 ----a-w- c:\windows\uviwuhuropifatu.dll
2009-07-27 14:41 . 2009-07-27 14:41 3253 ----a-w- c:\windows\uhajefiqasunu.dll
2009-07-27 13:51 . 2009-07-27 13:51 3269 ----a-w- c:\windows\etuvagifobaw.dll
2009-07-27 11:45 . 2009-07-27 11:45 3261 ----a-w- c:\windows\elomobuni.dll
2009-07-27 09:42 . 2009-07-27 09:42 3277 ----a-w- c:\windows\oxalilahacaf.dll
2009-07-26 20:16 . 2009-07-26 20:16 3253 ----a-w- c:\windows\ikefapifovavoxos.dll
2009-07-26 20:04 . 2009-07-26 20:04 45056 ----a-w- C:\edddo.exe
2009-07-26 20:04 . 2009-07-26 20:04 209960 ----a-w- C:\bioko.exe
2009-07-26 20:03 . 2009-07-26 20:03 90624 ----a-w- C:\yfhmp.exe
2009-07-24 15:39 . 2009-07-24 18:40 -------- d-----w- c:\programmi\IKEA HomePlanner
2009-07-24 15:38 . 2009-07-27 17:14 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-07-22 10:22 . 2009-07-22 10:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nokia
2009-07-20 13:23 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-07-20 13:22 . 2009-07-20 13:25 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Nseries
2009-07-20 13:02 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-07-20 13:01 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-07-20 13:01 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-07-20 13:01 . 2009-02-09 05:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-07-20 13:01 . 2009-02-09 05:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-07-20 13:01 . 2009-02-09 05:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-07-20 13:01 . 2009-02-09 05:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-07-20 12:56 . 2009-07-20 12:56 -------- d-----w- c:\windows\system32\LogFiles
2009-07-20 12:56 . 2004-08-03 21:08 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-07-20 12:55 . 2009-07-20 12:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Suite
2009-07-20 12:55 . 2009-07-22 10:24 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\PC Suite
2009-07-20 12:54 . 2009-07-20 12:54 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\IsolatedStorage
2009-07-20 12:54 . 2009-07-20 13:40 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Nokia
2009-07-20 12:54 . 2009-07-20 12:54 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Nokia
2009-07-20 12:51 . 2009-07-20 12:58 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Nokia
2009-07-20 12:46 . 2009-07-20 12:46 -------- d-----w- c:\programmi\MSXML 6.0
2009-07-20 12:43 . 2009-07-20 12:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NokiaMusic
2009-07-20 12:41 . 2009-07-20 12:42 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2009-07-20 12:40 . 2009-07-20 13:05 -------- d-----w- c:\windows\Globalization
2009-07-20 12:39 . 2009-07-20 13:05 -------- d-----w- c:\programmi\File comuni\Nokia
2009-07-20 12:37 . 2009-07-20 13:02 -------- d-----w- c:\programmi\DIFX
2009-07-20 12:36 . 2009-02-09 05:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-07-20 12:36 . 2009-07-20 14:57 -------- d-----w- c:\programmi\Nokia
2009-07-19 18:23 . 2009-07-19 18:23 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Temp
2009-07-18 14:03 . 2009-07-18 14:03 -------- d-----w- c:\windows\system32\Adobe
2009-07-08 16:44 . 2009-07-08 16:44 -------- d-----w- c:\programmi\Aide PDF to DXF Converter
2009-07-07 17:42 . 2009-07-07 17:42 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Babylon
2009-07-07 17:38 . 2009-07-07 17:38 -------- d-----w- c:\programmi\Babylon
2009-07-07 17:38 . 2009-07-28 18:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Babylon
2009-07-07 17:38 . 2009-07-10 08:14 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Babylon
2009-07-07 11:25 . 2009-07-07 11:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microgaming
2009-07-07 11:25 . 2009-07-07 11:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MGS
2009-07-07 11:25 . 2009-07-07 11:25 -------- d-----w- C:\MicroGaming
2009-07-07 10:44 . 2009-07-07 10:44 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\MusE
2009-07-06 17:37 . 2009-07-06 17:37 -------- d-----w- C:\cdfare
2009-07-05 10:44 . 2009-07-05 10:45 -------- d-----w- C:\Rummy Royal
2009-07-05 10:41 . 2009-07-05 12:19 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\myBabylon_English
2009-07-05 10:41 . 2009-07-05 10:41 -------- d-----w- c:\programmi\Conduit
2009-07-05 10:41 . 2009-07-05 10:41 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Conduit
2009-07-05 10:41 . 2009-07-05 12:20 -------- d-----w- c:\programmi\myBabylon_English
2009-07-05 10:24 . 2005-09-23 21:18 171520 ------w- c:\windows\system32\drivers\MarvinBus.sys
2009-07-05 10:24 . 2009-07-05 10:24 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Downloaded Installations
2009-07-05 10:23 . 2009-07-05 10:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate
2009-07-05 09:52 . 2003-03-15 20:15 90112 ----a-w- c:\windows\unvise32.exe
2009-07-05 09:49 . 2002-01-05 00:37 344064 ------w- c:\windows\system32\msvcr70.dll
2009-07-05 09:49 . 2002-01-05 00:40 487424 ------w- c:\windows\system32\MSVCP70.DLL
2009-07-05 09:49 . 2002-01-05 00:38 54784 ------w- c:\windows\system32\MSVCI70.DLL
2009-07-05 09:49 . 2002-01-05 01:48 974848 ------w- c:\windows\system32\MFC70.DLL
2009-07-05 09:49 . 2002-01-05 01:36 964608 ------w- c:\windows\system32\MFC70U.DLL
2009-07-05 09:49 . 2002-01-04 23:18 84992 ------w- c:\windows\system32\ATL70.DLL
2009-07-05 09:46 . 2009-07-05 11:12 -------- d-----w- c:\programmi\Pinnacle
2009-07-05 09:46 . 2002-03-19 07:29 14165 ------w- c:\windows\system32\drivers\Pclepci.sys
2009-07-05 09:36 . 2009-07-05 09:36 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Bump Technologies, Inc
2009-07-05 09:36 . 2009-07-05 09:36 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Bump Technologies, Inc
2009-07-05 09:35 . 2009-07-05 09:44 -------- d-----w- c:\programmi\BumpTop
2009-07-04 11:57 . 2009-07-05 11:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle
2009-06-30 18:03 . 2009-06-30 18:03 -------- d-----w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\AVG Security Toolbar
2009-06-30 08:08 . 2009-06-14 14:07 1004800 ----a-w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar\IEToolbar.dll
2009-06-30 08:06 . 2009-06-30 08:05 832144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\AVGToolbarInstall.exe
2009-06-30 08:06 . 2009-06-30 17:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar
2009-06-30 08:06 . 2009-06-30 08:06 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2009-06-30 08:06 . 2009-06-30 08:06 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\AVGTOOLBAR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-28 10:32 . 2009-06-13 12:55 -------- d-----w- c:\programmi\eMule
2009-07-26 20:48 . 2009-06-13 19:50 456152 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-07-22 20:01 . 2001-08-31 11:00 83080 ----a-w- c:\windows\system32\perfc010.dat
2009-07-22 20:01 . 2001-08-31 11:00 487694 ----a-w- c:\windows\system32\perfh010.dat
2009-07-20 13:24 . 2009-07-20 13:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-20 13:24 . 2009-07-20 13:24 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-07-20 13:23 . 2009-07-20 13:23 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-20 13:23 . 2009-07-20 13:23 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-07-20 12:55 . 2009-07-20 12:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-07-20 12:55 . 2009-07-20 12:55 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-20 12:55 . 2009-06-13 17:24 70688 ----a-w- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-07-18 09:04 . 2009-06-19 12:36 -------- d-----w- c:\programmi\PokerStars.IT
2009-07-05 17:25 . 2009-06-26 16:14 -------- d-----w- c:\programmi\Calcolatrice
2009-07-05 10:49 . 2009-06-18 17:54 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\closebait
2009-07-05 09:48 . 2009-06-13 12:14 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-07-04 07:31 . 2009-06-13 12:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-06-30 08:05 . 2009-06-13 12:50 11952 ------w- c:\windows\system32\avgrsstx.dll
2009-06-30 08:05 . 2009-06-13 12:50 327688 ------w- c:\windows\system32\drivers\avgldx86.sys
2009-06-30 08:05 . 2009-06-13 12:50 27784 ------w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-28 08:59 . 2009-06-28 08:59 -------- d-----w- c:\programmi\Elaborate Bytes
2009-06-27 19:11 . 2009-06-15 14:13 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Ahead
2009-06-27 15:41 . 2009-06-27 15:30 -------- d-----w- c:\programmi\KarAll - Midi Karaoke player
2009-06-27 15:29 . 2009-06-27 15:29 249856 ------w- c:\windows\Setup1.exe
2009-06-27 15:29 . 2009-06-27 15:29 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-26 16:17 . 2009-06-26 16:17 -------- d-----w- c:\programmi\arcav
2009-06-25 18:01 . 2009-06-25 18:01 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\VSRevoGroup
2009-06-25 17:57 . 2009-06-25 17:57 -------- d-----w- c:\programmi\VS Revo Group
2009-06-20 19:48 . 2009-06-20 14:55 -------- d-----w- c:\programmi\Google
2009-06-19 09:45 . 2009-06-18 17:47 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\Image Zone Express
2009-06-18 17:54 . 2009-06-18 17:54 -------- d-----w- c:\programmi\closebait
2009-06-18 17:47 . 2009-06-18 17:42 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\HP
2009-06-18 17:47 . 2009-06-18 17:42 79198 ----a-w- c:\windows\hpfins05.dat
2009-06-18 17:47 . 2009-06-18 17:47 -------- d-----w- c:\programmi\File comuni\HP
2009-06-18 17:47 . 2009-06-18 17:44 -------- d-----w- c:\programmi\HP
2009-06-18 17:45 . 2009-06-18 17:45 -------- d-----w- c:\programmi\Hewlett-Packard
2009-06-18 17:45 . 2009-06-18 17:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP
2009-06-15 15:28 . 2009-06-13 12:50 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\AVGTOOLBAR
2009-06-15 14:11 . 2009-06-15 14:10 -------- d-----w- c:\programmi\File comuni\Ahead
2009-06-15 14:10 . 2009-06-15 14:10 -------- d-----w- c:\programmi\Nero
2009-06-15 14:10 . 2009-06-15 14:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-06-15 13:33 . 2009-06-15 13:33 -------- d-----w- c:\programmi\AskTBar
2009-06-15 13:26 . 2009-06-13 12:13 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-06-15 12:25 . 2009-06-15 12:25 -------- d-----w- c:\programmi\GiocoDigitale
2009-06-15 12:25 . 2009-06-15 12:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GiocoDigitale
2009-06-15 07:36 . 2009-06-13 12:50 108552 ------w- c:\windows\system32\drivers\avgtdix.sys
2009-06-14 15:18 . 2009-06-14 15:18 -------- d-----w- c:\programmi\File comuni\Adobe
2009-06-14 12:01 . 2009-06-13 11:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-14 10:12 . 2009-06-14 10:12 0 ----a-w- c:\windows\nsreg.dat
2009-06-13 19:52 . 2009-06-13 19:52 -------- d-----w- c:\programmi\Microsoft LifeCam
2009-06-13 19:12 . 2009-06-13 19:12 -------- d-----w- c:\programmi\MSBuild
2009-06-13 19:07 . 2009-06-13 19:07 -------- d-----w- c:\programmi\Reference Assemblies
2009-06-13 18:32 . 2009-06-13 18:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-06-13 18:04 . 2009-06-13 18:04 -------- d-----w- c:\programmi\DAEMON Tools Lite
2009-06-13 18:02 . 2009-06-13 18:02 717296 ------w- c:\windows\system32\drivers\sptd.sys
2009-06-13 18:02 . 2009-06-13 18:02 -------- d-----w- c:\documents and settings\giancarlo\Dati applicazioni\DAEMON Tools
2009-06-13 17:54 . 2009-06-13 17:47 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-06-13 17:50 . 2009-06-13 17:50 -------- d-----w- c:\programmi\TI Education
2009-06-13 17:48 . 2009-06-13 17:48 -------- d-----w- c:\programmi\MessengerPlus! 3
2009-06-13 17:32 . 2009-06-13 17:32 -------- d-----w- c:\programmi\Microsoft
2009-06-13 17:32 . 2009-06-13 17:31 -------- d-----w- c:\programmi\Windows Live
2009-06-13 17:32 . 2009-06-13 17:32 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-06-13 17:24 . 2009-06-13 17:24 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-13 12:50 . 2009-06-13 12:50 -------- d-----w- c:\programmi\AVG
2009-06-13 12:41 . 2009-06-13 12:41 -------- d-----w- c:\programmi\Realtek Sound Manager
2009-06-13 12:41 . 2009-06-13 12:41 -------- d-----w- c:\programmi\AvRack
2009-06-13 12:14 . 2009-06-13 12:14 -------- d-----w- c:\programmi\Alice
2009-06-13 12:13 . 2009-06-13 12:13 -------- d-----w- c:\programmi\Telecom Italia
2009-06-13 12:10 . 2009-06-13 12:10 -------- d-----w- c:\programmi\Microsoft.NET
2009-06-13 11:48 . 2009-06-13 11:48 -------- d-----w- c:\programmi\Servizi in linea
2009-06-13 11:44 . 2009-06-13 11:44 21840 ------w- c:\windows\system32\emptyregdb.dat
2009-06-13 11:43 . 2009-06-13 11:43 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-05-25 12:16 . 2009-05-25 12:16 134312 ------w- c:\windows\system32\ElbyVCD.dll
2009-05-25 12:01 . 2009-05-25 12:01 89256 ------w- c:\windows\system32\ElbyCDIO.dll
2009-05-22 23:08 . 2009-05-22 23:08 29696 ------w- c:\windows\system32\drivers\VClone.sys
2009-05-11 10:47 . 2009-05-11 10:47 1302600 ----a-w- c:\windows\system32\WUDFUpdate_01007.dll
2009-07-28 12:21 . 2009-06-14 10:12 134648 ----a-w- c:\programmi\mozilla firefox\components\brwsrcmp.dll
.

------- Sigcheck -------

[-] 2007-01-03 10:51 296960 F959D929A6A22D78E3A6851A9361CE18 c:\windows\system32\termsrv.dll

[-] 2007-01-03 10:51 399360 348F04E3582EF2467EE5379D67B99FD7 c:\windows\system32\rpcss.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07 1004800 ----a-w- c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2009-07-05 12:20 2215960 ----a-w- c:\programmi\myBabylon_English\tbmyB1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programmi\myBabylon_English\tbmyB1.dll" [2009-07-05 2215960]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\programmi\myBabylon_English\tbmyB1.dll" [2009-07-05 2215960]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-20 39408]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-23 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer" [X]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-30 1948440]
"NokiaMusic FastStart"="c:\programmi\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-02 2327840]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 36975]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2007-01-03 123904]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Nokia Ovi Suite.lnk - c:\programmi\Nokia\Ovi\Suite\RunLauncher.exe [2008-11-11 946176]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-30 08:05 11952 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
"c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [13/06/2009 14.50.37 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [13/06/2009 14.50.42 108552]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 11.01.40 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 11.01.40 72944]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [13/06/2009 14.50.24 298776]
R3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 11.01.42 7408]
S2 bzpgmu;Universal Network;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 hjuodady;kjhoy;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 kpjoikdx;Task Boot;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 TwonkyMedia;TwonkyMedia;c:\programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S2 tyqwg;Support Update;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 xgagigxqt;Config Helper;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 yqbmcol;Manager Security;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 ysaoptts;Support Update;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S2 yyogzuv;System Boot;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15.39.46 14336]
S3 FXDRV;FXDRV;\??\e:\fxdrv.sys --> e:\Fxdrv.sys [?]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - TMCOMM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
yqbmcol
hjuodady
kpjoikdx
xgagigxqt
bzpgmu
yyogzuv
tyqwg
ysaoptts
.
Contenuto della cartella 'Scheduled Tasks'

2009-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-789336058-682003330-1003Core.job
- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-06-13 17:16]

2009-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-789336058-682003330-1003UA.job
- c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-06-13 17:16]

2009-07-29 c:\windows\Tasks\Verifica e correzione automatica.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 07:27]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

URLSearchHooks-*{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
IE: {{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
FF - ProfilePath - c:\documents and settings\giancarlo\Dati applicazioni\Mozilla\Firefox\Profiles\h4vbsyva.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\programmi\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\programmi\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\programmi\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\programmi\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\giancarlo\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.7\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-29 14:15
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bzpgmu]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hjuodady]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kpjoikdx]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\tyqwg]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xgagigxqt]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\yqbmcol]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ysaoptts]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\yyogzuv]
"ServiceDll"="c:\windows\system32\erpbzwmp.dll"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,6c,23,90,4c,4e,
79,f1,73,e2,63,26,f1,3f,c8,ff,68,1a,5d,d3,17,70,3c,13,78,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,eb,e3,e5,30,c9,
4f,b1,be,6a,9c,d6,61,af,45,84,18,d2,db,a3,b8,41,6c,7f,fe,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,14,cf,e8,af,f1,
1c,e3,36,ff,7c,85,e0,43,d4,0e,fe,d0,99,d7,7c,d7,4d,5e,64,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,c7,d3,bd,b1,5d,
c8,6a,b7,86,8c,21,01,be,91,eb,e7,81,36,a3,f0,24,fb,b3,ba,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,39,4a,c9,c6,18,
6c,9e,7d,f5,1d,4d,73,a8,13,5c,05,b3,4e,87,8d,4a,64,56,0b,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,45,7d,f4,76,72,
b3,14,8a,df,20,58,62,78,6b,cf,c8,97,bc,17,8e,1d,b2,a1,3c,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,35,92,86,fc,90,
0d,52,e4,fb,a7,78,e6,12,2f,9a,ea,8a,8d,6f,a8,06,f1,39,7c,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,be,ce,7f,73,df,
2b,a4,9d,01,3a,48,fc,e8,04,4a,f1,c1,77,2c,50,08,5f,21,f8,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,4c,a6,b5,56,1f,
1c,30,cd,f6,0f,4e,58,98,5b,89,c9,6e,b9,c3,bf,71,75,1c,95,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,97,68,aa,e3,5a,
af,4c,ce,3d,ce,ea,26,2d,45,aa,78,70,f3,85,ce,23,bb,78,70,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,ca,35,de,e3,09,
d5,4d,9c,2a,b7,cc,b5,b9,7f,41,e7,a2,fb,a0,09,19,9b,96,be,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,6a,14,21,81,d4,
9c,f0,47,6c,43,2d,1e,aa,22,2f,9c,21,4e,b7,a5,eb,e7,13,70,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\SHSVCS.dll
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\CLBCATQ.DLL
c:\windows\system32\DNSAPI.dll

- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\WLDAP32.dll
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ipsecsvc.dll
.
Ora fine scansione: 2009-07-29 14.18.55
ComboFix-quarantined-files.txt 2009-07-29 12:18

Pre-Run: 55.453.159.424 byte disponibili
Post-Run: 55.644.225.536 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Avatar utente
sperdragon
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: dom lug 26, 2009 9:14 pm
Top

Re: lentissimamente lento

Messaggioda Max01 » mer lug 29, 2009 2:54 pm

crazy.cat ha scritto:potresti provare a rimuovere qualche toolbar che appesantisco la navigazione per niente.

Perfettamente daccordo con crazy.cat, in particolare la Ask Toolbar, considerata da molti un adware.
"Vederselo davanti è un’esperienza che non si dimentica. Il Maine Coon è davvero un gatto enorme, imponente e regale.
Avatar utente
Max01
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 1975
Iscritto il: sab feb 23, 2008 3:00 pm
Località: Firenze
Top

Re: combofix eseguito

Messaggioda crazy.cat » mer lug 29, 2009 5:39 pm

sperdragon ha scritto:Ci capite qualcosa?

Ci sono un sacco di dll ed eseguibili strani.
Meglio che fai una scansione con un vero antivirus, avira per esempio, e qualche programma antispyware, malwarebytes o superantispyware, c'è troppo casino nel tuo pc.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 17 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising