Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

smitfraudfix non parte

Office fa le bizze? Photoshop non funziona più? Forse possiamo darti una mano...

smitfraudfix non parte

Messaggioda tempurio » mar nov 25, 2008 4:40 pm

ciao ragazzi! come sempre, appena sento che c'è un software che pulisce io lo provo! che è la mia passione!...dunque sbirciando nel forum trovo questo smitfraudfix specializzato in rogue-software se non sbaglio....quindi lo scarico e lo lancio, ma poi appare "impossibile accedere alla periferica, al file o al percorso, è probabile che non si disponga delle autorizzazioni necessarie" cosa può essere?...e grazie come sempre....
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda Amantide » mar nov 25, 2008 5:28 pm

tempurio ha scritto:ciao ragazzi! come sempre, appena sento che c'è un software che pulisce io lo provo! che è la mia passione!...dunque sbirciando nel forum trovo questo smitfraudfix specializzato in rogue-software se non sbaglio....quindi lo scarico e lo lancio, ma poi appare "impossibile accedere alla periferica, al file o al percorso, è probabile che non si disponga delle autorizzazioni necessarie" cosa può essere?...e grazie come sempre....

Non è che ti sei beccato qualche schifezza a forza di provare tutti questi programmi? Vedi se riesci a far funzionare Combofix.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: smitfraudfix non parte

Messaggioda tempurio » mar nov 25, 2008 6:28 pm

non parte neanche Combofix e riporta lo stesso messaggio!
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA


Re: smitfraudfix non parte

Messaggioda ste_95 » mar nov 25, 2008 6:47 pm

Sei su Vista? Hai provato a fare clic destro --> Avvia come amministratore?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: smitfraudfix non parte

Messaggioda tempurio » mar nov 25, 2008 7:15 pm

uso internet explorer 8 beta 2, non c'è altro account! su internet va lento, e spybot search&destroy spesso viene disattivato e forse non conta niente ma in due settimane ho ricevuto troppi aggiornamenti ; windows,win media player, vlc 2 volte, adobe, internet exp...e3cc.., il mio sospetto è che ho qualche rogue-software o degli script in qualche software fidato! perché facendo un'analisi con hijacker e gmer all'inizio va bene ma poi si ripresenta la stesso problema! se volete vi mando i rispettivi log!
Ultima modifica di tempurio il mar nov 25, 2008 7:22 pm, modificato 1 volta in totale.
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda nannolo » mar nov 25, 2008 7:17 pm

tempurio ha scritto:Se volete vi mando i rispettivi log!
Io dico che è il caso. [std]
By golly, I'm beginning to think Linux really *is* the best thing since sliced bread.
Avatar utente
nannolo
Bronze Member
Bronze Member
 
Messaggi: 585
Iscritto il: mar ott 14, 2008 4:47 pm

Re: smitfraudfix non parte

Messaggioda tempurio » mar nov 25, 2008 7:42 pm

vi mando solo hj perché gmer e sophos quando li mando mi si inpalla il pc

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.27.34, on 25/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\apps\ABoard\ABoard.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\apps\ABoard\AOSD.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\slserv.exe
C:\Programmi\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/webhp?sourceid=nav ... t&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SUPERAntiSpyware Professional.lnk = C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.avp.it/kos/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3187009593
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MBAMService - Unknown owner - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 7724 bytes
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda Amantide » mar nov 25, 2008 9:53 pm

Nel log di Hijackthis non si vede nulla di anomalo.
Vedi se riesci ad eseguire dalla modalità provvisoria ComboFix rinominato
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: smitfraudfix non parte

Messaggioda tempurio » mer nov 26, 2008 12:30 am

spiegati meglio! cosa sarebbe questo combofix rinominato?^.....quel link mi inceppa la memoria! non posso seguirti....(aiuto)......ho scaricato pincopallino.exe ma quando lo lancio mi dice di aggiornarlo! io gli dico di no e me lo cancella! è normale? perché tutti questi aggiornamenti?
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda Amantide » mer nov 26, 2008 1:30 pm

Alcuni malware bloccano l'esecuzione o addirittura lo scaricamento di vari tool di rimozione riconoscendo i loro nomi ed a volte si riesce ad aggirare questo problema rinominando il tool.
Forse ti chiede di aggiornarlo perché avevo caricato su mediafire tempo fa, prova con questo nuovo file.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: smitfraudfix non parte

Messaggioda tempurio » mer nov 26, 2008 2:02 pm

mi si impalla anche in modalità provvisoria! trovo difficoltà ad entrare solo nel vostro sito! gli altri vanno!comunque sono riuscito a far partire combofix ma in modalità normale, vi posto il log

ComboFix 08-11-26.03 - claudia 2008-11-26 13.03.10.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1644 [GMT 1:00]
Eseguito da: d:\documents and settings\claudia\Documenti\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2008-10-26 al 2008-11-26 )))))))))))))))))))))))))))))))))))
.

2008-11-26 11:31 . 2008-11-26 11:31 <DIR> d-------- C:\pincopallino
2008-11-24 20:44 . 2008-11-24 20:44 <DIR> d-------- d:\documents and settings\FIDEL\Nuova cartella
2008-11-24 14:02 . 2008-11-24 14:02 <DIR> d--hs---- d:\documents and settings\claudia\PrivacIE
2008-11-24 13:54 . 2008-11-24 13:55 <DIR> d--h-c--- c:\windows\ie8
2008-11-24 12:54 . 2008-11-24 12:54 2,021 --a------ d:\documents and settings\FIDEL\RicercaOpPianificate_versione_N.D.zip
2008-11-22 18:41 . 2008-11-22 18:41 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\vlc
2008-11-20 14:49 . 2008-11-20 14:51 <DIR> d-------- d:\documents and settings\FIDEL\file di sistema
2008-11-20 11:06 . 2004-03-09 01:00 152,848 --a------ c:\windows\system32\comdlg32.ocx
2008-11-19 16:49 . 2008-11-19 16:49 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-11-19 16:49 . 2008-11-19 16:49 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-19 16:48 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-11-19 00:33 . 2008-09-15 08:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2008-11-19 00:33 . 2008-09-15 08:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-11-19 00:33 . 2008-09-15 08:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-11-19 00:33 . 2008-09-15 08:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-11-19 00:33 . 2008-09-15 08:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-11-18 23:59 . 2008-11-18 23:59 <DIR> d-------- c:\programmi\File comuni\PCSuite
2008-11-18 19:08 . 2008-11-18 19:09 <DIR> d-------- C:\PerfLogs
2008-11-18 18:36 . 2008-11-18 18:37 25,992 --a------ c:\windows\system32\pgdfgsvc.exe
2008-11-17 22:37 . 2008-11-18 21:01 <DIR> d-------- c:\programmi\7-Zip
2008-11-14 22:44 . 2008-11-14 22:44 1,580,771 --a------ C:\backup.reg
2008-11-14 22:43 . 2008-11-14 22:43 135,168 --a------ C:\zip.exe
2008-11-14 22:43 . 2008-11-14 22:43 19,286 --a------ C:\cleanup.exe
2008-11-14 22:43 . 2008-11-14 22:43 574 --a------ C:\cleanup.bat
2008-11-14 13:24 . 2008-11-14 13:24 <DIR> d-------- c:\programmi\File comuni\Adobe
2008-11-14 13:21 . 2008-11-14 18:40 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\NOS
2008-11-14 13:21 . 2008-11-14 18:39 <DIR> d-------- c:\programmi\NOS
2008-11-13 13:06 . 2008-11-13 13:06 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\Avira
2008-11-13 13:06 . 2008-11-13 13:06 <DIR> d-------- c:\programmi\Avira
2008-11-12 21:08 . 2008-09-04 18:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 21:08 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 20:52 . 2008-11-12 20:52 <DIR> d-------- c:\windows\system32\Kaspersky Lab
2008-11-11 19:16 . 2008-11-11 19:16 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Canneverbe_Limited
2008-11-11 19:16 . 2008-11-13 12:40 <DIR> d-------- c:\programmi\CDBurnerXP
2008-11-11 18:41 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-11 18:39 . 2008-11-11 18:41 <DIR> d-------- c:\windows\system32\XPSViewer
2008-11-11 18:39 . 2008-11-11 18:39 <DIR> d-------- c:\programmi\Reference Assemblies
2008-11-11 18:39 . 2008-11-11 18:39 <DIR> d-------- c:\programmi\MSBuild
2008-11-11 18:38 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2008-11-11 18:38 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\dllcache\xpssvcs.dll
2008-11-11 18:38 . 2008-07-06 11:50 597,504 --------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-11-11 18:38 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2008-11-11 18:38 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\dllcache\xpsshhdr.dll
2008-11-11 18:38 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2008-11-11 18:38 . 2008-07-06 13:06 89,088 --------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-11-06 03:14 . 2008-11-06 03:14 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\CyberLink
2008-11-06 00:33 . 2008-11-09 19:30 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Desktopicon
2008-11-06 00:33 . 2008-11-06 00:36 <DIR> d-------- c:\programmi\Unlocker
2008-11-05 21:43 . 2008-11-24 12:47 1,943 --a------ c:\windows\imsins.BAK
2008-11-05 11:30 . 2008-11-19 20:03 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\dvdcss
2008-11-01 17:39 . 2008-11-01 17:39 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\Malwarebytes
2008-11-01 17:29 . 2004-09-03 12:45 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Risorse di stampa
2008-11-01 17:29 . 2004-09-03 12:45 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Risorse di rete
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Preferiti
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Modelli
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Menu Avvio
2008-11-01 17:29 . 2008-11-26 13:04 <DIR> d--h----- d:\documents and settings\Administrator.114945350318.000\Impostazioni locali
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> dr------- d:\documents and settings\Administrator.114945350318.000\Documenti
2008-11-01 17:29 . 2006-02-23 16:31 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\Symantec
2008-11-01 17:29 . 2008-10-05 03:47 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni\ATI
2008-11-01 17:29 . 2008-11-01 17:39 <DIR> dr-h----- d:\documents and settings\Administrator.114945350318.000\Dati applicazioni
2008-11-01 17:29 . 2008-11-01 17:29 <DIR> d-------- d:\documents and settings\Administrator.114945350318.000
2008-11-01 17:07 . 2008-11-01 17:07 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\Malwarebytes
2008-11-01 17:07 . 2008-11-23 10:37 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-01 17:07 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-01 17:07 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-01 16:22 . 2008-11-01 16:22 <DIR> d-------- c:\programmi\rustok ANTIROOTKIT
2008-10-28 16:09 . 2008-10-28 16:09 <DIR> d-------- d:\documents and settings\claudia\Dati applicazioni\ArcSoft
2008-10-28 07:21 . 2008-11-26 11:16 <DIR> d-------- c:\programmi\Seagate
2008-10-26 06:44 . 2008-10-28 07:49 <DIR> d-------- d:\documents and settings\archivio PG2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-26 10:18 --------- d-----w c:\programmi\PEERGUARDIAN2
2008-11-26 10:09 --------- d-----w c:\programmi\eMule
2008-11-25 21:22 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-25 18:48 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Google Updater
2008-11-24 16:49 --------- d-----w c:\programmi\Google
2008-11-24 11:55 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Skype
2008-11-24 11:24 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\skypePM
2008-11-20 02:59 --------- d-----w c:\programmi\Nokia
2008-11-20 02:59 --------- d-----w c:\programmi\File comuni\Nokia
2008-11-18 23:36 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Nokia
2008-11-18 23:26 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Installations
2008-11-18 20:25 --------- d-----w c:\programmi\SUPERAntiSpyware
2008-11-09 14:50 --------- d-----w c:\programmi\Spybot - Search & Destroy
2008-11-06 02:16 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\CyberLink
2008-11-06 02:06 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2008-11-06 02:06 --------- d-----w c:\programmi\Ulead Systems
2008-11-06 02:02 --------- d-----w c:\programmi\Sonic
2008-11-06 01:56 --------- d-----w c:\programmi\File comuni\Ulead Systems
2008-11-05 11:23 --------- d-----w c:\programmi\CCleaner
2008-10-31 08:29 --------- d-----w c:\programmi\RootkitRevealer
2008-10-27 16:00 --------- d-----w c:\programmi\VideoLAN
2008-10-25 08:13 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\PC Suite
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:36 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-14 06:41 716,272 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-11 17:29 --------- d-----w c:\programmi\MSXML 6.0
2008-10-10 11:26 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\VadeRetro
2008-10-08 07:22 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-08 07:22 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-08 07:22 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Nokia
2008-10-08 07:09 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2008-10-08 07:09 --------- d-----w c:\programmi\PC Connectivity Solution
2008-10-07 20:38 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Sonic
2008-10-07 20:37 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Leadertech
2008-10-05 17:37 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Datalayer
2008-10-05 15:16 --------- d-----w c:\programmi\DIFX
2008-10-05 15:15 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\PC Suite
2008-10-05 15:06 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-10-05 15:06 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Panasonic
2008-10-05 15:04 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\InstallShield
2008-10-05 15:04 --------- d-----w c:\programmi\Panasonic
2008-10-05 14:59 --------- d-----w c:\programmi\File comuni\Ahead
2008-10-05 14:59 --------- d-----w c:\programmi\Ahead
2008-10-05 14:48 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\AdobeUM
2008-10-05 14:28 --------- d-----w c:\programmi\File comuni\Apple
2008-10-05 13:50 --------- d-----w c:\programmi\Lexmark X1100 Series
2008-10-05 13:27 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Apple Computer
2008-10-05 13:27 --------- d-----w c:\programmi\QuickTime
2008-10-05 13:26 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Apple Computer
2008-10-05 11:14 --------- d-----w c:\programmi\Microsoft CAPICOM 2.1.0.2
2008-10-05 08:35 --------- d-----w c:\programmi\File comuni\Skype
2008-10-05 08:27 --------- d-----w c:\programmi\Picasa2
2008-10-05 07:25 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\SUPERAntiSpyware.com
2008-10-05 07:25 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-10-05 06:42 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Symantec
2008-10-05 06:13 --------- d-----w c:\programmi\MSXML 4.0
2008-10-05 05:52 --------- d-----w c:\programmi\Telecom Italia
2008-10-05 05:38 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\File comuni\Motive
2008-10-05 05:34 --------- d-----w c:\programmi\Common Files
2008-10-05 05:34 --------- d-----w c:\programmi\Alice ti aiuta
2008-10-05 05:21 155,995 ----a-w c:\windows\java\Packages\GPN5BFNN.ZIP
2008-10-05 05:07 --------- d-----w c:\programmi\Java
2008-10-05 02:47 --------- d-----w d:\documents and settings\claudia\Dati applicazioni\ATI
2008-10-05 02:46 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\VadeRetro
2008-10-05 02:44 --------- d-----w c:\programmi\ShowTime
2008-10-05 02:44 --------- d-----w c:\programmi\Servizi in linea
2008-10-05 02:44 --------- d-----w c:\programmi\Realtek AC97
2008-10-05 02:41 --------- d-----w c:\programmi\File comuni\SureThing Shared
2008-10-05 02:40 --------- d-----w c:\programmi\Windows Media Components
2008-10-05 02:40 --------- d-----w c:\programmi\Realtek Sound Manager
2008-10-05 02:40 --------- d-----w c:\programmi\Real
2008-10-05 02:40 --------- d-----w c:\programmi\Norman
2008-10-05 02:40 --------- d-----w c:\programmi\microsoft frontpage
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\xing shared
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\Real
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\Java
2008-10-05 02:40 --------- d-----w c:\programmi\File comuni\InstallShield
2008-10-05 02:40 --------- d-----w c:\programmi\ATI Technologies
2008-10-05 02:40 --------- d-----w c:\programmi\AMD
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:24 1,846,400 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( snapshot@2008-11-14_19.32.35,62 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-13 16:39:20 71,680 -c--a-w c:\windows\ie8\admparse.dll
+ 2008-08-26 07:57:14 124,928 -c--a-w c:\windows\ie8\advpack.dll
+ 2008-04-14 02:13:37 35,328 -c--a-w c:\windows\ie8\corpol.dll
+ 2008-08-26 07:57:14 347,136 -c--a-w c:\windows\ie8\dxtmsft.dll
+ 2008-08-26 07:57:14 214,528 -c--a-w c:\windows\ie8\dxtrans.dll
+ 2007-08-13 16:18:02 60,416 -c--a-w c:\windows\ie8\hmmapi.dll
+ 2008-08-26 07:57:14 63,488 -c--a-w c:\windows\ie8\icardie.dll
+ 2008-08-25 08:39:58 70,656 -c--a-w c:\windows\ie8\ie4uinit.exe
+ 2008-08-26 07:57:14 153,088 -c--a-w c:\windows\ie8\ieakeng.dll
+ 2008-08-26 07:57:15 230,400 -c--a-w c:\windows\ie8\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\ie8\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\ie8\ieapfltr.dat
+ 2008-08-26 07:57:15 383,488 -c--a-w c:\windows\ie8\ieapfltr.dll
+ 2008-08-26 07:57:15 384,512 -c--a-w c:\windows\ie8\iedkcs32.dll
+ 2008-04-14 02:13:40 81,920 -c--a-w c:\windows\ie8\ieencode.dll
+ 2008-10-03 16:58:43 6,066,176 -c--a-w c:\windows\ie8\ieframe.dll
+ 2007-08-13 16:54:10 191,488 -c--a-w c:\windows\ie8\iepeers.dll
+ 2007-08-13 16:54:10 287,744 -c--a-w c:\windows\ie8\ieproxy.dll
+ 2008-08-26 07:57:17 44,544 -c--a-w c:\windows\ie8\iernonce.dll
+ 2008-08-26 07:57:17 267,776 -c--a-w c:\windows\ie8\iertutil.dll
+ 2007-08-13 16:39:12 55,296 -c--a-w c:\windows\ie8\iesetup.dll
+ 2007-08-13 16:54:10 180,736 -c--a-w c:\windows\ie8\ieui.dll
+ 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\ie8\iexplore.exe
+ 2007-08-13 16:36:06 36,352 -c--a-w c:\windows\ie8\imgutil.dll
+ 2007-08-13 16:39:02 92,672 -c--a-w c:\windows\ie8\inseng.dll
+ 2008-05-09 10:53:49 512,000 -c--a-w c:\windows\ie8\jscript.dll
+ 2008-08-26 07:57:18 27,648 -c--a-w c:\windows\ie8\jsproxy.dll
+ 2007-08-13 16:44:18 40,960 -c--a-w c:\windows\ie8\licmgr10.dll
+ 2008-08-26 07:57:18 459,264 -c--a-w c:\windows\ie8\msfeeds.dll
+ 2008-08-26 07:57:18 52,224 -c--a-w c:\windows\ie8\msfeedsbs.dll
+ 2007-08-13 16:36:40 12,288 -c--a-w c:\windows\ie8\msfeedssync.exe
+ 2007-08-13 16:32:30 45,568 -c--a-w c:\windows\ie8\mshta.exe
+ 2008-08-27 08:57:22 3,593,216 -c--a-w c:\windows\ie8\mshtml.dll
+ 2008-08-26 07:57:20 477,696 -c--a-w c:\windows\ie8\mshtmled.dll
+ 2007-08-13 16:01:12 48,128 -c--a-w c:\windows\ie8\mshtmler.dll
+ 2007-08-13 16:54:10 156,160 -c--a-w c:\windows\ie8\msls31.dll
+ 2008-08-26 07:57:21 193,024 -c--a-w c:\windows\ie8\msrating.dll
+ 2008-08-26 07:57:21 671,232 -c--a-w c:\windows\ie8\mstime.dll
+ 2008-08-26 07:57:21 102,912 -c--a-w c:\windows\ie8\occache.dll
+ 2008-08-26 07:57:21 44,544 -c--a-w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 15:43:38 215,776 -c--a-w c:\windows\ie8\spuninst.exe
+ 2008-09-08 20:27:20 49,736 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
+ 2008-06-12 10:28:10 234,016 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
+ 2008-06-12 10:28:10 401,952 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-08-26 07:57:21 105,984 -c--a-w c:\windows\ie8\url.dll
+ 2008-08-26 07:57:22 1,159,680 -c--a-w c:\windows\ie8\urlmon.dll
+ 2008-05-09 10:53:50 430,080 -c--a-w c:\windows\ie8\vbscript.dll
+ 2008-05-27 17:23:58 765,952 -c--a-w c:\windows\ie8\vgx.dll
+ 2008-08-26 07:57:22 233,472 -c--a-w c:\windows\ie8\webcheck.dll
+ 2007-08-13 16:45:16 206,336 -c--a-w c:\windows\ie8\winfxdocobj.exe
+ 2008-08-26 07:57:22 826,368 -c--a-w c:\windows\ie8\wininet.dll
+ 2008-11-18 23:33:59 3,262 ----a-r c:\windows\Installer\{CBDE9C7D-CF52-4558-B23E-B66359CB586A}\ARPPRODUCTICON.exe
+ 2008-11-18 23:01:02 15,086 ----a-r c:\windows\Installer\{D5577624-0626-4C4B-87AA-D966DA1739D6}\ARPPRODUCTICON.exe
- 2007-08-13 16:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\admparse.dll
- 2008-08-26 07:57:14 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\advpack.dll
- 2007-03-29 21:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
+ 2007-03-29 22:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
- 2008-04-14 02:13:37 35,328 ------w c:\windows\system32\corpol.dll
+ 2008-08-22 02:07:08 18,944 ----a-w c:\windows\system32\corpol.dll
- 2007-08-13 16:39:20 71,680 ------w c:\windows\system32\dllcache\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\dllcache\admparse.dll
- 2008-08-26 07:57:14 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-06-12 10:28:10 1,022,976 ------w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-22 02:07:08 18,944 ------w c:\windows\system32\dllcache\corpol.dll
- 2008-08-26 07:57:14 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 16:18:02 60,416 ------w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-08-22 02:00:28 68,608 ----a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-08-26 07:57:14 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:39:58 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:57:15 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 ------w c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\dllcache\ieapfltr.dat
- 2008-08-26 07:57:15 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\dllcache\ieframe.dll
- 2007-08-13 16:54:10 191,488 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-08-26 07:57:17 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:57:17 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 16:39:12 55,296 ------w c:\windows\system32\dllcache\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-08-23 05:56:15 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-09-08 20:25:44 637,984 ----a-w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-13 16:36:06 36,352 ------w c:\windows\system32\dllcache\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\dllcache\imgutil.dll
- 2007-08-13 16:39:02 92,672 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\dllcache\inseng.dll
- 2008-05-09 10:53:49 512,000 ------w c:\windows\system32\dllcache\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\dllcache\jscript.dll
- 2008-08-26 07:57:18 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2007-08-13 16:44:18 40,960 ------w c:\windows\system32\dllcache\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\dllcache\licmgr10.dll
- 2008-08-26 07:57:18 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 16:32:30 45,568 ------w c:\windows\system32\dllcache\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\dllcache\mshta.exe
- 2008-08-27 08:57:22 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:57:20 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 16:01:12 48,128 ------w c:\windows\system32\dllcache\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\dllcache\mshtmler.dll
- 2007-08-13 16:54:10 156,160 ------w c:\windows\system32\dllcache\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\dllcache\msls31.dll
- 2008-08-26 07:57:21 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:57:21 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:57:21 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:57:21 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 10:28:10 1,497,088 ------w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-12 10:28:10 474,112 ------w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-06-12 10:27:56 134,144 ------w c:\windows\system32\dllcache\sqmapi.dll
- 2008-08-26 07:57:21 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:57:22 1,159,680 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-05-09 10:53:50 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\dllcache\vbscript.dll
- 2008-05-27 17:23:58 765,952 ------w c:\windows\system32\dllcache\vgx.dll
+ 2008-08-22 02:07:20 755,200 ----a-w c:\windows\system32\dllcache\VGX.dll
- 2008-08-26 07:57:22 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:57:22 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\dllcache\wininet.dll
- 2008-11-13 12:09:55 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2008-11-25 11:37:23 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
- 2006-11-02 05:22:54 492,000 ------w c:\windows\system32\drivers\wdf01000.sys
+ 2008-03-27 15:27:46 503,008 ------w c:\windows\system32\drivers\wdf01000.sys
- 2006-11-02 05:22:52 32,224 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2008-03-27 15:27:48 35,040 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2008-09-15 07:56:24 17,664 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmb.sys
+ 2008-09-15 07:56:26 91,136 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcls.dll
+ 2008-09-15 07:56:26 659,968 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\nmwcdcocls.dll
+ 2008-09-15 07:29:28 1,112,288 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\wdfcoinstaller01007.dll
+ 2008-09-15 07:56:34 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbcj_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerfltj.sys
+ 2008-09-15 07:56:24 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbm_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\usbser_lowerflt.sys
+ 2008-09-15 07:56:24 22,016 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbo_338785DB262FD86AC1597B0D3A9EE1F4A4B5E460\ccdcmbo.sys
- 2008-08-26 07:57:14 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:57:14 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\icardie.dll
- 2006-06-29 06:05:44 26,112 ------w c:\windows\system32\idndl.dll
+ 2008-06-12 10:27:42 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-08-25 08:39:58 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:57:15 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\ieapfltr.dat
- 2008-08-26 07:57:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\ieframe.dll
- 2007-08-13 16:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\iepeers.dll
- 2008-08-26 07:57:17 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:57:17 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\iertutil.dll
- 2007-08-13 16:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\iesetup.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-22 02:06:24 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-13 16:54:10 180,736 ------w c:\windows\system32\ieui.dll
+ 2008-08-22 01:58:12 181,760 ----a-w c:\windows\system32\ieui.dll
- 2007-08-13 16:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\imgutil.dll
- 2007-08-13 16:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\inseng.dll
- 2008-05-09 10:53:49 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\jscript.dll
- 2008-08-26 07:57:18 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\jsproxy.dll
- 2007-08-13 16:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-05 16:55:38 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2008-08-26 07:57:18 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
+ 2008-08-22 02:05:22 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2007-08-13 16:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-08-27 08:57:22 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:57:20 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\mshtmled.dll
- 2007-08-13 16:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2007-08-13 16:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-08-26 07:57:21 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:57:21 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\mstime.dll
- 2006-06-28 15:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2008-06-12 10:27:44 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2008-02-01 14:17:04 90,624 ----a-w c:\windows\system32\nmwcdcls.dll
+ 2008-09-15 07:56:26 91,136 ----a-w c:\windows\system32\nmwcdcls.dll
- 2006-06-29 06:05:44 23,552 ------w c:\windows\system32\normaliz.dll
+ 2008-06-12 10:27:42 23,552 ----a-w c:\windows\system32\normaliz.dll
- 2008-08-26 07:57:21 102,912 ------w c:\windows\system32\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\occache.dll
- 2008-08-26 07:57:21 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:00 48,640 ------w c:\windows\system32\PrivacIE.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2008-07-08 13:06:04 18,808 ------w c:\windows\system32\spmsg.dll
+ 2008-06-12 10:28:10 18,464 ------w c:\windows\system32\spmsg.dll
- 2007-11-30 11:18:51 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-06-12 10:28:10 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-08-26 07:57:21 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:57:22 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\urlmon.dll
- 2008-05-09 10:53:50 430,080 ----a-w c:\windows\system32\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2008-08-26 07:57:22 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2007-08-13 16:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
+ 2008-08-22 02:08:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2008-08-26 07:57:22 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\wininet.dll
- 2008-04-14 02:13:58 121,856 ------w c:\windows\system32\xmllite.dll
+ 2008-06-12 10:28:02 121,856 ----a-w c:\windows\system32\xmllite.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 68856]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\claudia\Menu Avvio\Programmi\Esecuzione automatica\
SUPERAntiSpyware Professional.lnk - c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1805552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"noncercareprogsulweb"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
path=d:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Alice ti aiuta.lnk
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^PHOTOfunSTUDIO -viewer-.lnk]
path=d:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\PHOTOfunSTUDIO -viewer-.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO -viewer-.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^claudia^Menu Avvio^Programmi^Esecuzione automatica^Malwarebites.lnk]
path=d:\documents and settings\claudia\Menu Avvio\Programmi\Esecuzione automatica\Malwarebites.lnk
backup=c:\windows\pss\Malwarebites.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
c:\programmi\Tall Emu\Online Armor\oaui.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]
c:\progra~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2005-08-12 14:43 45056 c:\programmi\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
--a------ 2003-08-19 10:01 57344 c:\programmi\Lexmark X1100 Series\lxbkbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
--a------ 2008-10-22 16:10 399504 c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2006-04-21 14:41 438359 c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
--a------ 2008-04-14 03:14 172032 c:\windows\pchealth\helpctr\binaries\msconfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 03:14 1695232 c:\programmi\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]
--a------ 2005-09-18 17:40 1421824 c:\programmi\PEERGUARDIAN2\pg2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 11:16 1833296 c:\programmi\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 05:15 15872 c:\programmi\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2005-10-24 13:45 90112 c:\windows\soundman.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\PEERGUARDIAN2\\pg2.exe"=
"c:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=
"c:\\Programmi\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe"=
"c:\\Programmi\\Malwarebytes' Anti-Malware\\mbamgui.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\APPS\\skype\\Phone\\Skype.exe"=

R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-10-05 8192]
R3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys [2008-11-01 15504]
S2 MBAMService;MBAMService;"c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe" []
.
Contenuto della cartella 'Scheduled Tasks'

2008-11-26 c:\windows\Tasks\Garanzia estesa.job
- c:\apps\SMP\PBCARNOT.EXE []

2008-11-26 c:\windows\Tasks\Master CD_DVD Creator.job
- c:\apps\SMP\MCDCHECK.EXE []

2008-11-25 c:\windows\Tasks\User_Feed_Synchronization-{24B58A33-193D-4A91-B7EE-4467D5EEDD0A}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
.
------- Supplementare di scansione -------
.
uStart Page = hxxp://www.google.it/webhp?sourceid=nav ... t&ie=UTF-8
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 13:04:38
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(608)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2008-11-26 13.05.15
ComboFix-quarantined-files.txt 2008-11-26 12:05:13
ComboFix2.txt 2008-11-26 10:59:49

Pre-Run: 21.596.622.848 byte disponibili
Post-Run: 21,582,565,376 byte disponibili

566 --- E O F --- 2008-11-24 12:59:43
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda Amantide » mer nov 26, 2008 2:40 pm

Nel log di Combofix non si vede nulla di sospetto [uhm] Ammeno che non si tratta di un rootkit particolare non sarei nennemo tanto sicura che si tratta di un problema virale [boh]

Intanto vediamo se si tratta di uno degli ultimi conosciuti:
Scarica mbr.exe e salvalo nella directory C:\
Dopo vai su Start>> Esegui e digita c:\mbr.exe
Mbr.exe metterà qualche secondo a fare la scansione. Fatto ciò postami qui il contenuto del log creato che troverai in c:\mbr.log
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: smitfraudfix non parte

Messaggioda tempurio » mer nov 26, 2008 2:50 pm

ammazza! neanche mezzo secondo! eccolo

Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
che dice tutto ok...
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA

Re: smitfraudfix non parte

Messaggioda Amantide » mer nov 26, 2008 4:21 pm

Eh, anche questo possiamo scartare.

Vedi se riesci a fare la scansione con almeno uno di questi antirootkit e se non ti trovono nulla di sospetto direi che puoi iniziare a pensare ad un problema hardware [boh]
Prova a testare la RAM con Memtest ed anche hard disk.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: smitfraudfix non parte

Messaggioda tempurio » mer nov 26, 2008 4:44 pm

ok ma dove lo scarico? su internet non trovo niente.....intanto ho scaricato Panda antirootkit ma quando lo lancio dà errore! ora provo con McAfee....
Quis custodiet ipsos custodes? (Chi sorveglierà i sorveglianti?) - Giovenale
Avatar utente
tempurio
Aficionado
Aficionado
 
Messaggi: 137
Iscritto il: lun ott 13, 2008 8:38 am
Località: ROMA


Torna a Software

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising