Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Interpretazione log Combofix e file eliminati

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Interpretazione log Combofix e file eliminati

Messaggioda barocco » dom set 13, 2009 2:55 pm

Avendo riscontrato ripetuti errori nelle connessione internet e mancata visualizzazione di pagine web con IE8, per scrupolo ho eseguito la scansione con combofix e Kaspersky oneline, quest'ultimo non ha rilevato nulla.

Mi potete spiegare a cosa si riferiscono le voci che combofix indica come "altre leiminazioni" e cosa intende per "chiavi di registro bloccate?"

Il log presenta voci da eliminare o altre azioni da intraprendere? GRAZIE

ComboFix 09-09-12.A0 - Nessuno 13/09/2009 10.17.56.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.1914.1140 [GMT 2:00]
Eseguito da: c:\users\Nessuno\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

c:\$recycle.bin\S-1-5-21-1175915938-776635755-195439990-500
c:\$recycle.bin\S-1-5-21-442661990-26195359-2138172642-500
c:\windows\ShellNew
c:\windows\ShellNew\Journal.jnt

((((((((((((((((((((((((( Files Creati Da 2009-08-13 al 2009-09-13 )))))))))))))))))))))))))))))))))))

2009-09-13 08:27 . 2009-09-13 08:27 -------- d-----w- c:\users\Nessuno\AppData\Local\temp
2009-09-13 08:27 . 2009-09-13 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-12 16:07 . 2009-09-12 16:07 -------- d-----w- c:\users\Nessuno\AppData\Roaming\EPSON
2009-09-12 15:57 . 2009-09-12 15:57 -------- d-----w- c:\programdata\UDL
2009-09-12 15:57 . 2009-09-12 15:57 -------- d-----w- c:\program files\Epson Software
2009-09-12 15:56 . 2009-09-12 15:56 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-09-12 15:51 . 2007-04-10 10:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-12 15:51 . 2007-12-07 11:08 86528 ----a-w- c:\windows\system32\E_FLBEDE.DLL
2009-09-12 15:51 . 2007-12-07 11:01 78848 ----a-w- c:\windows\system32\E_FD4BEDE.DLL
2009-09-12 15:51 . 2009-09-12 15:53 -------- d-----w- c:\programdata\EPSON
2009-09-12 15:50 . 2007-07-12 22:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-09-12 15:50 . 2009-09-12 15:54 -------- d-----w- c:\program files\epson
2009-09-09 09:13 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 09:13 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 09:13 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 09:13 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 09:13 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 09:13 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 09:13 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 09:13 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 09:13 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 09:13 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-09 09:13 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 09:12 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-09 09:12 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 09:12 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 09:12 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 09:12 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 09:12 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-05 15:06 . 2009-09-12 15:28 -------- d-----w- c:\program files\SpywareBlaster
2009-09-05 15:03 . 2009-09-12 18:00 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-05 15:03 . 2009-09-10 06:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-05 14:45 . 2009-09-05 14:47 -------- d-----w- c:\program files\OpenOffice
2009-09-03 21:35 . 2009-09-03 21:35 -------- d-----w- c:\programdata\SiteAdvisor
2009-09-03 21:33 . 2009-07-08 11:44 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-09-03 21:33 . 2009-07-08 11:44 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-09-03 21:33 . 2009-07-08 11:44 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-09-03 21:33 . 2009-07-16 10:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-09-03 21:33 . 2009-09-03 21:33 -------- d-----w- c:\program files\Common Files\McAfee
2009-09-03 21:33 . 2009-09-03 21:33 -------- d-----w- c:\program files\McAfee.com
2009-09-03 21:33 . 2009-09-08 14:45 -------- d-----w- c:\program files\McAfee
2009-09-03 21:23 . 2009-07-08 11:43 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-09-03 20:55 . 2009-09-04 05:33 -------- d-----w- c:\programdata\McAfee
2009-09-01 17:38 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-01 17:38 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-29 14:36 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-29 14:36 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-29 14:36 . 2009-08-29 14:36 -------- d-----w- c:\programdata\Malwarebytes
2009-08-29 14:36 . 2009-09-12 15:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-29 14:07 . 2009-08-30 09:47 -------- d-----w- c:\program files\gmer
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\users\Nessuno\AppData\Roaming\SUPERAntiSpyware.com
2009-08-29 10:14 . 2009-08-29 10:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-26 11:57 . 2009-08-26 11:57 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-08-26 11:53 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-25 12:38 . 2009-08-25 12:38 -------- d-----w- c:\users\Nessuno\AppData\Roaming\InstallShield
2009-08-15 18:00 . 2009-08-15 18:00 -------- d-----w- c:\program files\Common Files\Adobe

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

2009-09-13 07:53 . 2008-01-21 06:30 719842 ----a-w- c:\windows\system32\perfh010.dat
2009-09-13 07:53 . 2008-01-21 06:30 142438 ----a-w- c:\windows\system32\perfc010.dat
2009-09-12 15:56 . 2008-10-23 11:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-09 09:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-05 17:43 . 2009-06-28 10:54 105536 ----a-w- c:\users\Nessuno\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-05 17:31 . 2009-06-28 10:13 -------- d-----w- c:\programdata\Microsoft Help
2009-08-15 18:14 . 2009-07-07 16:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-28 18:41 . 2009-06-28 17:37 -------- d-----w- c:\users\Nessuno\AppData\Roaming\Skype
2009-07-28 18:28 . 2009-06-28 17:38 -------- d-----w- c:\users\Nessuno\AppData\Roaming\skypePM
2009-07-21 21:52 . 2009-07-28 18:34 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 18:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 18:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 18:34 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-12 17:11 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-12 16:58 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-12 16:59 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-12 16:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-12 16:59 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-12 14:44 . 2009-06-30 11:32 51656 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2009-07-08 11:44 . 2009-07-08 11:44 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-06-28 17:38 . 2009-06-28 17:38 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-06-15 23:15 . 2009-08-12 17:24 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 14:54 . 2009-08-12 17:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-06-15 14:53 . 2009-07-14 18:01 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 14:53 . 2009-08-12 17:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-06-15 14:53 . 2009-08-12 17:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 14:53 . 2009-08-12 17:24 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-15 14:52 . 2009-08-12 17:24 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-15 14:52 . 2009-07-14 18:01 23552 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 14:52 . 2009-08-12 17:24 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-06-15 14:52 . 2009-07-14 18:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 14:51 . 2009-07-14 18:01 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:48 . 2009-08-12 17:24 9728 ----a-w- c:\windows\system32\lsass.exe
2009-06-15 12:42 . 2009-07-14 18:01 289792 ----a-w- c:\windows\system32\atmfd.dll

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-17 270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-28 24576]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-10-17 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 16:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f7,8a,68,93,6d,fa,c9,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-442661990-26195359-2138172642-1003]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C72323E2-6313-4A3D-B011-9AF80B42695B}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{F946111D-ED4C-4979-AD38-A1C259D11F29}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{B00A9488-7225-4D7A-AB1F-0C66B1F94A1D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{A14EC714-47DD-4E7D-B588-B041646E3505}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [05/08/2009 16.06.28 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [05/08/2009 16.06.28 74480]
R2 BcmSqlStartupSvc;Servizio di avvio SQL Server di Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16/01/2008 10.41.32 30312]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [03/09/2009 23.35.32 206112]
R2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [28/06/2009 12.43.20 303104]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 20.09.28 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [23/10/2008 13.09.24 104992]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [05/09/2009 17.03.15 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [28/06/2009 12.05.19 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\VAIO Power Management\SPMService.exe [23/10/2008 17.38.00 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [11/09/2008 19.28.26 446464]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [28/06/2009 12.05.19 17920]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [23/10/2008 20.51.29 9344]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22.31.10 29263712]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [05/08/2009 16.06.30 7408]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\VAIO Media plus\SOHCImp.exe [28/06/2009 12.35.20 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\VAIO Media plus\SOHDms.exe [28/06/2009 12.35.20 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\VAIO Media plus\SOHDs.exe [28/06/2009 12.35.20 62752]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [28/06/2009 12.30.41 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [28/06/2009 12.31.08 83232]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-09-04 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-03 19:26]

2009-09-04 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-03 19:26]

------- Scansione supplementare -------

uStart Page = hxxp://www.google.it/
mStart Page = about:blank

- - - - CHIAVI ORFANE RIMOSSE - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-13 10:27
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\ABU\Automated Build Utility 4.0]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Local AppWizard-Generated Applications\SkyTel]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\EqualizerSettings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\HME]
@DACL=(02 0000)
@SACL=
"LocalLibraryID"="{97D9F0F0-EA9E-471A-952B-35349168F728}"
"UPnPID"="{5CE6CACB-E58D-4E7C-9E5E-09D416AB1191}"

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\ProxySettings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000059
.
Ora fine scansione: 2009-09-13 10.29.52
ComboFix-quarantined-files.txt 2009-09-13 08:29

Pre-Run: 105.655.877.632 byte disponibili
Post-Run: 105.585.684.480 byte disponibili

252 --- E O F --- 2009-09-09 09:19
Avatar utente
barocco
Aficionado
Aficionado
 
Messaggi: 80
Iscritto il: lun giu 01, 2009 11:09 am

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising