Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Controllo report ComboFix

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Controllo report ComboFix

Messaggioda Roberto88 » lun apr 26, 2010 5:40 pm

potreste dare una controllatina ?

ComboFix 10-04-21.01 - Roberto 26/04/2010 18.17.48.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1023.549 [GMT 2:00]
Eseguito da: c:\documents and settings\Roberto\Desktop\LAlaLa.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2010-03-26 al 2010-04-26 )))))))))))))))))))))))))))))))))))
.

2010-04-26 11:13 . 2010-04-26 11:13 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\ArcticLine
2010-04-26 11:13 . 2010-04-26 11:13 -------- d-----w- c:\programmi\Folder Marker
2010-04-18 11:16 . 2010-04-18 11:16 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\SuperUtils.com
2010-04-18 11:16 . 2010-04-18 11:16 -------- d-----w- c:\programmi\SuperUtils.com
2010-04-15 20:01 . 2010-04-18 12:18 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\LimeWire
2010-04-15 20:00 . 2010-04-15 20:01 -------- d-----w- c:\programmi\LimeWire
2010-04-14 18:11 . 2010-04-14 18:11 -------- d-----w- c:\programmi\Eraser
2010-04-14 11:01 . 2010-04-20 22:57 -------- d-----w- c:\programmi\SpywareBlaster
2010-04-09 20:48 . 2010-04-09 20:48 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-04-07 21:15 . 2010-04-07 21:15 -------- d-----w- c:\programmi\IObit
2010-04-07 19:28 . 2010-04-07 19:28 -------- d-----w- c:\programmi\FolderSize
2010-03-31 18:36 . 2010-03-31 18:36 -------- d-----w- c:\programmi\MSSOAP
2010-03-31 18:35 . 2010-03-31 18:35 -------- d-----w- c:\programmi\Webroot
2010-03-31 18:32 . 2010-03-31 18:32 164 ----a-w- c:\windows\install.dat
2010-03-31 18:05 . 2010-04-13 20:39 -------- d-----w- c:\programmi\Auslogics
2010-03-31 18:02 . 2010-04-21 18:50 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\AIMP
2010-03-31 18:02 . 2010-03-31 18:02 -------- d-----w- c:\programmi\AIMP2
2010-03-30 11:34 . 2010-03-30 11:34 5918776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-28 12:09 . 2010-03-28 12:09 -------- d-----w- c:\programmi\Registry Defragmentation

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-26 16:10 . 2010-02-12 12:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-04-26 14:04 . 2010-03-07 23:25 -------- d-----w- c:\programmi\PeerBlock
2010-04-26 13:07 . 2010-02-01 22:46 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\TeraCopy
2010-04-26 13:04 . 2010-02-01 22:47 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\uTorrent
2010-04-26 11:01 . 2010-02-27 15:24 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-04-26 10:55 . 2010-02-16 22:33 -------- d-----w- c:\programmi\Ninja
2010-04-20 10:15 . 2010-03-07 23:38 -------- d-----w- c:\programmi\PC Tools Firewall Plus
2010-04-18 13:05 . 2010-04-18 13:05 -------- d-----w- c:\programmi\K-Lite Codec Pack
2010-04-16 18:00 . 2010-04-18 13:05 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-15 20:31 . 2010-03-22 16:55 -------- d-----w- c:\programmi\Wise Disk Cleaner
2010-04-15 18:52 . 2010-02-01 22:49 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\vlc
2010-04-14 16:47 . 2010-03-07 13:16 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-14 16:47 . 2010-03-07 13:16 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-14 16:35 . 2010-03-07 13:16 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-14 16:35 . 2010-03-07 13:16 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-14 16:31 . 2010-03-07 13:16 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-14 16:31 . 2010-03-07 13:16 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-14 16:31 . 2010-03-07 13:16 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-14 16:31 . 2010-03-07 13:17 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-14 16:30 . 2010-03-07 13:16 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-08 12:45 . 2010-02-04 01:12 -------- d-----w- c:\programmi\eMule
2010-04-07 16:15 . 2010-04-18 13:05 3297280 ----a-w- c:\windows\system32\x264vfw.dll
2010-04-01 11:45 . 2010-03-14 14:53 -------- d-----w- c:\programmi\Wise Registry Cleaner
2010-03-30 11:37 . 2010-02-19 13:40 117760 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-30 11:35 . 2010-02-04 01:11 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-29 22:46 . 2010-02-04 01:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2010-02-04 01:11 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-29 14:54 . 2010-02-01 22:49 -------- d-----w- c:\programmi\CCleaner
2010-03-28 12:04 . 2004-08-19 12:00 83934 ----a-w- c:\windows\system32\perfc010.dat
2010-03-28 12:04 . 2004-08-19 12:00 489038 ----a-w- c:\windows\system32\perfh010.dat
2010-03-28 12:01 . 2010-03-01 23:50 -------- d-----w- c:\programmi\Glary Utilities
2010-03-26 12:24 . 2010-03-26 12:24 -------- d-----w- c:\programmi\SIW
2010-03-25 17:48 . 2010-02-10 00:34 1 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-25 13:44 . 2010-03-25 13:44 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Free Audio Editor
2010-03-25 13:44 . 2010-03-25 13:44 -------- d-----w- c:\programmi\Free Audio Editor
2010-03-19 08:23 . 2010-03-03 13:17 -------- d-----w- c:\programmi\Songr
2010-03-18 12:13 . 2010-03-18 12:13 -------- d-----w- c:\programmi\Everything
2010-03-17 15:25 . 2010-03-17 15:25 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Lunascape
2010-03-17 15:24 . 2010-03-17 15:24 -------- d-----w- c:\programmi\Lunascape
2010-03-17 12:30 . 2010-03-17 12:30 -------- d-----w- c:\programmi\Er Finestra
2010-03-16 16:24 . 2010-02-09 12:19 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Software Informer
2010-03-15 18:48 . 2010-03-15 18:48 -------- d-----w- c:\programmi\YourWare Solutions
2010-03-15 09:31 . 2010-02-06 19:32 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-14 16:16 . 2010-03-14 16:16 0 ----a-w- c:\windows\nsreg.dat
2010-03-14 15:45 . 2010-03-14 15:45 -------- d-----w- c:\programmi\Quicksys
2010-03-14 15:43 . 2010-03-14 15:43 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\ChemTable Software
2010-03-14 15:43 . 2010-03-14 15:43 -------- d-----w- c:\programmi\Registry Life
2010-03-14 15:19 . 2010-03-14 15:14 -------- d-----w- c:\programmi\iColorFolder
2010-03-13 17:47 . 2010-03-13 17:47 -------- d-----w- c:\programmi\SpeedFan
2010-03-13 15:42 . 2010-02-01 22:45 -------- d-----w- c:\programmi\Notepad++
2010-03-13 15:39 . 2010-02-19 18:10 -------- d-----w- c:\programmi\7-Zip
2010-03-11 18:01 . 2010-02-17 12:56 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Auslogics
2010-03-11 14:32 . 2010-03-11 14:31 -------- d-----w- c:\programmi\WinUtilities
2010-03-10 15:04 . 2010-03-10 15:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2010-03-10 15:04 . 2010-03-10 15:04 -------- d-----w- c:\programmi\Messenger Plus! Live
2010-03-10 09:46 . 2010-02-01 22:48 -------- d-----w- c:\programmi\uTorrent
2010-03-10 06:15 . 2004-08-19 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-09 21:09 . 2010-03-09 21:04 -------- d-----w- c:\programmi\TuneUp Utilities 2010
2010-03-09 21:02 . 2010-03-09 21:02 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-03-08 12:49 . 2010-03-08 12:49 -------- d-----w- c:\programmi\FileHippo.com
2010-03-07 23:42 . 2010-03-07 23:41 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\PCToolsFirewallPlus
2010-03-07 23:38 . 2010-03-07 23:38 -------- d-----w- c:\programmi\File comuni\PC Tools
2010-03-07 13:16 . 2010-03-07 13:16 -------- d-----w- c:\programmi\Alwil Software
2010-03-07 13:16 . 2010-03-07 13:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-03-07 13:02 . 2010-03-07 13:02 -------- d-----w- c:\programmi\VS Revo Group
2010-03-07 12:34 . 2010-03-07 12:34 -------- d-----w- c:\programmi\MyDefrag v4.2.9
2010-03-04 15:33 . 2010-03-03 13:17 -------- d-----w- c:\programmi\PicPick
2010-03-03 13:18 . 2010-03-03 13:17 -------- d-----w- c:\programmi\Free Extended Task Manager
2010-03-03 13:17 . 2010-03-03 13:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TaskManager
2010-03-02 16:51 . 2010-02-06 00:43 -------- d-----w- c:\programmi\Opera
2010-03-01 23:53 . 2010-03-01 23:53 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\GlarySoft
2010-02-28 19:54 . 2010-02-28 19:51 -------- d-----w- c:\programmi\ATI
2010-02-28 19:43 . 2010-02-01 18:55 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\ATI
2010-02-27 21:05 . 2010-02-27 21:05 -------- d-----w- c:\programmi\Bit Che
2010-02-27 21:05 . 2010-02-27 21:05 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Convivea
2010-02-27 15:22 . 2010-02-27 15:22 -------- d-----w- c:\programmi\Paint.NET
2010-02-25 10:03 . 2010-03-09 21:05 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-02-25 09:56 . 2010-03-09 21:05 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-25 06:16 . 2004-08-19 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-10-28 01:14 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-19 13:41 . 2010-02-19 13:41 52224 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-19 13:40 . 2010-02-19 13:40 65024 ----a-r- c:\documents and settings\Roberto\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2010-02-19 13:40 . 2010-02-19 13:40 5120 ----a-r- c:\documents and settings\Roberto\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2010-02-19 13:40 . 2010-02-19 13:40 18944 ----a-r- c:\documents and settings\Roberto\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2010-02-18 15:53 . 2010-02-01 18:56 19080 ----a-w- c:\documents and settings\Roberto\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-18 15:33 . 2010-02-01 18:00 23604 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-16 19:05 . 2004-08-19 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:05 . 2004-08-19 15:34 2028032 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-13 16:34 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:33 . 2004-08-19 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-19 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-03 21:45 . 2010-02-03 21:45 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-01 22:45 . 2010-02-01 22:45 503808 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7a5a68fd-n\msvcp71.dll
2010-02-01 22:45 . 2010-02-01 22:45 499712 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7a5a68fd-n\jmc.dll
2010-02-01 22:45 . 2010-02-01 22:45 348160 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7a5a68fd-n\msvcr71.dll
2010-02-01 22:45 . 2010-02-01 22:45 61440 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1005022a-n\decora-sse.dll
2010-02-01 22:45 . 2010-02-01 22:45 12800 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1005022a-n\decora-d3d.dll
2010-02-01 22:45 . 2010-02-01 22:45 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-01 21:30 . 2010-02-01 18:03 76875 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-01 18:15 . 2010-02-01 18:15 136 ----a-w- c:\documents and settings\Roberto\Impostazioni locali\Dati applicazioni\fusioncache.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-17 17880576]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^ninja.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ninja.lnk
backup=c:\windows\pss\ninja.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Roberto^Menu Avvio^Programmi^Esecuzione automatica^ERUNT AutoBackup.lnk]
backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Roberto^Menu Avvio^Programmi^Esecuzione automatica^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Roberto^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00PCTFW]
2010-01-12 10:41 3168216 ----a-w- c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Collegamento alla pagina delle proprietà di High Definition Audio]
2005-01-07 16:07 61952 ----a-w- c:\windows\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:14 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2010-04-10 06:45 979344 ----a-w- c:\progra~1\Eraser\Eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-01 22:31 135664 ----atw- c:\documents and settings\Roberto\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-03-29 22:46 437584 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx]
2010-01-26 12:13 1214128 ----a-w- c:\programmi\My Lockbox\mylbx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock]
2009-09-28 01:02 1524824 ----a-w- c:\programmi\PeerBlock\peerblock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-11-09 03:17 180224 ----a-w- c:\programmi\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 12:58 495616 ----a-w- c:\programmi\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-11-20 17:15 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
2009-09-17 02:30 1933381 ----a-w- c:\programmi\Software Informer\softinfo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\programmi\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 14:21 246504 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-02-18 15:40 2012912 ----a-w- c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-01 22:31 39408 ----a-w- c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-03-09 02:52 15872 ----a-w- c:\programmi\Unlocker\UnlockerAssistant.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"FreeRAM XP"="c:\programmi\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"PicPick Start"=c:\programmi\PicPick\picpick.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Collegamento alla pagina delle proprietà di High Definition Audio"=HDAShCut.exe
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [02/02/2010 0.55.25 43792]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [07/03/2010 15.16.59 162768]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [08/03/2010 1.38.57 233136]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 11.25.50 12872]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [17/02/2010 11.15.58 66632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07/03/2010 15.17.00 19024]
R2 fsproflt;FSPro Filter Service;c:\windows\system32\fsproflt.exe [02/02/2010 0.55.25 142648]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [08/03/2010 1.38.59 88040]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programmi\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25/02/2010 11.59.54 1047880]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [08/03/2010 1.38.39 70664]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [08/03/2010 1.38.39 58816]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [08/03/2010 1.38.37 115216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programmi\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25/02/2010 11.18.08 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [03/02/2010 23.45.49 716272]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [02/02/2010 0.31.43 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21/02/2010 20.27.39 1684736]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [10/02/2010 2.31.34 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [10/02/2010 2.31.34 8456]
S3 pbfilter;pbfilter;c:\programmi\PeerBlock\pbfilter.sys [08/03/2010 1.25.45 14424]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [17/02/2010 11.15.58 12872]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2010-04-26 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2010-03-01 12:03]

2010-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-01 22:31]

2010-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-01 22:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\0x9lw0ix.default\
FF - plugin: c:\documents and settings\Roberto\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\programmi\Opera\program\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-26 18:23
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


C:\My Lockbox

Scansione completata con successo
Files nascosti: 1

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1284)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(15408)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2010-04-26 18:26:39
ComboFix-quarantined-files.txt 2010-04-26 16:26
ComboFix2.txt 2010-02-16 23:30

Pre-Run: 26.884.300.800 byte disponibili
Post-Run: 26.858.737.664 byte disponibili

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - AC73E068D83D6881DAAFBAA951E0256A

[grazie] a tutti in anticipo [std]
within the truth of evil and good there's more than you see
....much more than you should
Avatar utente
Roberto88
Bronze Member
Bronze Member
 
Messaggi: 968
Iscritto il: mar nov 11, 2008 11:17 pm

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising