luke 57 ti posto il resoconto
Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm.exe
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_nav.dat
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_navps.dat
.
((((((((((((((((((((((((( Files Creati Da 2008-10-20 al 2008-11-20 )))))))))))))))))))))))))))))))))))
.
2008-11-17 14:01 . 2008-11-17 14:03 <DIR> d-------- c:\windows\system32\HWC HD
2008-11-17 14:01 . 2006-08-01 12:31 3,600,384 --a------ c:\windows\ffmpeg.exe
2008-11-16 18:49 . 2008-02-22 12:30 334,792 --a------ c:\windows\system32\_AxShlEx.dll
2008-11-16 18:02 . 2008-11-16 18:02 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\vlc
2008-11-15 17:30 . 2008-11-18 20:39 69 --a------ c:\windows\NeroDigital.ini
2008-11-15 17:26 . 2008-11-15 17:30 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\ArcSoft
2008-11-15 17:25 . 2008-11-15 17:25 <DIR> d-------- c:\programmi\File comuni\ArcSoft
2008-11-15 17:25 . 2006-11-10 15:05 18,688 --a------ c:\windows\system32\drivers\afc.sys
2008-11-15 17:24 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\system32\gdiplus.dll
2008-11-15 17:24 . 2008-11-15 17:24 1,156 --a------ c:\windows\mozver.dat
2008-11-15 17:23 . 2008-11-18 13:29 <DIR> d-------- c:\windows\OvtCam
2008-11-15 17:23 . 2005-06-21 10:29 245,408 --a------ c:\windows\system32\unicows.dll
2008-11-15 17:23 . 1995-08-01 04:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-11-15 17:22 . 2008-11-17 14:01 <DIR> d-------- c:\programmi\Hercules
2008-11-15 17:22 . 2005-03-15 17:04 161,792 --a------ c:\windows\system32\drivers\ov530vid.sys
2008-11-15 17:22 . 2004-08-05 17:34 61,440 --a------ c:\windows\ov530dib.dll
2008-11-15 17:22 . 2005-09-30 09:42 40,960 --a------ c:\windows\system32\ov530ext.dll
2008-11-15 17:22 . 2004-11-09 00:37 25,177 --a------ c:\windows\system32\drivers\ov530cmd.sys
2008-11-15 17:22 . 2005-09-30 09:56 18,972 --a------ c:\windows\system32\ov530ext.ax
2008-11-15 17:22 . 2004-07-20 01:50 16,440 --a------ c:\windows\system32\ov530usd.dll
2008-11-15 16:55 . 2008-11-15 16:55 <DIR> d-------- c:\documents and settings\mikko\Contacts
2008-11-15 16:53 . 2008-11-15 16:53 268 --ah----- C:\sqmdata02.sqm
2008-11-15 16:53 . 2008-11-15 16:53 244 --ah----- C:\sqmnoopt02.sqm
2008-11-15 16:46 . 2008-11-15 16:46 0 --a------ c:\windows\nsreg.dat
2008-11-15 16:35 . 2008-11-15 16:35 268 --ah----- C:\sqmdata01.sqm
2008-11-15 16:35 . 2008-11-15 16:35 244 --ah----- C:\sqmnoopt01.sqm
2008-11-15 16:34 . 2008-11-15 16:38 <DIR> d-------- c:\programmi\Motive
2008-11-15 16:34 . 2008-11-15 16:34 <DIR> d-------- c:\programmi\Common Files
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\programmi\Telecom Italia
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Comodo
2008-11-15 16:27 . 2008-11-15 16:27 268 --ah----- C:\sqmdata00.sqm
2008-11-15 16:27 . 2008-11-15 16:27 244 --ah----- C:\sqmnoopt00.sqm
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\Vista Start Menu
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\VideoLAN
2008-11-15 16:22 . 2008-11-19 19:50 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Vista Start Menu
2008-11-15 16:21 . 2008-11-15 16:21 <DIR> d-------- c:\programmi\uTorrent
2008-11-15 16:21 . 2008-11-15 17:32 <DIR> d-------- c:\programmi\Spybot - Search & Destroy
2008-11-15 16:21 . 2008-11-20 14:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\uTorrent
2008-11-15 16:21 . 2008-11-17 20:02 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-15 16:20 . 2008-11-15 16:20 <DIR> d-------- c:\programmi\MSN Messenger
2008-11-15 16:19 . 2008-11-15 16:19 <DIR> d-------- c:\programmi\Foxit Software
2008-11-15 16:18 . 2008-11-19 18:46 <DIR> d-------- c:\programmi\eMule
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\programmi\DVD Shrink
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2008-11-15 16:17 . 2008-11-15 16:17 <DIR> d-------- c:\programmi\IObit
2008-11-15 16:16 . 2008-11-15 16:16 <DIR> d-------- c:\programmi\7-Zip
2008-11-15 16:14 . 2008-11-15 16:14 <DIR> d-------- c:\programmi\Xilisoft
2008-11-15 16:13 . 2008-11-15 16:13 <DIR> d-------- c:\programmi\Total Video Converter
2008-11-15 16:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\windows\Downloaded Installations
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver
2008-11-15 16:11 . 2008-11-15 16:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\programmi\Nero
2008-11-15 16:10 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\File comuni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nero
2008-11-15 16:07 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\Elaborate Bytes
2008-11-15 16:06 . 2008-11-15 16:06 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\SlySoft
2008-11-15 16:04 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\SlySoft
2008-11-15 16:04 . 2008-11-15 16:58 24 ---hs---- c:\windows\S12589416.tmp
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\CCleaner
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\Allok Audio Converter
2008-11-15 16:03 . 2002-01-05 13:37 344,064 --a------ c:\windows\system32\Msvcr70.dll
2008-11-15 16:03 . 2002-06-25 06:28 40,960 --a------ c:\windows\system32\wavdest.ax
2008-11-15 16:01 . 2008-11-15 16:01 <DIR> d-------- c:\programmi\COMODO
2008-11-15 16:01 . 2008-11-15 16:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\comodo
2008-11-15 16:01 . 2008-11-18 17:57 143,096 --a------ c:\windows\system32\guard32.dll
2008-11-15 16:01 . 2008-11-18 17:57 99,216 --a------ c:\windows\system32\drivers\cmdguard.sys
2008-11-15 16:01 . 2008-11-18 17:57 31,504 --a------ c:\windows\system32\drivers\cmdhlp.sys
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-15 16:00 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\programmi\Avira
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avira
2008-11-15 15:52 . 2008-11-15 15:52 <DIR> d-------- c:\programmi\Alcohol Soft
2008-11-15 15:48 . 2008-11-15 15:48 716,272 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-15 13:19 . 2008-11-16 17:10 <DIR> d-------- C:\VideoSec
2008-11-15 13:13 . 2008-11-15 17:35 <DIR> d--h----- C:\ASUS.000
2008-11-15 13:12 . 2008-11-15 13:12 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Corel
2008-11-15 13:12 . 2008-11-15 13:12 2,516 --ahs---- c:\windows\system32\KGyGaAvL.sys
2008-11-15 13:12 . 2008-11-15 13:12 8 -r-hs---- c:\windows\system32\8736CE1C6F.sys
2008-11-15 12:24 . 2008-11-15 12:59 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ulead Systems
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-19 19:55 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-11-17 13:01 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-15 15:34 155,995 ----a-w c:\windows\java\Packages\2XNX39V7.ZIP
2008-11-15 11:56 --------- d-----w c:\programmi\File comuni\Ulead Systems
2008-11-15 11:56 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2008-11-15 11:18 --------- d-----w c:\programmi\File comuni\Symantec Shared
2008-11-14 22:05 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Symantec
2008-11-14 21:48 --------- d-----w c:\programmi\ASUS
2008-11-14 21:47 --------- d-----w c:\programmi\My Company Name
2008-11-14 21:38 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\WinZip
2008-11-14 21:37 --------- d-----w c:\programmi\Ulead Systems
2008-11-14 21:37 --------- d-----w c:\programmi\File comuni\InstallShield
2008-11-14 21:37 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\InstallShield
2008-11-14 21:34 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Corel
2008-11-14 21:22 --------- d-----w c:\programmi\VIA
2008-11-14 21:21 --------- d-----w c:\programmi\NVIDIA Corporation
2008-11-14 21:17 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\Symantec
2008-11-14 21:13 --------- d-----w c:\programmi\AMD
2008-11-14 21:13 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\InstallShield
2008-11-14 21:01 --------- d-----w c:\programmi\microsoft frontpage
2008-11-14 21:00 --------- d-----w c:\programmi\Servizi in linea
2008-11-14 20:58 --------- d-----w c:\programmi\Windows Media Connect 2
2008-09-18 13:52 1,571,840 ----a-w c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"VistaStartMenu"="c:\programmi\Vista Start Menu\VistaStartMenu.exe" [2007-12-12 1704624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-15 29831168]
"Ulead AutoDetector v2"="c:\programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2008-11-18 1796856]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WireLessMouse"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\MouseDrv.exe" [2005-11-03 286720]
"WireLessKeyboard"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe" [2005-11-03 925696]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]
"_nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FILECO~1\ULEADS~1\vio\dvacm.acm
"vidc.asv2"= asusasv2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2008-11-16 18:49 4608 c:\programmi\Alcohol Soft\Alcohol 120\AxCmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-15 99216]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-15 31504]
R1 EIO_XP;EIO_XP;\??\c:\windows\system32\drivers\EIO_XP.sys [2008-11-14 12288]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2008-11-14 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2008-05-03 38176]
R3 ovt530;Hercules Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys [2008-11-15 161792]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-14 238080]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2008-11-14 10752]
*Newly Created Service* - PROCEXP90
.
.
------- Supplementare di scansione -------
.
FireFox -: Profile - c:\documents and settings\mikko\Dati applicazioni\Mozilla\Firefox\Profiles\bw5rqorz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
hxxp://virgilio.alice.it/.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-20 14:13:01
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2008-11-20 14.13.32
ComboFix-quarantined-files.txt 2008-11-20 13:13:29
Pre-Run: 13.395.144.704 byte disponibili
Post-Run: 13,385,334,784 byte disponibili