Condividi:        

problemi windows

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

problemi windows

Postdi nerone » 17/09/09 17:48

Carissimi, tutti voi che vorrete e potrete aiutarmi:-)
il mio windows xp sp2 fa le bizze e allora ho avviato combofix di cui incollo il contenuto del log.txt, chi mi potrà aiutare a capire se "sono" infetto guadagnerà in stima, Grazie
ecco il log
Codice: Seleziona tutto
ComboFix 09-09-16.05 - io 17/09/2009 17:54.2.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1040.18.1023.394 [GMT 2:00]
Eseguito da: c:\documents and settings\io\Desktop\Antivirus\3.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-239141780-3640739885-1542234150-1000
c:\$recycle.bin\S-1-5-21-495129006-2586507952-2273460967-1001
c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
c:\documents and settings\All Users\Dati applicazioni\Microsoft\MSDN\9.0\1040\ResourceCache.dll
c:\documents and settings\All Users\Dati applicazioni\Microsoft\VWDExpress\9.0\1040\ResourceCache.dll
c:\documents and settings\io\Dati applicazioni\Microsoft\Clip Organizer\mstore10.mgc
c:\documents and settings\io\Dati applicazioni\Microsoft\Clip Organizer\Offic10.MGC
c:\documents and settings\io\Dati applicazioni\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

.
(((((((((((((((((((((((((   Files Creati Da 2009-08-17 al 2009-09-17  )))))))))))))))))))))))))))))))))))
.

2009-09-17 15:48 . 2009-09-17 15:50   --------   d-----w-   C:\3
2009-09-17 10:32 . 2009-09-17 12:24   --------   d-----w-   C:\$AVG8.VAULT$
2009-09-11 11:35 . 2004-08-19 17:27   194048   ----a-w-   c:\windows\system32\activeds.dll
2009-09-10 09:00 . 2009-09-10 09:00   --------   d-----w-   c:\documents and settings\Ra.COMPUTER\Phone Browser
2009-09-07 14:25 . 2009-09-07 14:25   1392304   ----a-w-   c:\windows\system32\AutoPartNt.exe
2009-09-07 03:52 . 2009-09-07 03:52   --------   d-----w-   C:\Boot
2009-09-06 10:34 . 2009-09-06 10:34   --------   d-----r-   c:\documents and settings\LocalService\Preferiti
2009-09-06 10:06 . 2009-07-28 14:34   55656   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2009-09-06 09:47 . 2009-09-06 09:47   --------   d-----w-   c:\documents and settings\Ra.COMPUTER\Dati applicazioni\Zeon
2009-09-06 09:46 . 2009-09-06 09:46   --------   d-----w-   c:\documents and settings\Ra.COMPUTER\Impostazioni locali\Dati applicazioni\AnVir
2009-09-06 09:41 . 2009-09-06 09:41   --------   d-sh--w-   c:\documents and settings\Ra.COMPUTER\IECompatCache
2009-09-06 09:41 . 2009-09-06 09:41   --------   d-sh--w-   c:\documents and settings\Ra.COMPUTER\PrivacIE
2009-09-06 09:36 . 2008-10-29 18:26   --------   d--h--w-   c:\documents and settings\Ra.COMPUTER\Modelli
2009-09-06 09:36 . 2008-10-29 15:45   --------   d--h--w-   c:\documents and settings\Ra.COMPUTER\Risorse di stampa
2009-09-06 09:36 . 2008-10-29 15:45   --------   d--h--w-   c:\documents and settings\Ra.COMPUTER\Risorse di rete
2009-09-06 09:36 . 2008-10-29 15:45   --------   d-----r-   c:\documents and settings\Ra.COMPUTER\Menu Avvio
2009-08-29 08:49 . 2004-08-19 17:27   71680   ------w-   c:\windows\system32\ssdpsrv.dll
2009-08-29 08:48 . 2008-09-04 16:44   1106944   ----a-w-   c:\windows\system32\msxml3.dll
2009-08-29 08:47 . 2004-08-19 17:27   7680   ----a-w-   c:\windows\system32\kbdcan.dll
2009-08-29 08:46 . 2008-11-23 14:51   410976   ----a-w-   c:\windows\system32\deploytk.dll
2009-08-29 08:43 . 2009-09-14 20:30   --------   d-----w-   c:\windows\system32\it-it
2009-08-29 08:42 . 2006-05-03 09:50   1540608   ----a-w-   c:\windows\system32\drivers\ati2mtag.sys
2009-08-29 08:41 . 2009-02-09 10:18   473088   ----a-w-   c:\windows\system32\wbem\fastprox.dll
2009-08-29 08:41 . 2004-08-19 17:27   53248   ----a-w-   c:\windows\system32\wbem\fwdprov.dll
2009-08-29 08:41 . 2004-08-19 17:27   22016   ----a-w-   c:\windows\system32\wbem\evntrprv.dll
2009-08-29 08:41 . 2004-08-19 17:27   185856   ----a-w-   c:\windows\system32\wbem\framedyn.dll
2009-08-29 08:41 . 2004-08-19 17:27   45568   ----a-w-   c:\windows\system32\wbem\CmdEvTgProv.dll
2009-08-29 08:41 . 2004-08-19 17:27   247808   ----a-w-   c:\windows\system32\wbem\esscli.dll
2009-08-29 08:41 . 2004-08-19 17:27   120320   ----a-w-   c:\windows\system32\wbem\dsprov.dll
2009-08-29 08:41 . 2009-08-29 08:42   --------   d-----w-   c:\windows\system32\wbem
2009-08-29 08:41 . 2004-08-19 17:27   1352704   ----a-w-   c:\windows\system32\wbem\cimwin32.dll
2009-08-29 08:39 . 2008-08-20 05:35   1495040   ----a-w-   c:\windows\system32\dllcache\shdocvw.dll
2009-08-29 08:38 . 2009-02-09 11:48   2061440   ----a-w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2009-08-29 08:37 . 2004-08-19 17:27   6144   ----a-w-   c:\windows\system32\dllcache\kbdfr.dll
2009-08-29 08:36 . 2009-03-08 02:33   18944   ----a-w-   c:\windows\system32\dllcache\corpol.dll
2009-08-29 08:04 . 2009-09-17 16:16   --------   d-----w-   c:\windows\system32
2009-08-27 15:34 . 2009-08-27 15:34   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\F-Secure
2009-08-20 22:29 . 2009-09-15 15:58   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\vlc
2009-08-19 13:32 . 2009-08-19 14:13   --------   d-----w-   c:\programmi\NETGEAR WG311v2 Adapter

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-17 15:48 . 2009-03-07 14:05   --------   d-----w-   c:\programmi\Malwarebytes' Anti-Malware
2009-09-17 08:51 . 2009-07-15 10:07   --------   d-----w-   c:\programmi\Blue Coat K9 Web Protection
2009-09-15 19:01 . 2008-10-30 14:10   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\uTorrent
2009-09-15 18:16 . 2009-08-29 08:36   --------   d-----w-   c:\windows\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2009-09-11 11:38 . 2009-08-16 21:41   --------   d-----w-   c:\programmi\File comuni\NSL
2009-09-10 13:23 . 2008-11-05 18:15   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\iTALC
2009-09-10 12:54 . 2009-08-29 08:43   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-08-29 08:43   19160   ----a-w-   c:\windows\system32\drivers\mbam.sys
2009-09-09 18:36 . 2009-03-14 14:34   --------   d-----w-   c:\programmi\Microsoft Silverlight
2009-09-09 18:02 . 2008-10-30 13:47   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-09-05 15:33 . 2008-10-20 19:49   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\SolidDocuments
2009-09-05 15:00 . 2009-01-05 18:32   --------   d---a-w-   c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-08-29 11:26 . 2009-07-11 09:37   3193   ----a-w-   c:\documents and settings\io\Dati applicazioni\SAS7_000.DAT
2009-08-29 08:36 . 2009-08-29 08:36   --------   d-----w-   c:\windows\system32\config\systemprofile\Dati applicazioni\Zeon
2009-08-26 15:04 . 2008-11-08 17:43   --------   d-----w-   c:\programmi\Bit Che
2009-08-23 15:26 . 2009-08-29 08:46   11952   ----a-w-   c:\windows\system32\avgrsstx.dll
2009-08-23 15:26 . 2009-08-29 08:43   335240   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2009-08-23 15:26 . 2009-08-29 08:43   27784   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 22:34 . 2009-04-21 17:41   --------   d-----w-   c:\programmi\File comuni\Adobe AIR
2009-08-19 14:14 . 2008-10-31 13:43   --------   d--h--w-   c:\programmi\InstallShield Installation Information
2009-08-19 13:28 . 2009-08-29 08:43   62865   ----a-w-   c:\windows\system32\drivers\odysseyIM3.sys
2009-08-19 13:25 . 2009-08-29 08:43   386688   ----a-w-   c:\windows\system32\drivers\netwg311.sys
2009-08-19 13:25 . 2009-08-29 08:43   84912   ----a-w-   c:\windows\system32\drivers\FwRad17.bin
2009-08-19 13:25 . 2009-08-29 08:43   83320   ----a-w-   c:\windows\system32\drivers\FwRad16.bin
2009-08-13 15:33 . 2009-08-13 15:33   --------   d-----w-   c:\programmi\Advanced IP Scanner
2009-08-05 09:05 . 2009-08-29 08:48   205312   ----a-w-   c:\windows\system32\mswebdvd.dll
2009-08-03 13:07 . 2009-08-03 13:07   403816   ----a-w-   c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07   322928   ----a-w-   c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07   230768   ----a-w-   c:\windows\system32\OGAEXEC.exe
2009-07-29 13:54 . 2009-07-29 13:54   --------   d-----w-   c:\programmi\Windows Live SkyDrive
2009-07-27 17:06 . 2009-07-27 16:52   --------   d-----w-   c:\programmi\Digital Photo Recovery
2009-07-27 16:09 . 2009-08-29 08:49   34   ---ha-w-   c:\windows\system32\Removable Data Recovery_sysquict.dat
2009-07-27 16:09 . 2009-05-08 16:57   --------   d-----w-   c:\programmi\ALCATEL PC Suite
2009-07-24 17:05 . 2009-07-24 11:38   --------   d-----w-   c:\programmi\PDF Text Replace Tool
2009-07-24 16:55 . 2009-07-24 16:27   --------   d-----w-   c:\programmi\seRapid
2009-07-24 16:37 . 2009-07-24 16:37   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\Iceni
2009-07-24 16:37 . 2009-07-24 16:37   --------   d-----w-   c:\programmi\Iceni
2009-07-24 16:37 . 2009-07-24 16:37   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Iceni
2009-07-22 20:56 . 2009-05-20 15:19   --------   d-----w-   c:\programmi\Readiris Pro 11 Corporate Edition
2009-07-21 20:37 . 2008-10-30 14:33   --------   d-----w-   c:\documents and settings\io\Dati applicazioni\Nero
2009-07-17 18:56 . 2009-08-29 08:46   58880   ----a-w-   c:\windows\system32\atl.dll
2009-07-13 21:43 . 2009-08-29 08:50   286208   ----a-w-   c:\windows\system32\wmpdxm.dll
2009-07-11 18:12 . 2009-07-11 18:12   796672   ----a-w-   c:\windows\GPInstall.exe
2009-07-03 16:55 . 2009-08-29 08:50   915456   ------w-   c:\windows\system32\wininet.dll
2009-06-25 18:34 . 2009-08-29 08:48   519168   ----a-w-   c:\windows\system32\mqutil.dll
2009-06-25 18:34 . 2009-08-29 08:48   48640   ----a-w-   c:\windows\system32\mqupgrd.dll
2009-06-25 18:34 . 2009-08-29 08:48   186880   ----a-w-   c:\windows\system32\mqtrig.dll
2009-06-25 18:34 . 2009-08-29 08:48   95744   ----a-w-   c:\windows\system32\mqsec.dll
2009-06-25 18:34 . 2009-08-29 08:48   517120   ----a-w-   c:\windows\system32\mqsnap.dll
2009-06-25 18:34 . 2009-08-29 08:48   123392   ----a-w-   c:\windows\system32\mqrtdep.dll
2009-06-25 18:34 . 2009-08-29 08:48   177152   ----a-w-   c:\windows\system32\mqrt.dll
2009-06-25 18:34 . 2009-08-29 08:48   661504   ----a-w-   c:\windows\system32\mqqm.dll
2009-06-25 18:34 . 2009-08-29 08:48   47104   ----a-w-   c:\windows\system32\mqdscli.dll
2009-06-25 18:34 . 2009-08-29 08:48   225280   ----a-w-   c:\windows\system32\mqoa.dll
2009-06-25 18:34 . 2009-08-29 08:48   16896   ----a-w-   c:\windows\system32\mqise.dll
2009-06-25 18:34 . 2009-08-29 08:48   138240   ----a-w-   c:\windows\system32\mqad.dll
2009-06-25 08:44 . 2009-08-29 08:50   59392   ----a-w-   c:\windows\system32\wdigest.dll
2009-06-25 08:44 . 2009-08-29 08:49   56320   ----a-w-   c:\windows\system32\secur32.dll
2009-06-25 08:44 . 2009-08-29 08:49   168448   ----a-w-   c:\windows\system32\schannel.dll
2009-06-25 08:44 . 2009-08-29 08:48   133632   ----a-w-   c:\windows\system32\msv1_0.dll
2009-06-25 08:44 . 2009-08-29 08:48   730112   ----a-w-   c:\windows\system32\lsasrv.dll
2009-06-25 08:44 . 2009-08-29 08:48   298496   ----a-w-   c:\windows\system32\kerberos.dll
2009-06-22 11:49 . 2009-08-29 08:48   117248   ----a-w-   c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2009-08-29 08:48   19968   ----a-w-   c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2009-08-29 08:48   4608   ----a-w-   c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2009-08-29 08:43   91776   ----a-w-   c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34 . 2009-08-29 08:43   92544   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2008-05-07 11:56 . 2008-08-12 10:05   614   ----a-w-   c:\programmi\BorisGraffitiUI.xml
2008-02-05 22:44 . 2008-08-12 10:05   200704   ----a-w-   c:\programmi\BorisFXUI.fex
1998-12-04 09:59 . 2008-06-27 11:40   5811   ----a-w-   c:\programmi\UNWISE.INI
1998-12-02 10:15 . 2008-06-27 11:40   139264   ----a-w-   c:\programmi\UNWISE.EXE
2002-07-31 17:55 . 2009-06-05 10:25   108   --sh--w-   c:\windows\WSYS049.SYS
2009-04-07 20:04 . 2009-08-29 08:43   833312   --sha-w-   c:\windows\system32\drivers\fidbox.dat
2009-04-07 20:05 . 2009-08-29 08:43   19744   --sha-w-   c:\windows\system32\drivers\fidbox2.dat
.

(((((((((((((((((((((((((((((   SnapShot@2009-09-05_17.24.38   )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 00:19 . 2007-11-07 00:19   54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07   59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07   59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2008-10-30 13:56 . 2009-09-09 18:02   35088              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   35088              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   18704              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   18704              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   20240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   20240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-07-29 06:05 . 2008-07-29 06:05   655872              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   572928              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 01:54 . 2008-07-29 01:54   225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   161784              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
- 2009-08-29 08:47 . 2009-03-08 02:33   726528              c:\windows\system32\jscript.dll
+ 2009-08-29 08:47 . 2009-06-22 06:45   726528              c:\windows\system32\jscript.dll
- 2009-08-29 08:40 . 2004-08-19 17:27   153088              c:\windows\system32\dllcache\triedit.dll
+ 2009-08-29 08:40 . 2009-06-21 22:05   153088              c:\windows\system32\dllcache\triedit.dll
- 2009-08-29 08:37 . 2009-03-08 02:33   726528              c:\windows\system32\dllcache\jscript.dll
+ 2009-08-29 08:37 . 2009-06-22 06:45   726528              c:\windows\system32\dllcache\jscript.dll
+ 2009-08-29 08:37 . 2009-08-07 08:48   100352              c:\windows\system32\dllcache\iecompat.dll
- 2009-08-29 08:36 . 2004-08-19 17:27   194048              c:\windows\system32\dllcache\activeds.dll
+ 2009-08-29 08:46 . 2004-08-19 17:27   194048              c:\windows\system32\dllcache\activeds.dll
+ 2009-08-29 08:46 . 2004-08-19 17:27   194048              c:\windows\system32\aaactiveds.dll
+ 2009-09-14 20:30 . 2009-09-14 20:30   119296              c:\windows\Installer\be8dfd.msi
+ 2009-09-06 10:05 . 2009-09-06 10:05   228352              c:\windows\Installer\1aa8bd.msi
+ 2008-10-30 13:56 . 2009-09-09 18:02   888080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   888080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   272648              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   272648              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   922384              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   922384              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   845584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   845584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   217864              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   217864              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   184080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   184080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   159504              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   159504              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-09-14 20:32 . 2008-07-08 13:06   402296              c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-09-14 20:32 . 2008-07-08 13:06   233848              c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-09-14 20:32 . 2009-07-01 07:08   101376              c:\windows\ie8updates\KB973874-IE8\iecompat.dll
+ 2009-09-09 18:00 . 2008-07-08 13:06   402296              c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-09 18:00 . 2008-07-08 13:06   233848              c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-09 18:00 . 2009-03-08 02:33   726528              c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-06-02 21:40 . 2009-06-02 21:40   458456              c:\windows\Downloaded Program Files\PCPitstop.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   3783672              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05   3768312              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-08-29 08:50 . 2009-05-20 02:56   2458112              c:\windows\system32\WMVCore.dll
- 2009-08-29 08:50 . 2008-06-18 04:03   2458112              c:\windows\system32\WMVCore.dll
- 2009-08-29 08:40 . 2008-06-18 04:03   2458112              c:\windows\system32\dllcache\WMVCore.dll
+ 2009-08-29 08:40 . 2009-05-20 02:56   2458112              c:\windows\system32\dllcache\WMVCore.dll
+ 2009-08-18 10:56 . 2009-08-18 10:56   5020672              c:\windows\Installer\940f3b.msp
+ 2008-10-30 13:56 . 2009-09-09 18:02   1172240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   1172240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-10-30 13:56 . 2009-08-12 11:10   1165584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-10-30 13:56 . 2009-09-09 18:02   1165584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-01-27 10:16 . 2009-01-27 10:16   3063536              c:\windows\Downloaded Program Files\PCPitstop3D.dll
+ 2009-08-29 08:48 . 2009-08-28 21:38   24689600              c:\windows\system32\MRT.exe
+ 2009-09-09 18:02 . 2009-09-09 18:02   15709696              c:\windows\Installer\940f47.msp
.
-- Snapshot per reimpostare la data corrente --
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07   1004800   ----a-w-   c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"OpAgent"="OpAgent.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\programmi\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"PDF5 Registry Controller"="c:\programmi\Nuance\PDF Professional 5\RegistryController.exe" [2008-02-02 58656]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-23 2007832]
"DrvIcon"="c:\programmi\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]

c:\documents and settings\io\Menu Avvio\Programmi\Altro\Nuova cartella\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-23 15:26   11952   ----a-w-   c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Netop\\Netop School\\Teacher\\ntchw32.exe"=
"c:\\Programmi\\iTALC\\ica.exe"=
"c:\\Programmi\\NetSupport\\NetSupport School\\client32.exe"=
"c:\\Programmi\\NetSupport\\NetSupport School\\pcinssui.exe"=
"c:\\Programmi\\NetSupport\\NetSupport School\\PCINSSCD.EXE"=
"c:\\Programmi\\NetSupport\\NetSupport School\\pcijoin.exe"=
"c:\\Programmi\\NetSupport\\NetSupport School\\pcideply.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"139:TCP"= 139:TCP:@xpsp2res.dll,-22004

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [29/08/2009 10:43 28544]
R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [29/08/2009 10:43 335240]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [29/08/2009 10:43 108552]
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [29/08/2009 10:43 72992]
R1 NHostNT1;NetOp Driver 1 ver. 9.22 (2009140);c:\windows\system32\drivers\NHOSTNT1.SYS [29/08/2009 10:43 97112]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\programmi\File comuni\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [06/12/2007 22:03 660768]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [26/06/2009 13:47 297752]
R2 bckwfs;Blue Coat K9 Web Protection;c:\programmi\Blue Coat K9 Web Protection\k9filter.exe [14/01/2009 01:39 1078560]
R2 icas;iTALC Client;c:\programmi\iTALC\ica.exe [17/06/2009 20:06 844800]
R2 NetOp Host for NT Service;NetOp Helper ver. 9.22 (2009140);c:\programmi\Netop\Netop School\Teacher\NHOSTSVC.EXE [12/06/2009 17:31 1734008]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\programmi\Nuance\PDF Professional 5\PDFProFiltSrv.exe [02/02/2008 02:20 144672]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [29/08/2009 10:43 11032]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI68.tmp [17/03/2009 16:32 189696]
R2 SPDFToolsReadSpool;SolidPDFToolsCreatorReadSpool;c:\windows\Installer\MSI15F.tmp [24/11/2008 22:01 189688]
R3 NHOSTNT3;NetOp Driver 3 ver. 9.22 (2009140) (NHOSTNT3);c:\windows\system32\drivers\NHOSTNT3.SYS [29/08/2009 10:43 4400]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\programmi\File comuni\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 06:46 284016]
S3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\system32\ASNDIS5.SYS --> c:\windows\system32\ASNDIS5.SYS [?]
S3 cpuz129;cpuz129;\??\c:\docume~2\io\IMPOST~1\Temp\cpuz_x32.sys --> c:\docume~2\io\IMPOST~1\Temp\cpuz_x32.sys [?]
S3 W8100PCI;ASUS 802.11b/g Driver for Windows XP;c:\windows\system32\drivers\mrv8k51.sys [29/08/2009 10:43 256512]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ;c:\windows\system32\drivers\mrv8ka51.sys [29/08/2009 10:43 258560]
S4 gupdate1c98e03f182a78c;Servizio di Google Update (gupdate1c98e03f182a78c);c:\programmi\Google\Update\GoogleUpdate.exe [13/02/2009 19:53 133104]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-09-17 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Aggiungi a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Aggiungi destinazione link a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Converti destinazione link in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Download &Flash Movies - c:\programmi\Flash2X\Flash Hunter\save.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with Nuance PDF Converter 5.0 - c:\programmi\Nuance\PDF Professional 5\cnvres_eng.dll /100
IE: Sothink SWF Catcher - c:\programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
LSP: c:\programmi\File comuni\NSL\nslsp.dll
TCP: {5AE7DA89-EBF4-45CB-9BA4-950305AC4345} = 172.16.182.30,213.140.2.12,4.2.2.1,213.205.32.70,212.216.112.112,208.67.222.222,151.99.0.100,4.2.2.6,213.205.36.70,195.186.1.111,128.107.241.185,66.93.87.2,220.233.167.31,199.166.31.3,64.102.255.44,199.2.252.10,208.67.220.220,217.146.139.5
TCP: {E42466B8-712B-40C5-A902-BA2AC0A8E11D} = 4.2.2.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-17 18:16
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

c:\windows\system32\ZSHP1020.EXE [2036] 0x85618020

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI68.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SPDFToolsReadSpool]
"ImagePath"="c:\windows\Installer\MSI15F.tmp"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-746137067-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*tif*$Ì<x¾Ï:~]
@Class="Shell"

[HKEY_USERS\S-1-5-21-746137067-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*tif*$Ì<x¾Ï:~\OpenWithList]
@Class="Shell"

[HKEY_USERS\S-1-5-21-746137067-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC8170F8-8B81-56F7-CB3B-D850ADBA2820}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,07,b3,71,81,99,
   35,f7,bb,c8,28,51,af,b0,29,a3,98,ed,95,c6,59,a5,c6,37,d0,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,c2,b6,98,50,23,
   8b,8c,34,71,3b,04,66,8b,46,0d,96,86,e1,80,8b,be,ee,8f,cd,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,f2,ac,45,d7,06,
   10,9d,a7,25,da,ec,7e,55,20,c9,26,df,42,28,7b,ca,7d,8b,da,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,e7,fc,95,f3,b5,
   2e,4c,24,3e,1e,9e,e0,57,5a,93,61,7e,e5,e6,94,f0,08,34,c7,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,a5,fe,22,80,1c,
   f1,e1,f8,cd,44,cd,b9,a6,33,6c,cd,31,8d,f0,f3,4a,b1,5a,96,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,a8,30,3f,a0,29,
   41,fe,56,b0,18,ed,a7,3f,8d,37,a4,d0,0a,56,a6,41,fc,83,9b,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,c9,6d,df,44,62,
   50,88,97,31,77,e1,ba,b1,f8,68,02,19,a9,3f,24,e2,56,43,b5,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,2f,8c,c1,fb,06,
   3e,97,69,83,6c,56,8b,a0,85,96,ab,b5,89,2e,f8,b2,49,db,f1,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,5f,ff,30,71,a2,
   8d,3f,66,51,fa,6e,91,28,9e,14,cc,40,af,d9,f3,ea,25,1f,a1,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,d4,03,17,1b,ef,
   7d,55,dd,b1,cd,45,5a,a8,c4,f8,b9,cc,2c,83,b8,b2,f8,86,7f,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,ee,c6,48,13,ff,
   d7,03,80,e3,0e,66,d5,eb,bc,2f,6b,84,21,2d,96,fe,3c,c8,28,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,6e,07,bb,a6,12,
   fc,b8,34,fa,ea,66,7f,d4,3b,6b,70,a1,15,db,eb,5c,83,21,75,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\N888cc187]
@Denied: (4) (Everyone)
@Denied: (4) (Administrators)
@Allowed: (A B C D Full GENERIC_EXECUTE GENERIC_WRITE Read 1 2 3 4 5 6) (LocalSystem)
"a"="S"
"startday"="20"
"startmonth"="5"
"startyear"="2009"
"expiryday"="20"
"expirymonth"="6"
"expiryyear"="2009"
"authcode"="0xa09c7980"
"currentver"="1100"
"InternetCode"="KZD2ELBGB4UCNYYYKXG55F4EZLSOGA5XVFRW2VI8"

[HKEY_LOCAL_MACHINE\software\Classes\N888cc187\N888cc187]
"startday"="20"
"startmonth"="5"
"startyear"="2009"
"expiryday"="20"
"expirymonth"="6"
"expiryyear"="2009"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1076)
c:\windows\system32\Ati2evxx.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(1132)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'csrss.exe'(1048)
c:\programmi\NetSupport\NetSupport School\pcihooks.dll
.
Ora fine scansione: 2009-09-17 18:25
ComboFix-quarantined-files.txt  2009-09-17 16:25
ComboFix2.txt  2009-09-05 17:30
ComboFix3.txt  2009-07-13 10:19
ComboFix4.txt  2009-06-02 20:06
ComboFix5.txt  2009-09-17 15:52

Pre-Run: 42.936.872.960 byte disponibili
Post-Run: 42.941.235.200 byte disponibili

463   --- E O F ---   2009-09-09 18:07
nerone
Newbie
 
Post: 1
Iscritto il: 17/09/09 17:38

Sponsor
 

Re: problemi windows

Postdi hydra » 21/09/09 07:29

Ciao e benvenuto sul forum. ;)
Alcune considerazioni:
  • Quando inserisci log o parti particolarmente lunghe utilizza il tag CODE, viewtopic.php?f=1&t=79667
  • Abbiamo una sezione apposita per problemi di virus
Il tuo post l'ho editato io e lo sposto nella sezione giusta, in futuro fai attenzione. :D
Avatar utente
hydra
Moderatore
 
Post: 7007
Iscritto il: 19/07/04 08:06
Località: Vallis Duplavis


Torna a Sicurezza e Privacy


Topic correlati a "problemi windows":


Chi c’è in linea

Visitano il forum: Nessuno e 30 ospiti