Moderatori: m.paolo, kadosh, Luke57
Malwarebytes Anti-Malware (Prova) 1.61.0.1400
www.malwarebytes.org
Versione database: v2012.06.27.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Dutu :: DUTU-PC [amministratore]
Protezione: Attivata
27/06/2012 14:43:31
mbam-log-2012-06-27 (14-43-31).txt
Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 497464
Tempo impiegato: 5 ore, 10 minuti, 30 secondi
Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)
Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)
Chiavi di registro rilevate: 26
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoods.funmoodsHlpr (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\f (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
Valori di registro rilevati: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Dati: Funmoods Toolbar -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Dati: -> Spostato in quarantena ed eliminato con successo.
Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)
Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)
File rilevati: 5
C:\Users\Dutu\Downloads\installer_comamnd_and_conquer_generals.exe (PUP.Adbundler) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Dutu\Downloads\SoftonicDownloader_per_camtasia-studio.exe (PUP.ToolbarDownloader) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Dutu\Downloads\SoftonicDownloader_per_hijackthis.exe (PUP.ToolbarDownloader) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Dutu\Downloads\SoftonicDownloader_per_java-development-kit.exe (PUP.ToolbarDownloader) -> Spostato in quarantena ed eliminato con successo.
C:\Windows.old\Users\Dutu\Desktop\Ronald\SoftonicDownloader_per_camtasia-studio.exe (PUP.ToolbarDownloader) -> Spostato in quarantena ed eliminato con successo.
(fine)
ComboFix 12-06-28.01 - Dutu 28/06/2012 10:39:14.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3070.2167 [GMT 2:00]
Eseguito da: c:\users\Dutu\Downloads\Fix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dutu\AppData\Local\Microsoft\Windows\Temporary Internet Files\tbinst
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-28 al 2012-06-28 )))))))))))))))))))))))))))))))))))
.
.
2012-06-28 08:58 . 2012-06-28 08:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-27 12:09 . 2012-06-27 12:09 -------- d-----w- c:\programdata\Malwarebytes
2012-06-27 12:09 . 2012-06-27 12:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-27 12:09 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-27 10:01 . 2012-06-27 10:01 -------- d-----w- c:\programdata\ProcessLasso
2012-06-27 10:00 . 2012-06-27 10:01 -------- d-----w- c:\program files\Process Lasso
2012-06-25 12:51 . 2012-06-25 12:51 -------- d-----w- c:\program files\EA Games
2012-06-25 12:42 . 2012-06-25 12:42 -------- d-----w- c:\programdata\Babylon
2012-06-25 11:00 . 2012-06-25 12:43 -------- d-----w- c:\program files\BrowserCompanion
2012-06-19 09:47 . 2012-06-19 09:47 -------- d-----w- c:\program files\alaplaya
2012-06-19 09:46 . 2012-06-25 12:49 -------- d-----w- c:\program files\Common Files\InstallShield
2012-06-19 08:01 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 08:01 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 08:01 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 08:01 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 08:01 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-19 08:01 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 08:01 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 08:01 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 08:01 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-18 15:22 . 2007-04-25 10:50 32256 ----a-w- c:\windows\system32\drivers\enecir.sys
2012-06-18 15:21 . 2012-06-18 15:21 -------- d-----w- c:\program files\JMicron
2012-06-18 14:58 . 2012-06-28 06:44 -------- d-----w- c:\program files\Common Files\Akamai
2012-06-18 14:43 . 2012-06-18 14:43 -------- d-----w- c:\windows\JMCR_DIR
2012-06-18 14:42 . 2012-06-18 15:20 -------- d-----w- c:\windows\system32\SDA
2012-06-18 14:42 . 2008-10-22 15:42 110080 ----a-w- c:\windows\system32\JmCrIcon.dll
2012-06-18 11:39 . 2012-06-18 11:39 -------- d-----w- c:\program files\No-IP
2012-06-18 09:17 . 2012-06-21 14:51 -------- d-----w- c:\program files\Common Files\Steam
2012-06-18 08:56 . 2012-06-26 11:28 -------- d-----w- c:\program files\Steam
2012-06-18 08:40 . 2012-06-18 09:02 -------- d-----w- c:\programdata\Ubisoft
2012-06-18 08:34 . 2011-03-11 05:39 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2012-06-18 08:34 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-06-18 08:34 . 2011-03-11 05:39 1211264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-06-18 08:34 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-06-18 08:34 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-06-18 08:34 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-06-18 08:34 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-06-18 08:34 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2012-06-18 08:34 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2012-06-18 08:33 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-06-18 08:33 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-06-18 08:33 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-06-18 08:33 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-06-18 08:33 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-06-18 08:33 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-06-18 08:33 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-06-18 08:33 . 2012-06-18 08:33 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-06-18 08:33 . 2012-06-18 08:33 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-18 08:26 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-06-18 08:01 . 2012-06-25 12:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-06-18 07:16 . 2012-06-18 07:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-06-18 07:12 . 2012-06-18 07:19 -------- d-----w- c:\program files\Common Files\Adobe
2012-06-18 07:02 . 2012-06-18 07:02 -------- d-----w- c:\program files\Common Files\Java
2012-06-18 06:57 . 2012-06-18 06:57 -------- d-----w- c:\program files\Oracle
2012-06-18 06:57 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-17 17:42 . 2012-05-04 17:29 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-17 17:40 . 2012-06-18 06:56 -------- d-----w- c:\program files\Java
2012-06-17 16:46 . 2012-06-17 16:46 -------- d-----w- c:\program files\EasyBurner
2012-06-17 16:13 . 2012-06-17 16:13 -------- d-sh--w- c:\windows\ftpcache
2012-06-17 11:23 . 2012-06-17 11:23 -------- d-----w- c:\program files\Synaptics
2012-06-17 11:22 . 2010-03-23 12:53 527872 ------w- c:\windows\system32\stapi32.dll
2012-06-17 11:22 . 2012-06-17 11:22 -------- d-----w- c:\program files\IDT
2012-06-17 11:22 . 2010-01-26 16:28 140288 ----a-w- c:\windows\system32\aestacap.dll
2012-06-17 11:22 . 2009-10-09 14:45 380928 ----a-w- c:\windows\system32\aestecap.dll
2012-06-17 11:22 . 2009-03-02 15:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2012-06-17 11:22 . 2010-03-23 12:53 536576 ----a-w- c:\windows\system32\idtmini1.exe
2012-06-17 11:22 . 2009-03-02 15:47 86016 ----a-w- c:\windows\system32\AESTCom.dll
2012-06-17 11:22 . 2010-03-23 12:53 495708 ----a-w- c:\windows\sttray.exe
2012-06-17 11:22 . 2010-03-23 12:53 3354624 ----a-w- c:\windows\system32\stlang.dll
2012-06-17 11:22 . 2010-03-23 12:53 12628060 ----a-w- c:\windows\system32\idtcpl.cpl
2012-06-17 11:22 . 2012-06-17 11:22 -------- d-----w- c:\windows\system32\SRSLabs
2012-06-17 11:17 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-06-17 11:17 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-06-17 11:13 . 2012-06-18 08:35 -------- d-----w- c:\programdata\PMB Files
2012-06-17 11:11 . 2012-06-17 11:11 -------- d-----w- c:\program files\Microsoft.NET
2012-06-17 11:11 . 2012-06-17 11:11 -------- d-----w- c:\program files\Pando Networks
2012-06-17 10:55 . 2012-06-17 10:55 -------- d-----w- c:\windows\system32\Wat
2012-06-17 10:36 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-06-17 10:36 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-06-17 10:36 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-06-17 10:36 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-06-17 09:48 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-17 09:13 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-06-17 09:13 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-06-17 09:13 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2012-06-17 09:13 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-06-17 09:13 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-06-17 09:13 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-06-17 09:11 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-06-17 09:11 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-06-17 09:11 . 2011-02-19 06:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-06-17 09:11 . 2011-02-19 04:34 294912 ----a-w- c:\windows\system32\atmfd.dll
2012-06-17 09:11 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2012-06-17 09:11 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-06-17 09:09 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2012-06-17 09:08 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-06-17 09:03 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-06-16 18:56 . 2012-06-16 18:56 -------- d-----w- c:\windows\system32\QuickTime
2012-06-16 18:56 . 2012-06-17 10:36 -------- d-----w- c:\programdata\TechSmith
2012-06-16 18:56 . 2012-06-16 18:56 -------- d-----w- c:\program files\QuickTime
2012-06-16 18:55 . 2012-06-16 18:55 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2012-06-16 18:55 . 2012-06-16 18:55 -------- d-----w- c:\program files\TechSmith
2012-06-16 18:37 . 2012-06-16 18:38 -------- d-----w- c:\program files\OpenOffice.org 3
2012-06-16 18:34 . 2012-06-16 18:34 -------- d-----w- c:\program files\CCleaner
2012-06-16 16:42 . 2012-06-16 16:42 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-16 16:28 . 2012-06-16 16:28 -------- d-----w- c:\windows\system32\Adobe
2012-06-16 16:13 . 2012-06-16 16:14 -------- d-----w- c:\program files\BitComet
2012-06-16 16:08 . 2012-06-16 16:08 -------- d-----w- c:\program files\Common Files\Skype
2012-06-16 16:08 . 2012-06-16 16:08 -------- d-----r- c:\program files\Skype
2012-06-16 16:08 . 2012-06-16 16:08 -------- d-----w- c:\programdata\Skype
2012-06-16 15:56 . 2012-06-16 15:56 -------- d-----w- c:\program files\VideoLAN
2012-06-16 15:37 . 2012-06-16 15:37 -------- d-----w- c:\program files\MpcStar
2012-06-16 15:35 . 2012-06-16 15:36 -------- d-----w- c:\programdata\TuneUp Software
2012-06-16 15:35 . 2012-06-16 15:35 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-06-16 15:35 . 2012-06-16 15:35 -------- d--h--w- c:\programdata\Common Files
2012-06-16 15:27 . 2012-06-16 15:27 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-16 15:27 . 2012-06-16 15:27 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-06-16 15:23 . 2012-06-18 07:46 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-06-16 15:18 . 2012-06-16 15:18 -------- d-----w- c:\programdata\Yahoo! Companion
2012-06-16 15:18 . 2012-06-16 15:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-16 15:18 . 2012-06-16 15:18 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-16 15:18 . 2012-06-16 15:18 -------- d-----w- c:\windows\system32\Macromed
2012-06-16 15:18 . 2012-06-16 15:18 -------- d-----w- c:\programdata\Yahoo!
2012-06-16 15:17 . 2012-06-27 10:46 -------- d-sh--w- c:\windows\Installer
2012-06-16 15:09 . 2012-06-16 15:18 -------- d-----w- c:\program files\Yahoo!
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
Problema con apertura MsgBox con duplice condizione Autore: systemcrack |
Forum: Applicazioni Office Windows Risposte: 24 |
Visitano il forum: Nessuno e 85 ospiti