Condividi:        

log Combofix

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

log Combofix

Postdi fabio35 » 03/07/13 14:25

Salve a tutti,
mi sono appena iscritto e avrei bisogno di aiuto a leggere il log di Combofix. L'ho installato ed utilizzato dopo che mi è stato suggerito dal momento che sia Chrome, sia Mozilla Firefox non riuscivano ad aprire alcuna scheda. Ora sembrano funzionare correttamente, però non vorrei che il programma mi avesse eliminato qualche dato di sistema o comunque vorrei accertarmi che non ci sia nient'altro da fare, così da eliminare Combofix.

Grazie in anticipo :)

Ecco il log:
ComboFix 13-07-02.03 - Fabio 03/07/2013 13:31:44.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4044.1720 [GMT 2:00]
Eseguito da: c:\users\Fabio\Downloads\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Funmoods
c:\program files (x86)\Funmoods\1.5.23.22\bh\escort.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortApp.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortEng.dll
c:\program files (x86)\Funmoods\1.5.23.22\escorTlbr.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortShld.dll
c:\program files (x86)\Funmoods\1.5.23.22\FavIcon.ico
c:\program files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe
c:\program files (x86)\Funmoods\1.5.23.22\uninstall.exe
c:\program files (x86)\FunWebProducts
c:\program files (x86)\LP
c:\program files (x86)\MyWebSearch
c:\program files (x86)\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files (x86)\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files (x86)\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files (x86)\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files (x86)\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files (x86)\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files (x86)\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files (x86)\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3IEOVR.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\M3TPINST.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files (x86)\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files (x86)\MyWebSearch\bar\Game\CHESS.F3S
c:\program files (x86)\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files (x86)\MyWebSearch\bar\icons\CM.ICO
c:\program files (x86)\MyWebSearch\bar\icons\MFC.ICO
c:\program files (x86)\MyWebSearch\bar\icons\PSS.ICO
c:\program files (x86)\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files (x86)\MyWebSearch\bar\icons\WB.ICO
c:\program files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files (x86)\MyWebSearch\bar\IE9Mesg\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Message\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Settings\s_pid.dat
c:\program files (x86)\OfferBox
c:\program files (x86)\OfferBox\install.log
c:\program files (x86)\OfferBox\install.xml
c:\program files (x86)\OfferBox\language.xml
c:\program files (x86)\OfferBox\OfferBox.exe
c:\program files (x86)\OfferBox\OfferBoxHTTPProxy.exe
c:\program files (x86)\OfferBox\OfferBoxUpdateService.exe
c:\program files (x86)\OfferBox\uninstaller.exe
c:\program files (x86)\smartdl
c:\program files (x86)\smartdl\dler.exe
c:\program files (x86)\smartdl\gunzip.exe
c:\program files (x86)\smartdl\header.bmp
c:\program files (x86)\smartdl\header2.bmp
c:\program files (x86)\smartdl\header3.bmp
c:\program files (x86)\smartdl\next.bmp
c:\program files (x86)\smartdl\skip.bmp
c:\program files (x86)\smartdl\status-o
c:\programdata\Barowasse2saave
c:\programdata\Barowasse2saave\515f03d30e0e1.tlb
c:\programdata\Barowasse2saave\settings.ini
c:\programdata\Barowasse2saave\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Barowasse2saave
c:\programdata\Microsoft\Windows\Start Menu\Programs\Barowasse2saave\Barowasse2saave.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Barowasse2saave\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\saafe saVe
c:\programdata\Microsoft\Windows\Start Menu\Programs\saafe saVe\saafe saVe.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\saafe saVe\Uninstall.lnk
c:\programdata\saafe saVe
c:\programdata\saafe saVe\51d3263401fb3.dll
c:\programdata\saafe saVe\51d3263401fb3.tlb
c:\programdata\saafe saVe\settings.ini
c:\programdata\saafe saVe\uninstall.exe
C:\torrent.exe
c:\users\Fabio\AppData\Local\lollipop
c:\users\Fabio\AppData\Local\lollipop\lollipop.bat
c:\users\Fabio\AppData\Local\lollipop\lollipop.lpd
c:\users\Fabio\AppData\Local\lollipop\lollipop_ps.lpd
c:\users\Fabio\AppData\Roaming\cacaoweb
c:\users\Fabio\AppData\Roaming\cacaoweb\cacaoweb.crx
c:\users\Fabio\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Fabio\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Fabio\AppData\Roaming\cacaoweb\replicating36AB0903517D381CD1F0E75AAC55B5F4.cacao
c:\users\Fabio\AppData\Roaming\cacaoweb\replicating8B64C57713836CBB6B0B4E7E10E6A737.cacao
c:\users\Fabio\AppData\Roaming\cacaoweb\replicating9F60DBE6C613684402606AF36FD62D8C.cacao
c:\users\Fabio\AppData\Roaming\cacaoweb\replicatingB9367D0C456894CA83F3C719ABA43047.cacao
c:\users\Fabio\AppData\Roaming\cacaoweb\replicatingBB9394189E20E74207C281E432B43FE3.cacao
c:\users\Fabio\AppData\Roaming\cacaoweb\storage.db
c:\users\Fabio\AppData\Roaming\Microsoft\nvSCPAPISvr.exe
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\chrome.manifest
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\funmoods.css
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\funmoods.xul
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\images\pref.jpg
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\arwDwn.gif
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ae.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\bg.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ch.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cn.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cz.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\de.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\eg.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\en.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\es.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\fr.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\gr.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\he.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\il.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\it.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ja.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\jp.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\nl.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\no.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pl.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pt.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ro.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ru.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sa.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\se.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sv.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\tr.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ua.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\us.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\help_16.gif
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\home.gif
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\logo.png
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\privecy_16_hot.gif
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\imgs\tellafriend.gif
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\loader.xul
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\mtstart.js
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\preferences.xul
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\content\tmplt.js
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\install.rdf
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf
c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\extensions\ffxtlbr@funmoods.com\META-INF\manifest.mf
c:\users\Fabio\AppData\Roaming\OfferBox
c:\users\Fabio\AppData\Roaming\OfferBox\config.xml
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\extracountry.sxe
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\sdch\1372806106
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe
c:\users\Fabio\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml
c:\users\Fabio\AppData\Roaming\OfferBox\temp.ico
c:\users\Fabio\Desktop\cacaoweb.exe
c:\users\Fabio\Documents\~WRL1614.tmp
c:\users\Fabio\Documents\~WRL3470.tmp
c:\windows\SysWow64\f3PSSavr.scr
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\Update.exe
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_MyWebSearchService
-------\Service_npf
-------\Service_OfferBox update service
-------\Service_OfferBox update service
.
.
((((((((((((((((((((((((( Files Creati Da 2013-06-03 al 2013-07-03 )))))))))))))))))))))))))))))))))))
.
.
2013-07-03 11:56 . 2013-07-03 11:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-02 20:01 . 2013-07-02 20:01 -------- d-----w- c:\users\Fabio\AppData\Roaming\FreeSoftwareUpdater
2013-07-02 19:10 . 2013-07-02 19:10 -------- d-----w- c:\programdata\StarApp
2013-07-02 19:10 . 2013-07-02 19:10 -------- d-----w- c:\program files (x86)\SafeSaver
2013-07-02 13:04 . 2013-07-02 13:04 -------- d-----w- c:\program files\Updater By Sweetpacks
2013-07-02 13:01 . 2013-07-02 13:01 -------- d-----w- c:\program files (x86)\SweetIM
2013-07-02 12:58 . 2013-07-02 12:58 -------- d-----w- c:\windows\SysWow64\jmdp
2013-07-02 12:58 . 2013-07-02 12:58 -------- d-----w- c:\windows\SysWow64\ARFC
2013-07-02 12:58 . 2013-06-12 08:27 1495856 ----a-w- c:\windows\system32\dmwu.exe
2013-07-02 12:58 . 2013-06-12 08:26 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-07-02 12:58 . 2013-07-02 12:58 -------- d-----w- c:\windows\SysWow64\WNLT
2013-07-02 12:57 . 2013-07-02 12:57 -------- d-----w- c:\users\Fabio\AppData\Roaming\WebCake
2013-07-02 12:57 . 2013-07-02 12:57 -------- d-----w- c:\program files (x86)\WebCake
2013-07-02 12:55 . 2013-07-02 12:56 -------- d-----w- c:\program files (x86)\Plus-HD-2.2
2013-07-02 12:54 . 2013-07-02 12:55 -------- d-----w- c:\program files (x86)\FTdownloader V4.0
2013-07-02 12:54 . 2013-07-02 12:54 -------- d-----w- c:\users\Fabio\AppData\Local\PutLockerDownloader
2013-07-02 12:53 . 2013-07-02 12:54 -------- d-----w- c:\program files (x86)\FTDownloader.com
2013-07-02 12:27 . 2013-07-02 12:39 -------- d-----w- c:\users\Fabio\AppData\Roaming\calibre
2013-07-02 12:26 . 2013-07-02 12:26 -------- d-----w- c:\program files\Calibre2
2013-06-23 14:11 . 2013-06-23 14:11 -------- d-----w- c:\program files (x86)\eMule
2013-06-23 10:56 . 2013-03-05 02:14 43680 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2013-06-12 06:10 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 06:09 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 06:09 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-12 06:09 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 06:09 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-12 06:08 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-12 06:08 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-12 06:07 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 06:07 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 06:07 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 06:07 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 06:07 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 06:07 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 06:07 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 06:07 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 06:07 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-12 06:07 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 06:07 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-12 06:07 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-10 17:09 . 2013-06-19 19:06 -------- d-----w- c:\windows\system32\drivers\N360x64\1404000.028
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-19 06:30 . 2012-12-26 23:54 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-06-14 05:07 . 2011-06-05 14:16 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 19:23 . 2013-02-28 13:22 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 19:23 . 2011-06-05 15:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-22 11:02 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 14:18 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 14:18 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 14:18 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 14:18 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 14:18 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 14:18 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 10:47 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 14:18 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 14:18 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 14:18 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311301136}]
2013-07-02 12:56 750952 ----a-w- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311551174}]
2013-07-02 12:55 748032 ----a-w- c:\program files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
2013-06-21 00:08 197912 ----a-w- c:\program files (x86)\WebCake\WebCakeIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8561f2a1-d885-4852-8289-81ae4ad0ad99}]
2012-04-09 07:07 62864 ----a-w- c:\program files (x86)\QuotationCafe_45\bar\1.bin\45SrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8619595f-4eef-4164-b040-fb7436301a06}]
2012-04-09 07:07 693648 ----a-w- c:\progra~2\QUOTAT~2\bar\1.bin\45bar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
2012-02-27 08:42 88976 ----a-w- c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2009-11-09 16:38 2331672 ----a-w- c:\program files (x86)\myBabylon_English\tbmyBa.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 17:40 1492456 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
2013-05-29 08:24 169304 ----a-w- c:\program files\Updater By Sweetpacks\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2013-05-30 16:50 1309456 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1492456]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files (x86)\myBabylon_English\tbmyBa.dll" [2009-11-09 2331672]
"{99bced2f-1db3-4ecd-8e35-8906428a6cfe}"= "c:\program files (x86)\QuotationCafe_45\bar\1.bin\45bar.dll" [2012-04-09 693648]
"{99079a25-328f-4bd4-be04-00955acaa0a7}"= "c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll" [2012-02-27 88976]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2013-05-30 1309456]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_CLASSES_ROOT\clsid\{99bced2f-1db3-4ecd-8e35-8906428a6cfe}]
.
[HKEY_CLASSES_ROOT\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-06-23 802136]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Facebook Update"="c:\users\Fabio\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"Tonido"="c:\users\Fabio\AppData\Roaming\Tonido\launcher.exe" [2012-05-22 165376]
"HP Officejet 6700 (NET)"="c:\program files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
"WebCake Desktop"="c:\users\Fabio\AppData\Roaming\WebCake\WebCakeDesktop.exe" [2013-06-21 47896]
"eMuleAutoStart"="c:\program files (x86)\eMule\emule.exe" [2010-04-07 5758976]
"Software updater"="c:\users\Fabio\AppData\Roaming\FreeSoftwareUpdater\updater.exe" [2013-05-21 52516]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-30 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-12-13 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 318520]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395240]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuotationCafe Search Scope Monitor"="c:\progra~2\QUOTAT~2\bar\1.bin\45srchmn.exe" [2012-04-09 42536]
"QuotationCafe_45 Browser Plugin Loader"="c:\progra~2\QUOTAT~2\bar\1.bin\45brmon.exe" [2012-04-09 30096]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CNET TechTracker.lnk - c:\users\Fabio\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe [2011-12-1 2624512]
Monitora avvisi inchiostro - HP Officejet 6700 (Rete).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN22M1H18N05RQ;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2010-11-18 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
"HideSCAHealth"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130702.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130702.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130702.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 QuotationCafe_45Service;QuotationCafeService;c:\progra~2\QUOTAT~2\bar\1.bin\45barsvc.exe;c:\progra~2\QUOTAT~2\bar\1.bin\45barsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater By Sweetpacks;Updater By Sweetpacks;c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe;c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe [x]
S2 WebCake Desktop Updater;WebCake Desktop Updater;c:\program files (x86)\WebCake\WebCakeDesktop.Updater.exe;c:\program files (x86)\WebCake\WebCakeDesktop.Updater.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-02 23:06 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 19:24]
.
2013-07-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-722056700-3427536577-3943203242-1001Core.job
- c:\users\Fabio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-30 23:09]
.
2013-07-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-722056700-3427536577-3943203242-1001UA.job
- c:\users\Fabio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-30 23:09]
.
2013-07-03 c:\windows\Tasks\FTdownloader V4.0-codedownloader.job
- c:\program files (x86)\FTdownloader V4.0\FTdownloader V4.0-codedownloader.exe [2013-07-02 12:54]
.
2013-07-03 c:\windows\Tasks\FTdownloader V4.0-enabler.job
- c:\program files (x86)\FTdownloader V4.0\FTdownloader V4.0-enabler.exe [2013-07-02 12:55]
.
2013-07-03 c:\windows\Tasks\FTdownloader V4.0-updater.job
- c:\program files (x86)\FTdownloader V4.0\FTdownloader V4.0-updater.exe [2013-07-02 12:55]
.
2013-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 17:00]
.
2013-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 17:00]
.
2013-06-21 c:\windows\Tasks\HPCeeScheduleForFABIO-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
2013-07-02 c:\windows\Tasks\HPCeeScheduleForFabio.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
2013-07-03 c:\windows\Tasks\Plus-HD-2.2-chromeinstaller.job
- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe [2013-07-02 12:55]
.
2013-07-03 c:\windows\Tasks\Plus-HD-2.2-codedownloader.job
- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe [2013-07-02 12:55]
.
2013-07-03 c:\windows\Tasks\Plus-HD-2.2-enabler.job
- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe [2013-07-02 12:56]
.
2013-07-03 c:\windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe [2013-07-02 12:55]
.
2013-07-03 c:\windows\Tasks\Plus-HD-2.2-updater.job
- c:\program files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe [2013-07-02 12:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
2013-05-29 08:24 211288 ----a-w- c:\program files\Updater By Sweetpacks\Extension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-17 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-17 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-17 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-02 524800]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\x64\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\x64\IEBHO.dll
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://mysearch.sweetpacks.com/?src=10& ... 059&barid={01A2958F-E317-11E2-A55B-2C27D7A51B01}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.offerbox.com
uInternet Settings,ProxyServer = http=127.0.0.1:56847
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\iz85qb3f.default\
FF - prefs.js: browser.search.selectedEngine - Sweetpacks
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.sweetpacks.com/?src=10& ... 059&barid={01A2958F-E317-11E2-A55B-2C27D7A51B01}
FF - prefs.js: keyword.URL - hxxp://mysearch.sweetpacks.com/?src=2&s ... 059&barid={01A2958F-E317-11E2-A55B-2C27D7A51B01}&q=
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 58869
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2012-01-10 20:28; m3ffxtbr@mywebsearch.com; c:\program files (x86)\MyWebSearch\bar\1.bin
FF - ExtSQL: !HIDDEN! 2012-02-03 16:56; otis@digitalpersona.com; c:\program files (x86)\DigitalPersona\Bin\FirefoxExt
FF - ExtSQL: !HIDDEN! 2012-04-09 09:07; 45ffxtbr@QuotationCafe_45.com; c:\program files (x86)\QuotationCafe_45\bar\1.bin
FF - ExtSQL: !HIDDEN! 2012-07-06 17:32; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extentions.webcake.installId - f0dc51b7-4c1a-4e94-bcf7-5d046beb866f
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
BHO-{00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
BHO-{07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
BHO-{3BFC029A-FD1E-7FA7-FB91-82FBC2F30B37} - c:\programdata\saafe saVe\51d3263401fb3.dll
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\progra~2\Funmoods\1.5.23.22\bh\escort.dll
Toolbar-{07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
Toolbar-10 - (no file)
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\progra~2\Funmoods\1.5.23.22\escorTlbr.dll
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-ASUSWebStorage - c:\users\Fabio\AppData\Roaming\Microsoft\nvSCPAPISvr.exe
Wow6432Node-HKCU-Run-PoService - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-cacaoweb - c:\users\Fabio\AppData\Roaming\cacaoweb\cacaoweb.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-UnlockerAssistant - c:\program files (x86)\Unlocker\UnlockerAssistant.exe
Wow6432Node-HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe
Wow6432Node-HKLM-Run-MyWebSearch Email Plugin - c:\progra~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
Wow6432Node-HKLM-Run-DATAMNGR - c:\progra~2\SEARCH~1\Datamngr\DATAMN~1.EXE
Wow6432Node-HKLM-Run-offerbox - c:\program files (x86)\OfferBox\OfferBox.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-funmoods - c:\progra~2\Funmoods\1.5.23.22\uninstall.exe
AddRemove-OfferBox - c:\program files (x86)\OfferBox\uninstaller.exe
AddRemove-{924C3DC2-8E4E-432E-F973-9A2174A39774} - c:\programdata\saafe saVe\uninstall.exe
AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\Barowasse2saave\uninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\jmdp\stij.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Ora fine scansione: 2013-07-03 14:16:03 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2013-07-03 12:15
.
Pre-Run: 269.699.338.240 byte disponibili
Post-Run: 268.876.341.248 byte disponibili
.
- - End Of File - - AD314EDFD336BF1D8D550C82B3F0F016
D41D8CD98F00B204E9800998ECF8427E
fabio35
Newbie
 
Post: 2
Iscritto il: 03/07/13 14:02

Sponsor
 

Re: log Combofix

Postdi kyiv » 03/07/13 17:27

complimenti, gran lavoro di Combofix , puoi far girare anche ADWCleaner e JunkRemovalTool (trovi i link negli altri post) magari trovano ancora qualche qualcosa, e in più puoi postare anche un log di OTL.
kyiv
Utente Junior
 
Post: 87
Iscritto il: 24/01/13 10:51

Re: log Combofix

Postdi fabio35 » 03/07/13 17:51

Perfetto, grazie mille!
fabio35
Newbie
 
Post: 2
Iscritto il: 03/07/13 14:02


Torna a Sicurezza e Privacy


Topic correlati a "log Combofix":

Aiuto log Combofix
Autore: cariu
Forum: Sicurezza e Privacy
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 25 ospiti