Rank: AiutAmico
Iscritto dal : 5/16/2003 Posts: 128
|
salve a tutti, ho un problema con un pc con win7 che presenta l'errore bsod con 0x0000006b. riesco a farlo ripartire solo quando copio il file bootcat.cache da un pc funzionante, però mi crea dei problemi. il problema è che se lo spengo e poi lo riaccendo, lo uso tranquillamente, ma se lo riavvio, va in crash. ho fatto scansione con combofix e ha rilevato dei virus ma non so come eliminarli. allego log.
ComboFix 12-02-11.02 - FILIPPO 11/02/2012 16:26:18.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3070.2123 [GMT 1:00] Eseguito da: c:\users\FILIPPO\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\System32\PresentationHost.exe . . . è infetto!! . c:\windows\System32\sdclt.exe . . . è infetto!! . c:\windows\System32\migwiz\PostMig.exe . . . è infetto!! . c:\windows\System32\Speech\SpeechUX\SpeechUXTutorial.exe . . . è infetto!! . c:\windows\System32\spool\tools\PrintBrmEngine.exe . . . è infetto!! . c:\windows\system32\d3d9.dll . . . è infetto!! . . ((((((((((((((((((((((((( Files Creati Da 2012-01-11 al 2012-02-11 ))))))))))))))))))))))))))))))))))) . . 2012-02-11 15:41 . 2012-02-11 15:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-11 14:32 . 2012-02-11 14:32 -------- d-----w- c:\windows\system32\EventProviders 2012-02-10 16:51 . 2012-02-10 16:51 -------- d-----w- c:\windows\CheckSur 2012-02-10 16:45 . 2011-10-15 08:53 487232 ----a-w- c:\windows\system32\nvhotkey.dll 2012-02-10 16:45 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll 2012-02-10 16:45 . 2011-10-15 08:53 1136448 ----a-w- c:\windows\system32\nvvsvc.exe 2012-02-10 16:45 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll 2012-02-10 16:45 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll 2012-02-10 16:45 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll 2012-02-10 16:45 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll 2012-02-10 16:45 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll 2012-02-10 11:10 . 2012-02-10 11:30 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\Wise Registry Cleaner 2012-02-10 11:10 . 2012-02-10 11:10 -------- d-----w- c:\program files\Wise Registry Cleaner 2012-02-09 12:08 . 2012-02-09 12:08 -------- d-----w- c:\users\FILIPPO\AppData\Local\VirtualStore 2012-02-06 09:17 . 2012-02-06 09:17 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2012-02-06 09:17 . 2012-02-06 09:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-02-06 09:13 . 2009-11-21 02:34 182888 ----a-w- c:\windows\system32\nvcod178.dll 2012-02-05 11:02 . 2010-11-20 21:29 153984 ----a-w- c:\windows\system32\drivers\pci.sys 2012-02-02 01:38 . 2012-02-02 01:38 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{81FD3E5E-324B-413B-B690-82778599D263}\offreg.dll 2012-02-02 01:37 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{81FD3E5E-324B-413B-B690-82778599D263}\mpengine.dll 2012-01-27 17:17 . 2012-01-27 17:17 -------- d-----w- c:\windows\Sun 2012-01-25 14:04 . 2012-01-25 14:04 -------- d-----w- c:\program files\1ClickDownload 2012-01-18 20:39 . 2012-01-18 20:39 -------- d-----r- c:\users\FILIPPO\AppData\Roaming\Brother 2012-01-18 20:26 . 2012-01-18 20:26 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\FLEXnet 2012-01-18 20:26 . 2012-01-18 20:27 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\ControlCenter4 2012-01-18 20:19 . 2012-01-18 20:19 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\InstallShield 2012-01-18 20:18 . 2012-01-18 20:18 -------- d-----w- c:\programdata\zeon 2012-01-18 20:17 . 2012-01-18 20:17 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\Nuance 2012-01-18 20:17 . 2012-01-18 20:17 -------- d-----w- c:\programdata\ScanSoft 2012-01-18 20:17 . 2012-01-18 20:19 -------- d-----w- c:\program files\Nuance 2012-01-18 20:17 . 2012-01-18 20:17 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2012-01-18 20:17 . 2012-01-18 20:17 -------- d-----w- c:\programdata\FLEXnet 2012-01-18 20:17 . 2012-01-18 20:29 -------- d-----w- c:\programdata\Nuance 2012-01-18 20:14 . 2012-01-18 20:22 -------- d-----w- c:\programdata\Brother 2012-01-18 10:42 . 2012-01-18 10:42 53248 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\msihook.dll 2012-01-18 10:42 . 2012-01-18 10:42 126976 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\knlwrap.exe 2012-01-18 10:42 . 2012-01-18 10:42 114688 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\scpthdlr.dll 2012-01-18 10:41 . 1999-05-26 08:46 212480 ----a-w- c:\windows\pcdlib32.dll 2012-01-18 10:41 . 1996-06-30 23:00 77312 ----a-w- c:\windows\system32\TWAIN_32.DLL 2012-01-18 10:41 . 1995-07-31 12:44 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL 2012-01-18 10:41 . 2012-01-18 10:41 -------- d-----w- c:\program files\ArcSoft 2012-01-18 10:41 . 2001-09-05 04:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2012-01-18 10:41 . 2001-09-05 04:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll 2012-01-18 10:41 . 2001-09-05 04:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2012-01-18 10:41 . 2001-09-05 04:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2012-01-18 10:40 . 2012-02-09 12:14 -------- d-----w- C:\CanoScan 2012-01-18 10:40 . 2002-05-24 02:04 389180 ----a-w- c:\windows\system32\UCS32P.DLL 2012-01-15 14:01 . 2012-01-15 14:01 -------- d-----w- c:\program files\Google 2012-01-14 23:32 . 2012-01-14 23:32 -------- d-----w- c:\programdata\DivX 2012-01-14 20:21 . 2012-01-14 20:21 -------- d-----w- c:\program files\Veetle 2012-01-14 17:53 . 2012-01-14 17:53 -------- d--h--w- c:\programdata\CanonBJ 2012-01-14 17:53 . 2009-07-14 01:15 70144 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNBPP3.DLL 2012-01-14 17:09 . 2012-01-14 17:09 -------- d-----w- c:\program files\uTorrent 2012-01-14 17:08 . 2012-02-06 08:42 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\uTorrent 2012-01-14 12:50 . 2012-01-14 18:38 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\Windows Live Writer 2012-01-14 12:50 . 2012-01-14 12:50 -------- d-----w- c:\users\FILIPPO\AppData\Local\Windows Live Writer 2012-01-14 12:48 . 2012-01-14 12:48 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\c7f2e7911ccd2ba04\MeshBetaRemover.exe 2012-01-14 12:44 . 2012-01-16 08:03 -------- d-----w- c:\users\FILIPPO\AppData\Local\Adobe 2012-01-14 12:43 . 2012-01-15 14:02 -------- d-----w- c:\users\FILIPPO\AppData\Local\Google 2012-01-14 12:43 . 2012-01-14 12:43 -------- d-----w- c:\users\FILIPPO\AppData\Local\Deployment 2012-01-14 12:43 . 2012-01-14 12:43 -------- d-----w- c:\users\FILIPPO\AppData\Local\Apps 2012-01-13 20:47 . 2012-01-13 20:47 -------- d-----w- c:\program files\CCleaner 2012-01-13 14:12 . 2012-01-13 14:28 -------- d-----w- c:\windows\Acronis 2012-01-13 14:09 . 2012-01-13 14:09 -------- d-----w- c:\users\FILIPPO\AppData\Local\LogMeIn 2012-01-13 14:09 . 2012-01-31 20:30 52096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2012-01-13 14:09 . 2012-01-31 20:30 30592 ----a-w- c:\windows\system32\LMIport.dll 2012-01-13 14:09 . 2012-01-31 20:30 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-01-13 14:09 . 2011-09-16 14:10 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys 2012-01-13 14:09 . 2012-01-31 20:30 87424 ----a-w- c:\windows\system32\LMIinit.dll 2012-01-13 14:09 . 2012-02-11 08:50 -------- d-----w- c:\programdata\LogMeIn 2012-01-13 14:09 . 2012-02-10 10:49 -------- d-----w- c:\program files\LogMeIn 2012-01-13 12:17 . 2012-02-10 16:44 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-01-13 12:16 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-01-13 12:16 . 2011-10-15 08:53 877376 ----a-w- c:\windows\system32\nvgenco32.dll 2012-01-13 12:16 . 2011-10-15 08:53 919872 ----a-w- c:\windows\system32\nvdispco32.dll 2012-01-13 12:16 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll 2012-01-13 12:11 . 2012-02-10 16:45 -------- d-----w- c:\program files\NVIDIA Corporation 2012-01-13 12:09 . 2012-02-06 09:17 -------- d-----w- C:\NVIDIA 2012-01-13 11:34 . 2012-01-13 11:34 -------- d-----w- c:\users\FILIPPO\AppData\Local\ESET 2012-01-13 10:38 . 2012-01-14 17:24 -------- d-----w- c:\users\FILIPPO\AppData\Local\Ahead 2012-01-13 10:26 . 2012-01-14 17:25 -------- d-----w- c:\users\FILIPPO\AppData\Roaming\Ahead 2012-01-13 10:26 . 2012-01-13 10:26 -------- d-----w- c:\programdata\Ahead 2012-01-13 10:25 . 2012-01-13 10:26 -------- d-----w- c:\program files\Common Files\Ahead 2012-01-13 10:25 . 2012-01-13 10:25 -------- d-----w- c:\programdata\Nero 2012-01-13 10:25 . 2012-01-13 10:25 -------- d-----w- c:\program files\Nero 2012-01-13 09:54 . 2012-02-05 11:48 1038848 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-13 09:54 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-13 09:54 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-01-13 09:54 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys 2012-01-13 09:54 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll 2012-01-13 09:54 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll 2012-01-13 09:54 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll 2012-01-13 09:54 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll 2012-01-13 09:54 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll 2012-01-13 09:54 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe 2012-01-13 09:16 . 2012-01-18 20:15 -------- d-----w- c:\program files\MSXML 4.0 2012-01-13 09:12 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll 2012-01-13 09:12 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-01-13 09:12 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll 2012-01-13 09:12 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-11 09:27 . 2011-06-14 17:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-05 11:52 . 2009-07-13 23:32 50688 ----a-w- c:\windows\system32\psbase.dll 2012-02-05 11:51 . 2009-07-13 23:54 90624 ----a-w- c:\windows\system32\rasauto.dll 2012-02-05 11:50 . 2009-07-13 23:21 526848 ----a-w- c:\windows\system32\ntvdm.exe 2012-02-05 11:45 . 2009-07-13 23:27 531968 ----a-w- c:\windows\system32\ddraw.dll 2012-02-05 11:45 . 2010-11-20 21:29 551424 ----a-w- c:\windows\system32\samsrv.dll 2012-02-05 11:45 . 2009-07-13 23:12 191488 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-02-05 11:44 . 2011-06-14 17:12 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-02-05 11:44 . 2010-11-20 21:29 1414144 ----a-w- c:\windows\system32\ole32.dll 2012-01-12 11:47 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-01-12 11:21 . 2011-06-14 17:39 544656 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr 2011-12-07 09:08 . 2011-06-14 16:52 236576 ------w- c:\windows\system32\MpSigStub.exe 2011-11-24 04:25 . 2011-12-31 17:23 2342912 ----a-w- c:\windows\system32\win32k.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-07-13 . ADD2ADE1C2B285AB8378D2DAAF991481 . 17920 . . [6.1.7600.16385] . . c:\windows\System32\drivers\asyncmac.sys [-] 2009-07-13 . ADD2ADE1C2B285AB8378D2DAAF991481 . 17920 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_242e2506962cd3e0\asyncmac.sys . [-] 2009-07-13 . 505506526A9D467307B3C393DEDAF858 . 6144 . . [6.1.7600.16385] . . c:\windows\System32\drivers\beep.sys [-] 2009-07-13 . 505506526A9D467307B3C393DEDAF858 . 6144 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys . [-] 2009-07-13 . F9756A98D69098DCA8945D62858A812C . 4608 . . [6.1.7600.16385] . . c:\windows\System32\drivers\null.sys [-] 2009-07-13 . F9756A98D69098DCA8945D62858A812C . 4608 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_a93c43a07c50a038\null.sys . [-] 2009-07-14 . 7CCCFCA7510684768DA22092D1FA4DB2 . 280576 . . [6.1.7600.16385] . . c:\windows\System32\netman.dll [-] 2009-07-14 . 7CCCFCA7510684768DA22092D1FA4DB2 . 280576 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll . [-] 2009-07-14 . 808D8A8B2A3074002852BC856D419576 . 1297408 . . [2001.12.8530.16385] . . c:\windows\System32\comres.dll [-] 2009-07-14 . 808D8A8B2A3074002852BC856D419576 . 1297408 . . [2001.12.8530.16385] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll . [-] 2010-11-20 . 0AFBE7743E05C20E0D012EE6FE60F0CC . 585728 . . [7.5.7600.16385] . . c:\windows\System32\qmgr.dll [-] 2010-11-20 . 0AFBE7743E05C20E0D012EE6FE60F0CC . 585728 . . [7.5.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll . [-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] . . c:\windows\System32\es.dll [-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll . [-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] . . c:\windows\System32\cngaudit.dll [-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll . [-] 2009-07-14 . CB9A8683F4EF2BF99E123D79950D7935 . 112640 . . [6.1.7600.16385] . . c:\windows\System32\regsvc.dll [-] 2009-07-14 . CB9A8683F4EF2BF99E123D79950D7935 . 112640 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_893c5bdce4cae672\regsvc.dll . [-] 2009-07-14 . D887C9FD02AC9FA880F6E5027A43E118 . 162816 . . [6.1.7600.16385] . . c:\windows\System32\ssdpsrv.dll [-] 2009-07-14 . D887C9FD02AC9FA880F6E5027A43E118 . 162816 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_7f9fc90f328bdf26\ssdpsrv.dll . [-] 2009-07-14 . 6383C60EC0133B14F5705F96369421B2 . 288256 . . [6.1.7600.16385] . . c:\windows\System32\hnetcfg.dll [-] 2009-07-14 . 6383C60EC0133B14F5705F96369421B2 . 288256 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_b00c9bd7f5ed1c02\hnetcfg.dll . [-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] . . c:\windows\System32\upnphost.dll [-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_c1be8a9895d79340\upnphost.dll . [-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] . . c:\windows\System32\dsound.dll [-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll . [-] 2010-11-20 . C9D89535F7959A7F6988BBAFB464D236 . 1828352 . . [6.1.7601.17514] . . c:\windows\System32\d3d9.dll [-] 2010-11-20 . C9D89535F7959A7F6988BBAFB464D236 . 1828352 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll . [-] 2012-02-05 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] . . c:\windows\System32\ddraw.dll [-] 2012-02-05 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll . [-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] . . c:\windows\System32\perfctrs.dll [-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_314993e6be6d6809\perfctrs.dll . [-] 2009-07-14 . 55187FD710E27D5095D10A472C8BAF1C . 288768 . . [6.1.7600.16385] . . c:\windows\System32\w32time.dll [-] 2009-07-14 . 55187FD710E27D5095D10A472C8BAF1C . 288768 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_887db9d2ce9e3aa0\w32time.dll . [-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] . . c:\windows\System32\midimap.dll [-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] 2011-03-31 20:45 286208 ----a-w- c:\program files\Classic Shell\ClassicIE9DLL_32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay] @="{594D4122-1F87-41E2-96C7-825FB4796516}" [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}] 2011-03-31 20:45 501760 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-12-20 2696512] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2011-03-31 91648] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-09-16 63048] "ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2010-10-26 139264] "BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-11-01 22:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-05-16 08:27 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] 2010-03-08 23:37 46368 ----a-w- c:\program files\Nuance\PaperPort\IndexSearch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] 2009-05-05 15:06 222496 ----a-w- c:\programdata\FLEXnet\Connect\11\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] 2010-03-08 23:42 29984 ----a-w- c:\program files\Nuance\PaperPort\pptd40nt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller] 2010-03-05 18:11 62752 ----a-w- c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook] 2010-03-05 19:11 636192 ----a-w- c:\program files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort12reminder] 2010-02-09 12:42 328992 ----a-w- c:\program files\Nuance\PaperPort\Ereg\Ereg.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [x] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2012-01-31 374152] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2011-09-16 12856] S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672] S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760] S3 netw5v32;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 32 bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 RTL8167;Driver Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] . . Contenuto della cartella 'Scheduled Tasks' . 2012-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-710450500-849374731-4109036366-1000Core.job - c:\users\FILIPPO\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 12:43] . 2012-02-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-710450500-849374731-4109036366-1000UA.job - c:\users\FILIPPO\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 12:43] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: {{56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\program files\Classic Shell\ClassicIE9_32.exe TCP: DhcpNameServer = 192.168.10.1 . - - - - CHIAVI ORFANE RIMOSSE - - - - . MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\wxpSvc] "ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000410 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{BCB0D944-D27E-451C-A1A5-F31C7589F14E}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.67.10" "UniqueId"="0055E8AA4F1015EE" "ScannerBuild"=dword:00001fb5 "ScannerVersionId"=dword:000015d7 "ScannerVersion"="Open window for status." "ei2"=hex(b):56,2d,f4,ba,a4,6c,a7,2d "ei1"=hex(b):00,1e,68,7f,3c,5b,00,00 "ei3"=hex(b):20,16,10,4f,00,00,00,00 "ei4"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'lsass.exe'(496) c:\windows\system32\pku2u.DLL . Ora fine scansione: 2012-02-11 16:57:46 ComboFix-quarantined-files.txt 2012-02-11 15:57 . Pre-Run: 44.725.489.664 byte disponibili Post-Run: 53.036.052.480 byte disponibili . - - End Of File - - 51137A445C493B5FE83DA9180042ABAD
|
Rank: AiutAmico
Iscritto dal : 11/8/2008 Posts: 13,964
|
Prova questa scansione: Vai su Start/Esegui e digita MRT e dai ok, nella finestra successiva scegliere analisi completa, avvia, se chiede di eliminare dei file acconsenti, alla fine verrà rilasciato un file coi risultati.
|