Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

controllo log di OTL va bene? Opzioni
sangenox
Inviato: Saturday, February 15, 2014 10:00:25 PM
Rank: AiutAmico

Iscritto dal : 1/3/2014
Posts: 37
Ciao, avevo dei problemi con delle toolbar e rootkit installati nel pc, ho eseguito tutti i programmi come da guida e adesso sembra vada meglio ma se c'è qualcosaltro da eliminare vi posto il log di OTL per essere sicuri che tutto è ok....Grazie per l'aiuto

OTL logfile created on: 15/02/2014 21.43.28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Katia\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 85,21% Memory free
4,83 Gb Paging File | 4,43 Gb Available in Paging File | 91,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 223,06 Gb Total Space | 199,87 Gb Free Space | 89,60% Space Free | Partition Type: FAT32

Computer Name: NOME-31F6BBE21D | User Name: Katia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\acovcnt.exe ()
PRC - C:\Documents and Settings\Katia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\Alice MOBILE E1692\Alice MOBILE E1692.exe ()
PRC - C:\Programmi\Atheros\ACU.exe (Atheros Communications, Inc.)
PRC - C:\WINDOWS\system32\acs.exe (Atheros)
PRC - C:\Programmi\Java\jre1.6.0_07\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programmi\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programmi\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Programmi\Wireless Console 2\wcourier.exe ()
PRC - C:\WINDOWS\system32\ACEngSvr.exe (ASUSTeK)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\acovcnt.exe ()
MOD - C:\Programmi\Alice MOBILE E1692\NetInfoPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\Alice MOBILE E1692.exe ()
MOD - C:\Programmi\Alice MOBILE E1692\DialUpPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\NDISAPI.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\LocaleMgrPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\SMSPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\NotifyServicePlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\ConfigFilePlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\DeviceMgrPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\DeviceMgrUIPlugin.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\XCodec.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\DeviceOperate.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\DetectDev.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\atcomm.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\isaputrace.dll ()
MOD - C:\Programmi\Alice MOBILE E1692\FileManager.dll ()
MOD - C:\Programmi\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Programmi\Wireless Console 2\wcourier.exe ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AVGIDSAgent) -- C:\Programmi\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (ASUSProcObsrv) -- D:\I386\AsProcOb.sys File not found
DRV - (ASNDIS5) -- C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS File not found
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\WINDOWS\system32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\WINDOWS\system32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys (ATK0100)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-842820990-167680326-3391836187-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-842820990-167680326-3391836187-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-842820990-167680326-3391836187-1005\..\SearchScopes\{2AA27DC8-97A8-4BA3-AA87-2888BD57FAA4}: "URL" = http://www.google.it/search?hl=it&q={searchTerms}&meta=
IE - HKU\S-1-5-21-842820990-167680326-3391836187-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Drive = C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2009/03/25 16.18.54 | 000,303,878 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10468 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ACU] C:\Programmi\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_UI] C:\Programmi\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programmi\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programmi\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-842820990-167680326-3391836187-1005..\Run: [Mobile Partner] C:\Programmi\Alice MOBILE E1692\Alice MOBILE E1692.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842820990-167680326-3391836187-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.168.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C446C0B3-A5F3-47D5-AC19-C86E55ACA5DF}: DhcpNameServer = 192.168.168.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/25 18.35.52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{81d34856-ea5f-11de-8c85-0015afe13ce9}\Shell - "" = AutoRun
O33 - MountPoints2\{81d34856-ea5f-11de-8c85-0015afe13ce9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b15b6a1c-f654-11de-8c87-0015afe13ce9}\Shell - "" = AutoRun
O33 - MountPoints2\{b15b6a1c-f654-11de-8c87-0015afe13ce9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fdc7c440-f6b3-11de-8c89-0015afe13ce9}\Shell - "" = AutoRun
O33 - MountPoints2\{fdc7c440-f6b3-11de-8c89-0015afe13ce9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/02/15 21.29.26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/02/15 21.23.05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Katia\Desktop\OTL.exe
[2014/02/15 21.18.46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/15 20.28.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Dati applicazioni\Malwarebytes
[2014/02/15 20.28.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2014/02/15 20.28.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014/02/15 20.28.08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/02/15 20.28.08 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2014/02/15 20.27.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Dati applicazioni\WinRAR
[2014/02/15 20.26.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Menu Avvio\Programmi\WinRAR
[2014/02/15 20.26.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinRAR
[2014/02/15 20.25.54 | 000,000,000 | ---D | C] -- C:\Programmi\WinRAR
[2014/02/15 20.13.53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Katia\Recent
[2014/02/15 20.02.16 | 000,000,000 | ---D | C] -- C:\Programmi\CCleaner
[2014/02/15 19.14.37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/15 17.49.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Dati applicazioni\AVG2014
[2014/02/15 17.49.29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Avg2014
[2014/02/15 17.49.05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Dati applicazioni\TuneUp Software
[2014/02/15 17.49.05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVG
[2014/02/15 17.48.43 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014/02/15 17.48.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2014/02/15 17.43.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Avg2014
[2014/02/15 17.42.52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/02/15 17.42.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\MFAData
[2014/02/15 17.42.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Avg2013
[2014/01/19 21.46.54 | 000,022,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[2014/01/04 17.58.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Temp
[2014/01/04 17.58.17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\Facebook
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\*.tmp files -> C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/02/15 21.37.42 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\acovcnt.exe
[2014/02/15 21.23.08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Katia\Desktop\OTL.exe
[2014/02/15 21.21.40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/15 21.21.02 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/15 21.20.58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/15 21.05.02 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/15 20.28.12 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/15 20.02.20 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/02/15 19.27.08 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{47F67E77-5190-4502-ABD2-5ED2481C2497}.job
[2014/02/15 17.49.06 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2014/02/13 22.45.04 | 000,490,070 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/02/13 22.45.04 | 000,441,880 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/02/13 22.45.04 | 000,084,776 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/02/13 22.45.04 | 000,071,816 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/02/06 03.55.58 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014/02/06 03.55.58 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014/02/06 00.20.06 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014/02/06 00.20.02 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014/02/06 00.20.02 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014/02/06 00.20.00 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014/02/06 00.20.00 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014/02/06 00.19.58 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014/02/06 00.19.56 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014/02/06 00.19.56 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014/02/06 00.19.54 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014/02/06 00.19.52 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014/02/06 00.19.32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014/02/06 00.19.32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014/02/06 00.19.32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014/02/06 00.19.32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014/02/06 00.19.30 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014/02/06 00.19.30 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014/02/06 00.19.30 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014/02/06 00.19.30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014/02/06 00.19.30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014/02/06 00.19.30 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014/02/06 00.19.30 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014/02/06 00.19.28 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014/02/06 00.19.24 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014/02/06 00.19.24 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014/02/06 00.19.22 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014/02/06 00.18.50 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014/02/06 00.18.46 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014/02/06 00.18.46 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014/02/06 00.18.44 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014/02/06 00.18.44 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014/02/05 23.25.56 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014/02/04 17.02.54 | 000,001,679 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/01/19 21.46.54 | 000,022,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[2014/01/04 04.12.52 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2013/12/19 21.22.44 | 000,002,274 | ---- | M] () -- C:\Documents and Settings\Katia\Documenti\Nuovo OpenDocument - Foglio elettronico.ods
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\*.tmp files -> C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/15 20.28.10 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/15 20.02.18 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/02/15 17.49.05 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/12/19 21.22.42 | 000,002,274 | ---- | C] () -- C:\Documents and Settings\Katia\Documenti\Nuovo OpenDocument - Foglio elettronico.ods
[2012/03/05 13.07.13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/04/10 22.37.37 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/25 19.00.06 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Katia\Impostazioni locali\Dati applicazioni\fusioncache.dat

========== ZeroAccess Check ==========

[2009/03/25 18.47.06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11.51.44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/04/08 21.41.06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonBJ
[2009/04/08 21.53.18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJMyPrinter
[2009/04/08 21.53.36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJSolutionMenu
[2009/04/08 22.48.38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJScan
[2009/04/08 22.49.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJ
[2009/04/10 21.46.30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJEPPEX
[2009/05/05 16.56.18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\CanonIJEGV
[2011/02/16 09.18.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Temp
[2011/02/16 09.18.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2014/02/15 17.42.52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/02/15 17.48.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2009/03/25 16.24.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\Canneverbe_Limited
[2009/03/25 16.26.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\OpenOffice.org
[2009/04/08 22.48.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\Canon
[2013/11/08 15.31.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\Mikrotik
[2014/02/15 17.49.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\TuneUp Software
[2014/02/15 17.49.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katia\Dati applicazioni\AVG2014

========== Purity Check ==========



< End of report >
Sponsor
Inviato: Saturday, February 15, 2014 10:00:25 PM

 
sangenox
Inviato: Sunday, February 16, 2014 12:12:14 PM
Rank: AiutAmico

Iscritto dal : 1/3/2014
Posts: 37
ragazzi mi date un'occhiata...
r16
Inviato: Sunday, February 16, 2014 1:54:47 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Carica questo file su VirusTotal:

https://www.virustotal.com/

acovcnt.exe

E clicca "Scansiona".

Finita la scansione ti appare un report: postalo qui.

sangenox
Inviato: Sunday, February 16, 2014 2:43:46 PM
Rank: AiutAmico

Iscritto dal : 1/3/2014
Posts: 37
r16
Inviato: Sunday, February 16, 2014 3:14:39 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Il file che ritenevo sospetto, sembra pulito.
Il resto del log di OTL, non presenta infezioni attive.
sangenox
Inviato: Sunday, February 16, 2014 3:50:10 PM
Rank: AiutAmico

Iscritto dal : 1/3/2014
Posts: 37
ok grazie
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.