pidue ha scritto:Ciao, rita, dal log non si evince nulla.
Scarica
VirIt , installalo e aggiornalo. Fai due scansioni in modalità provvisoria e pubblica il rapporto.
Scarica
Combofix , salvalo sul desktop, disabilita l'antivirus e chiudi la connessione a internet.
Lancialo in
mod normale e segui scrupolosamente le istruzioni a video.
Al termine, verrà creato un log in C:\ComboFix.txt che tu pubblicherai.
Ho eseguito tutto come mi hai suggerito. Quelle scansioni lunghissime in mod.provvisoria
Be' sono reperibile per cui non importa se sono rimasta in piedi con gli occhi al pc e l 'orecchio al tel. Allora, di seguito trovi i rapporti di entrambe le scansioni.Al completamento di Combofix (non dispongo di una consolle di ripristino d'emergenza, io non l'ho installata, come il prog mi ha chiesto, dovevo??) in basso e' venuta fuori l'iconcina di SpYbot, quella con il lucchetto,a segnalare 120929 processi inseriti nella lista nera
.Ho pensato cosi' di fare una scansione anche con Spy: Chiave di registro Drive Cleaner 2006 HKEY-CLASSES-ROOT\CLSID\INPROC SERVER 32.Questo e' cio' che ha rilevato.
Hai per caso letto nella sez dedicata a WIN XP un mio post, di qualche giorno fa, riguardo a problemi che ho nella visualizzazione in IE? Puo' essere tutto correlato?
. Ti ringrazio tantissimo ma tantissimo.
Buona giornata!
Rapporto VirItVirIT eXplorer Lite Log
[SCANSIONE DELLA MEMORIA]
[SCANSIONE DELLA MEMORIA]
OK
21/01/2009 - 22:16:49
[SCANSIONE DEL REGISTRO]
OK
[A:]
BOOT SECTOR: OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
C:\Programmi\Microsoft AntiSpyware\gcASSoapLib.dll Infetto da Trojan.Win32.Vundo.FQ
* * * RIMOSSO * * *
C:\System Volume Information\_restore{CD748773-6157-4EB2-A650-5996436AC5CB}\RP562\A0114402.dll Infetto da Trojan.Win32.Vundo.FQ
* * * RIMOSSO * * *
[D:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[E:]
[F:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[H:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
Chiavi Registro infette: 0.
Files Infetti: 2.
Files Sospetti: 0.
Files Analizzati: 149271.
Files Totali: 149271.
Chiavi Registro rimosse: 0.
Virus Rimossi: 2.
22/01/2009 - 01:17:13
[SCANSIONE DEL REGISTRO]
OK
[A:]
BOOT SECTOR: OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[D:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[E:]
[F:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[H:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 149277.
Files Totali: 149277.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
Rapporto CombofixComboFix 09-01-21.02 - Rita 2009-01-22 4.41.29.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1023.544 [GMT 1:00]
Eseguito da: c:\documents and settings\Rita\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *enabled*
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Downloaded Program Files\qy60q3v
.
((((((((((((((((((((((((( Files Creati Da 2008-12-22 al 2009-01-22 )))))))))))))))))))))))))))))))))))
.
2009-01-21 22:01 . 2008-03-17 19:23 39,808 --a------ c:\windows\system32\drivers\VIRAGTLT.SYS
2009-01-21 22:00 . 2009-01-22 00:03 <DIR> d-------- C:\VEXPLITE
2009-01-18 18:21 . 2009-01-18 18:21 <DIR> d-------- c:\programmi\File comuni\Acronis
2009-01-18 18:21 . 2009-01-18 18:21 <DIR> d-------- c:\programmi\Acronis
2009-01-18 18:21 . 2009-01-18 18:21 211,520 --a------ c:\windows\system32\drivers\timntr.sys
2009-01-18 18:21 . 2009-01-18 18:21 126,976 --a------ c:\windows\system32\snapapi.dll
2009-01-18 18:21 . 2009-01-18 18:21 82,464 --a------ c:\windows\system32\drivers\snapman.sys
2009-01-18 18:21 . 2009-01-18 18:21 37,888 --a------ c:\windows\system32\setupnt.dll
2009-01-18 18:21 . 2009-01-18 18:21 28,896 --a------ c:\windows\system32\drivers\tifsfilt.sys
2009-01-15 17:47 . 2009-01-15 17:47 <DIR> d-------- C:\9640daa3fe6febe430072acecc4b54
2009-01-14 19:38 . 2009-01-15 18:25 1,374 --a------ c:\windows\imsins.BAK
2009-01-12 19:34 . 2009-01-12 19:34 <DIR> d-------- c:\programmi\AMS Photo Effects
2008-12-31 17:51 . 2009-01-01 10:08 <DIR> d-------- c:\programmi\Spybot - Search & Destroy
2008-12-28 12:37 . 2008-12-28 12:37 <DIR> d-------- c:\windows\Samsung
2008-12-28 12:37 . 2008-03-11 03:17 479,232 --a------ c:\windows\ssndii.exe
2008-12-28 12:37 . 2008-01-10 14:39 44,544 --a------ c:\windows\system32\msxml4a.dll
2008-12-28 12:37 . 2008-01-10 14:39 21,776 --a------ c:\windows\system32\msxml2a.dll
2008-12-28 12:36 . 2008-01-10 13:15 151,552 --a------ c:\windows\system32\ssp2mci.exe
2008-12-28 12:36 . 2008-01-10 13:15 65,536 --a------ c:\windows\system32\ssp2mci.dll
2008-12-28 12:36 . 2008-01-10 13:17 22,723 --a------ c:\windows\system32\ssp2ml3.dll
2008-12-28 12:36 . 2008-01-10 13:17 361 --a------ c:\windows\system32\ssp2ml3.smt
2008-12-28 12:35 . 2008-12-28 12:35 <DIR> d-------- c:\windows\system32\drivers\Samsung
2008-12-28 12:35 . 2008-12-28 12:59 <DIR> d-------- c:\programmi\Samsung
2008-12-28 12:35 . 2008-01-10 02:34 41,984 --------- c:\windows\system32\drivers\DGIVECP.SYS
2008-12-28 12:35 . 2008-01-10 02:33 11,502 --------- c:\windows\Dr. Printer Icon.ico
2008-12-28 12:34 . 2008-04-13 20:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-28 12:34 . 2008-04-13 20:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-26 12:28 . 2008-12-26 12:28 <DIR> dr------- c:\documents and settings\NetworkService.NT AUTHORITY\Preferiti
2008-12-26 01:29 . 2008-12-26 01:29 <DIR> d-------- c:\programmi\Free WMA to MP3 Converter
2008-12-26 01:18 . 2008-12-26 01:18 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
2008-12-26 01:18 . 2008-12-26 01:18 3,396 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-22 03:27 --------- d-----w c:\documents and settings\All Users.WINDOWS\Dati applicazioni\Symantec
2009-01-21 22:14 --------- d-----w c:\programmi\Microsoft AntiSpyware
2009-01-21 21:01 --------- d-----w c:\programmi\File comuni\Symantec Shared
2009-01-18 23:16 6,580 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-01-06 01:04 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-06 01:04 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-06 01:04 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-06 01:04 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-06 01:04 --------- d-----w c:\programmi\Symantec
2009-01-03 19:59 --------- d-----w c:\programmi\CrossLoop
2009-01-01 22:34 --------- d-----w c:\programmi\File comuni\Adobe
2008-12-31 17:21 --------- d-----w c:\documents and settings\All Users.WINDOWS\Dati applicazioni\Spybot - Search & Destroy
2008-12-28 11:59 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-12-26 00:18 10,886,008 ----a-w c:\windows\system32\SpoonUninstall.exe
2008-12-22 22:23 --------- d-----w c:\documents and settings\Rita\Dati applicazioni\Alien Skin
2008-12-19 20:04 --------- d-----w c:\programmi\UltraVNC
2008-12-15 14:13 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-15 14:13 --------- d-----w c:\programmi\Java
2008-12-12 20:10 --------- d-----w c:\programmi\Xvid
2008-12-11 19:49 --------- d-----w c:\programmi\Telecom Italia
2008-12-11 19:48 --------- d-----w c:\programmi\Alice ti aiuta
2008-12-11 19:47 --------- d-----w c:\programmi\Motive
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-04 20:46 180,224 ----a-w c:\windows\system32\xvidvfw.dll
2008-12-04 20:42 815,104 ----a-w c:\windows\system32\xvidcore.dll
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-07-27 18:38 48,880 ----a-w c:\documents and settings\Rita\Dati applicazioni\GDIPFONTCACHEV1.DAT
2008-04-09 20:11 357,768 ----a-w c:\documents and settings\Rita\SymXPep2.dll
2006-01-28 13:10 48,496 ----a-w c:\documents and settings\user\Dati applicazioni\GDIPFONTCACHEV1.DAT
2008-01-04 19:03 88 --sh--r c:\windows\system32\650E5BBDAD.sys
2006-09-14 19:59 56 --sh--r c:\windows\system32\A58BD5A46F.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"ccApp"="c:\programmi\File comuni\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"osCheck"="c:\programmi\Norton Internet Security\osCheck.exe" [2007-01-14 771704]
"Symantec PIF AlertEng"="c:\programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"VIRIT LITE MONITOR"="c:\vexplite\MONLITE.EXE" [2009-01-21 249856]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Avvio^Programmi^Esecuzione automatica^Device Detector 3.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]
--a------ 2006-11-21 15:26 936960 c:\progra~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\McciTrayApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe]
--a------ 2002-12-06 16:07 617984 c:\program files\ASUS\Probe\AsusProb.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
--a------ 2007-10-30 19:52 16200 c:\programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 03:14 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2006-04-21 15:41 438359 c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE]
--------- 1998-07-03 11:51 25088 c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
--a------ 2008-04-14 06:19 536576 c:\windows\Samsung\PanelMgr\SSMMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 c:\programmi\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-12-15 15:13 136600 c:\programmi\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImLc.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\HelpCtr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16525:UDP"= 16525:UDP:Rosso Alice UDP
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRAGTLT.SYS [2009-01-21 39808]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-25 99376]
R4 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-12-11 8192]
R4 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;c:\programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-04-09 554352]
R4 viritsvclite;Virit eXplorer Lite;c:\vexplite\viritsvc.exe [2007-10-10 57344]
R4 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2008-08-19 6016]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-08-19 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-07-15 7680]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2008-08-19 23296]
S4 SSPORT;SSPORT; [x]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - COMHOST
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd5e0072-6ab9-11dd-a150-0015e9f10984}]
\Shell\Auto\command - Start.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
.
Contenuto della cartella 'Scheduled Tasks'
2008-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
2009-01-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
2009-01-16 c:\windows\Tasks\Norton Internet Security - Scansione completa sistema - Rita.job
- c:\programmi\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 02:09]
2009-01-20 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe []
2009-01-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe []
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: &Add animation to IncrediMail Style Box - c:\progra~1\INCRED~1\bin\resources\WebMenuImg.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Post Image to Blog - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5003
IE: Scarica con Download &Express - c:\programmi\Download Express\Add_Url.htm
IE: Tag This Image - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5002
IE: Translate Page -
http://www.geocities.com/mockba80/translate1.0.txtIE: Transload Image to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5004
IE: Upload All Images to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5000
IE: Upload Image to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5001
Trusted Zone: rossoalice.it
Trusted Zone: virgilio.it\www
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
DPF: Microsoft XML Parser for Java
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-22 04:48:13
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1715567821-343818398-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91E308A6-1BB7-6A37-F082-ADE8D45B519B}*]
"oakheeeggdhiicjjejalofmbaemeai"=hex:6a,61,70,69,61,63,70,6f,6a,62,62,64,61,70,
70,67,62,6e,64,67,00,fd
"naeiokfikedhmjgkbaleegobmhfc"=hex:6a,61,70,69,61,63,70,6f,6a,62,62,64,61,70,
70,67,62,6e,64,67,00,fd
"oaogalgamdpbiachjlmojkhnkalmik"=hex:63,61,6f,69,69,62,00,7c
.
Ora fine scansione: 2009-01-22 4.52.21
ComboFix-quarantined-files.txt 2009-01-22 03:52:17
Pre-Run: 44.909.973.504 byte disponibili
Post-Run: 45,522,595,840 byte disponibili
232 --- E O F --- 2009-01-15 17:25:56
