Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Interpretazione log Combofix e eliminazione file Opzioni
rocco1
Inviato: Sunday, September 13, 2009 4:16:08 PM
Rank: AiutAmico

Iscritto dal : 6/5/2009
Posts: 69
Avendo riscontrato ripetuti errori nelle connessione internet e mancata visualizzazione di pagine web con IE8, per scrupolo ho eseguito la scansione con combofix e Kaspersky oneline, quest'ultimo non ha rilevato nulla.

Mi potete spiegare a cosa si riferiscono le voci che combofix indica come "altre eliminazioni" e cosa intende per "chiavi di registro bloccate?"

Il log presenta voci da eliminare o altre azioni da intraprendere? GRAZIE

ComboFix 09-09-12.A0 - Nessuno 13/09/2009 10.17.56.1.2 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.39.1040.18.1914.1140 [GMT 2:00]
Eseguito da: c:\users\Nessuno\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1175915938-776635755-195439990-500
c:\$recycle.bin\S-1-5-21-442661990-26195359-2138172642-500
c:\windows\ShellNew
c:\windows\ShellNew\Journal.jnt

.
((((((((((((((((((((((((( Files Creati Da 2009-08-13 al 2009-09-13 )))))))))))))))))))))))))))))))))))
.

2009-09-13 08:27 . 2009-09-13 08:27 -------- d-----w- c:\users\Nessuno\AppData\Local\temp
2009-09-13 08:27 . 2009-09-13 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-12 16:07 . 2009-09-12 16:07 -------- d-----w- c:\users\Nessuno\AppData\Roaming\EPSON
2009-09-12 15:57 . 2009-09-12 15:57 -------- d-----w- c:\programdata\UDL
2009-09-12 15:57 . 2009-09-12 15:57 -------- d-----w- c:\program files\Epson Software
2009-09-12 15:56 . 2009-09-12 15:56 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-09-12 15:51 . 2007-04-10 10:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-12 15:51 . 2007-12-07 11:08 86528 ----a-w- c:\windows\system32\E_FLBEDE.DLL
2009-09-12 15:51 . 2007-12-07 11:01 78848 ----a-w- c:\windows\system32\E_FD4BEDE.DLL
2009-09-12 15:51 . 2009-09-12 15:53 -------- d-----w- c:\programdata\EPSON
2009-09-12 15:50 . 2007-07-12 22:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-09-12 15:50 . 2009-09-12 15:54 -------- d-----w- c:\program files\epson
2009-09-09 09:13 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 09:13 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 09:13 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 09:13 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 09:13 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 09:13 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 09:13 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 09:13 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 09:13 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 09:13 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-09 09:13 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 09:12 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-09 09:12 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 09:12 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 09:12 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 09:12 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 09:12 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-05 15:06 . 2009-09-12 15:28 -------- d-----w- c:\program files\SpywareBlaster
2009-09-05 15:03 . 2009-09-12 18:00 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-05 15:03 . 2009-09-10 06:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-05 14:45 . 2009-09-05 14:47 -------- d-----w- c:\program files\OpenOffice
2009-09-03 21:35 . 2009-09-03 21:35 -------- d-----w- c:\programdata\SiteAdvisor
2009-09-03 21:33 . 2009-07-08 11:44 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-09-03 21:33 . 2009-07-08 11:44 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-09-03 21:33 . 2009-07-08 11:44 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-09-03 21:33 . 2009-07-16 10:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-09-03 21:33 . 2009-09-03 21:33 -------- d-----w- c:\program files\Common Files\McAfee
2009-09-03 21:33 . 2009-09-03 21:33 -------- d-----w- c:\program files\McAfee.com
2009-09-03 21:33 . 2009-09-08 14:45 -------- d-----w- c:\program files\McAfee
2009-09-03 21:23 . 2009-07-08 11:43 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-09-03 20:55 . 2009-09-04 05:33 -------- d-----w- c:\programdata\McAfee
2009-09-01 17:38 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-01 17:38 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-29 14:36 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-29 14:36 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-29 14:36 . 2009-08-29 14:36 -------- d-----w- c:\programdata\Malwarebytes
2009-08-29 14:36 . 2009-09-12 15:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-29 14:07 . 2009-08-30 09:47 -------- d-----w- c:\program files\gmer
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\users\Nessuno\AppData\Roaming\SUPERAntiSpyware.com
2009-08-29 10:14 . 2009-08-29 10:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-26 11:57 . 2009-08-26 11:57 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-08-26 11:53 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-25 12:38 . 2009-08-25 12:38 -------- d-----w- c:\users\Nessuno\AppData\Roaming\InstallShield
2009-08-15 18:00 . 2009-08-15 18:00 -------- d-----w- c:\program files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-13 07:53 . 2008-01-21 06:30 719842 ----a-w- c:\windows\system32\perfh010.dat
2009-09-13 07:53 . 2008-01-21 06:30 142438 ----a-w- c:\windows\system32\perfc010.dat
2009-09-12 15:56 . 2008-10-23 11:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-09 09:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-05 17:43 . 2009-06-28 10:54 105536 ----a-w- c:\users\Nessuno\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-05 17:31 . 2009-06-28 10:13 -------- d-----w- c:\programdata\Microsoft Help
2009-08-15 18:14 . 2009-07-07 16:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-28 18:41 . 2009-06-28 17:37 -------- d-----w- c:\users\Nessuno\AppData\Roaming\Skype
2009-07-28 18:28 . 2009-06-28 17:38 -------- d-----w- c:\users\Nessuno\AppData\Roaming\skypePM
2009-07-21 21:52 . 2009-07-28 18:34 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 18:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 18:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 18:34 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-12 17:11 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-12 16:58 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-12 16:59 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-12 16:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-12 16:59 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-12 14:44 . 2009-06-30 11:32 51656 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2009-07-08 11:44 . 2009-07-08 11:44 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-06-28 17:38 . 2009-06-28 17:38 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-06-15 23:15 . 2009-08-12 17:24 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 14:54 . 2009-08-12 17:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-06-15 14:53 . 2009-07-14 18:01 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 14:53 . 2009-08-12 17:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-06-15 14:53 . 2009-08-12 17:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 14:53 . 2009-08-12 17:24 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-15 14:52 . 2009-08-12 17:24 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-15 14:52 . 2009-07-14 18:01 23552 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 14:52 . 2009-08-12 17:24 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-06-15 14:52 . 2009-07-14 18:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 14:51 . 2009-07-14 18:01 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:48 . 2009-08-12 17:24 9728 ----a-w- c:\windows\system32\lsass.exe
2009-06-15 12:42 . 2009-07-14 18:01 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-17 270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-28 24576]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-10-17 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 16:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f7,8a,68,93,6d,fa,c9,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-442661990-26195359-2138172642-1003]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C72323E2-6313-4A3D-B011-9AF80B42695B}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{F946111D-ED4C-4979-AD38-A1C259D11F29}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{B00A9488-7225-4D7A-AB1F-0C66B1F94A1D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{A14EC714-47DD-4E7D-B588-B041646E3505}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [05/08/2009 16.06.28 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [05/08/2009 16.06.28 74480]
R2 BcmSqlStartupSvc;Servizio di avvio SQL Server di Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16/01/2008 10.41.32 30312]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [03/09/2009 23.35.32 206112]
R2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [28/06/2009 12.43.20 303104]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 20.09.28 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [23/10/2008 13.09.24 104992]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [05/09/2009 17.03.15 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [28/06/2009 12.05.19 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\VAIO Power Management\SPMService.exe [23/10/2008 17.38.00 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [11/09/2008 19.28.26 446464]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [28/06/2009 12.05.19 17920]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [23/10/2008 20.51.29 9344]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22.31.10 29263712]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [05/08/2009 16.06.30 7408]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\VAIO Media plus\SOHCImp.exe [28/06/2009 12.35.20 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\VAIO Media plus\SOHDms.exe [28/06/2009 12.35.20 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\VAIO Media plus\SOHDs.exe [28/06/2009 12.35.20 62752]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [28/06/2009 12.30.41 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [28/06/2009 12.31.08 83232]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-09-04 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-03 19:26]

2009-09-04 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-03 19:26]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = about:blank
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-13 10:27
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\ABU\Automated Build Utility 4.0]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Local AppWizard-Generated Applications\SkyTel]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\EqualizerSettings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\HME]
@DACL=(02 0000)
@SACL=
"LocalLibraryID"="{97D9F0F0-EA9E-471A-952B-35349168F728}"
"UPnPID"="{5CE6CACB-E58D-4E7C-9E5E-09D416AB1191}"

[HKEY_USERS\S-1-5-21-442661990-26195359-2138172642-1003\Software\Microsoft\MediaPlayer\Preferences\ProxySettings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000059
.
Ora fine scansione: 2009-09-13 10.29.52
ComboFix-quarantined-files.txt 2009-09-13 08:29

Pre-Run: 105.655.877.632 byte disponibili
Post-Run: 105.585.684.480 byte disponibili

252 --- E O F --- 2009-09-09 09:19
Sponsor
Inviato: Sunday, September 13, 2009 4:16:08 PM

 
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.