ComboFix 10-03-04.05 - Carlo 05/03/2010 20.32.53.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1015.611 [GMT 1:00]
Eseguito da: c:\documents and settings\Carlo\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Carlo\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programmi\McAfee Security Scan
c:\programmi\McAfee Security Scan\2.0.181\AVScanComponent.dll
c:\programmi\McAfee Security Scan\2.0.181\AVScanner.ini
c:\programmi\McAfee Security Scan\2.0.181\avvclean.dat
c:\programmi\McAfee Security Scan\2.0.181\avvnames.dat
c:\programmi\McAfee Security Scan\2.0.181\avvscan.dat
c:\programmi\McAfee Security Scan\2.0.181\config.dat
c:\programmi\McAfee Security Scan\2.0.181\ftconfig.ini
c:\programmi\McAfee Security Scan\2.0.181\McAfee.ico
c:\programmi\McAfee Security Scan\2.0.181\mcbrwsr2.dll
c:\programmi\McAfee Security Scan\2.0.181\McCHSvc.exe
c:\programmi\McAfee Security Scan\2.0.181\MCCompHostConfig.ini
c:\programmi\McAfee Security Scan\2.0.181\mcscan32.dll
c:\programmi\McAfee Security Scan\2.0.181\mcuicnt.exe
c:\programmi\McAfee Security Scan\2.0.181\McUpdater.dll
c:\programmi\McAfee Security Scan\2.0.181\sa_cache_sqlite.dll
c:\programmi\McAfee Security Scan\2.0.181\sa_http_win32.dll
c:\programmi\McAfee Security Scan\2.0.181\sa_mbl.dll
c:\programmi\McAfee Security Scan\2.0.181\sa_store_sqlite.dll
c:\programmi\McAfee Security Scan\2.0.181\sacore.db
c:\programmi\McAfee Security Scan\2.0.181\sacore.dll
c:\programmi\McAfee Security Scan\2.0.181\sacoredata\uds_filetypes.txt
c:\programmi\McAfee Security Scan\2.0.181\sacoredata\uds_hosting.txt
c:\programmi\McAfee Security Scan\2.0.181\sacoredata\uds_tlds.txt
c:\programmi\McAfee Security Scan\2.0.181\SecurityScanner.dll
c:\programmi\McAfee Security Scan\2.0.181\SecurityScanner_LD.dll
c:\programmi\McAfee Security Scan\2.0.181\sqlite3.dll
c:\programmi\McAfee Security Scan\2.0.181\SSCustom_LD.dll
c:\programmi\McAfee Security Scan\2.0.181\SSScheduler.exe
c:\programmi\McAfee Security Scan\2.0.181\WebInfoScanner.dll
c:\programmi\McAfee Security Scan\2.0.181\WMIScanner.dll
c:\programmi\McAfee Security Scan\uninstall.exe
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MCCOMPONENTHOSTSERVICE
-------\Service_McComponentHostService
((((((((((((((((((((((((( Files Creati Da 2010-02-05 al 2010-03-05 )))))))))))))))))))))))))))))))))))
.
2010-03-05 08:55 . 2010-03-05 08:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Auslogics
2010-03-05 01:18 . 2010-03-05 01:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-03-05 00:52 . 2010-03-05 00:52 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\Malwarebytes
2010-03-05 00:52 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-05 00:52 . 2010-03-05 00:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-03-05 00:52 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-05 00:51 . 2010-03-05 00:52 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-04 09:45 . 2010-03-04 09:45 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\PackageAware
2010-03-04 09:36 . 2010-03-04 09:36 -------- d-----w- c:\programmi\alaplaya
2010-03-04 09:18 . 2010-03-05 19:41 -------- d-----w- c:\programmi\File comuni\Akamai
2010-03-03 07:18 . 2010-03-03 07:22 -------- d-----w- c:\programmi\Windows Live Safety Center
2010-02-28 20:11 . 2010-03-05 08:43 110592 ----a-w- c:\documents and settings\Carlo\Dati applicazioni\U3\temp\cleanup.exe
2010-02-28 20:06 . 2010-03-05 08:43 3493888 ---ha-w- c:\documents and settings\Carlo\Dati applicazioni\U3\temp\Launchpad Removal.exe
2010-02-28 20:06 . 2010-02-28 20:29 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\U3
2010-02-28 14:05 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-28 14:05 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-25 06:11 . 2010-02-25 06:11 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\Temp
2010-02-20 06:05 . 2010-02-20 06:05 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\McAfee
2010-02-18 05:03 . 2010-02-18 05:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee Security Scan
2010-02-18 05:03 . 2010-02-18 05:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-02-18 04:22 . 2010-03-04 19:41 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\vlc
2010-02-14 19:24 . 2010-02-14 19:24 -------- d-----w- c:\programmi\IZArc
2010-02-13 18:11 . 2010-03-01 20:17 -------- d-----w- c:\programmi\Bamboo MT2
2010-02-13 17:41 . 2010-02-13 17:41 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Threat Expert
2010-02-13 17:40 . 2010-02-13 17:40 -------- d-----r- c:\documents and settings\LocalService\Preferiti
2010-02-11 08:49 . 2010-02-11 08:49 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\PCHealth
2010-02-10 07:24 . 2010-02-10 07:24 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\Identities
2010-02-09 10:31 . 2010-02-09 10:31 -------- d-----w- c:\programmi\CCleaner
2010-02-04 21:07 . 2010-02-13 18:12 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\ZipGenius
2010-02-04 21:04 . 2010-02-14 19:17 -------- d-----w- c:\programmi\ZipGenius 6
2010-02-04 11:53 . 2010-02-04 11:53 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 11:53 . 2010-02-04 11:53 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\Mozilla
2010-02-04 09:29 . 2010-02-27 13:48 -------- d-----w- c:\programmi\Metin2_Italiano
2010-02-04 09:14 . 2010-02-04 09:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
2010-02-04 09:08 . 2010-02-04 09:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2010-02-04 09:08 . 2010-02-04 09:08 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\AVS4YOU
2010-02-04 09:08 . 2010-03-05 03:25 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\Auslogics
2010-02-04 09:07 . 2010-03-05 02:40 -------- d-----w- c:\programmi\Auslogics
2010-02-04 09:07 . 2010-02-04 09:10 -------- d-----w- c:\programmi\File comuni\AVSMedia
2010-02-04 09:07 . 2009-06-30 15:32 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-02-04 09:07 . 2010-03-05 02:53 -------- d-----w- c:\programmi\AVS4YOU
2010-02-04 09:03 . 2010-02-04 09:03 117760 ----a-w- c:\documents and settings\Carlo\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-04 09:02 . 2010-02-04 09:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2010-02-04 09:02 . 2010-02-04 09:02 65024 ----a-r- c:\documents and settings\Carlo\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2010-02-04 09:02 . 2010-02-04 09:02 5120 ----a-r- c:\documents and settings\Carlo\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2010-02-04 09:02 . 2010-02-04 09:02 18944 ----a-r- c:\documents and settings\Carlo\Dati applicazioni\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2010-02-04 09:02 . 2010-02-04 09:02 -------- d-----w- c:\programmi\SUPERAntiSpyware
2010-02-04 09:02 . 2010-02-04 09:02 -------- d-----w- c:\documents and settings\Carlo\Dati applicazioni\SUPERAntiSpyware.com
2010-02-04 09:01 . 2010-02-04 09:01 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-02-04 09:01 . 2010-02-04 09:01 -------- d-----w- c:\programmi\VS Revo Group
2010-02-04 08:58 . 2009-12-21 12:15 -------- d-----w- c:\programmi\UltimateLongju2
2010-02-04 08:57 . 2010-02-04 08:57 -------- d-----w- c:\programmi\VideoLAN
2010-02-04 08:51 . 2010-02-04 08:51 -------- d-----w- c:\programmi\Trend Micro
2010-02-04 08:26 . 2010-02-04 08:26 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\Threat Expert
2010-02-04 08:17 . 2010-02-13 17:54 -------- d-----w- c:\programmi\Spyware Doctor
2010-02-04 08:17 . 2010-02-13 17:53 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-02-04 08:11 . 2010-02-04 08:11 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-02-04 08:07 . 2010-03-05 15:55 -------- d-----w- c:\documents and settings\Carlo\Tracing
2010-02-04 08:06 . 2010-02-13 17:40 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-02-04 08:06 . 2010-02-04 08:06 -------- d-----w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\Google
2010-02-04 08:05 . 2010-02-04 08:06 -------- d-----w- c:\programmi\Google
2010-02-04 07:56 . 2009-05-11 20:35 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\InstallShield
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-05 15:26 . 2009-05-11 21:51 75064 ----a-w- c:\windows\system32\perfc010.dat
2010-03-05 15:26 . 2009-05-11 21:51 447988 ----a-w- c:\windows\system32\perfh010.dat
2010-03-05 09:59 . 2009-05-11 21:57 12288 ---ha-w- c:\windows\Fonts\8514oem.fon
2010-03-05 09:51 . 2009-05-11 20:33 57344 ----a-w- c:\windows\ALCMTR.EXE
2010-03-05 08:42 . 2009-05-11 20:35 528384 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Wireless LAN Card\Wireless LAN Card\Driver\RaInst.exe
2010-03-05 08:42 . 2009-05-11 20:35 221184 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Wireless LAN Card\Wireless LAN Card\Driver\RaCoInst.dll
2010-03-05 08:42 . 2009-05-11 20:35 192512 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Wireless LAN Card\Wireless LAN Card\Driver\CoInstaller.dll
2010-03-05 02:18 . 2010-03-04 19:46 32474 ----a-w- c:\windows\SCHEDLGU.TXT.TMP
2010-03-05 02:18 . 2010-02-04 08:21 -------- d-----w- c:\programmi\Alwil Software
2010-03-04 09:40 . 2009-05-11 20:33 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-04 09:36 . 2009-05-11 20:33 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-03-03 07:27 . 2010-02-04 07:57 39152 ----a-w- c:\documents and settings\Carlo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-02 02:09 . 2009-05-11 21:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-03-01 04:12 . 2009-05-11 21:22 -------- d-----w- c:\programmi\Microsoft Works
2010-02-11 18:53 . 2010-02-04 08:21 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2010-02-04 08:21 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:42 . 2010-02-04 08:21 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2010-02-04 08:21 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2010-02-04 08:21 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2010-02-04 08:21 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2010-02-04 08:21 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2010-02-04 08:21 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2010-02-04 08:21 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-10 11:53 . 2009-05-11 20:02 76875 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-05 09:53 . 2009-05-11 21:50 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:53 . 2009-05-11 21:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:53 . 2009-05-11 21:50 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2009-05-11 21:50 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:40 . 2009-05-11 20:00 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2009-05-11 21:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:07 . 2008-04-13 18:54 2148864 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:07 . 2008-04-13 18:55 2027520 ------w- c:\windows\system32\ntkrnlpa.exe
.
(((((((((((((((((((((((((((((
SnapShot@2010-03-05_15.16.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-05 19:41 . 2010-03-05 19:41 16384 c:\windows\Temp\Perflib_Perfdata_ec.dat
+ 2009-05-11 21:50 . 2010-03-05 15:26 62934 c:\windows\system32\perfc009.dat
- 2009-05-11 21:50 . 2010-03-05 14:34 62934 c:\windows\system32\perfc009.dat
+ 2009-05-11 21:50 . 2010-03-05 15:26 401272 c:\windows\system32\perfh009.dat
- 2009-05-11 21:50 . 2010-03-05 14:34 401272 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\programmi\ASUS\Eee Docking\Eee Docking.exe" [2009-05-08 395776]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-04 39408]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088]
"AsusACPIServer"="c:\programmi\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\programmi\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\programmi\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"SynAsusAcpi"="c:\programmi\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
SuperHybridEngine.lnk - c:\programmi\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-5-11 376832]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\UltimateLongju2\\UltimateLongju2.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"c:\\Programmi\\Metin2_Italiano\\metin2client.bin"=
"c:\\Programmi\\Bamboo MT2\\BambooMT2.exe"=
"c:\\Programmi\\Bamboo MT2\\mc.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [04/02/2010 9.21.50 162512]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [16/12/2009 16.26.58 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [16/12/2009 16.26.56 74480]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [11/05/2009 22.50.58 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [04/02/2010 9.21.50 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/05/2009 22.29.44 55152]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 2.59.09 38912]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [04/02/2010 9.06.08 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11/05/2009 21.33.24 1684736]
S3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [06/02/2009 17.08.58 533360]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [11/05/2009 21.35.48 966912]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [16/12/2009 16.27.00 7408]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [11/05/2009 23.31.12 232872]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [28/04/2009 6.47.12 39040]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenuto della cartella 'Scheduled Tasks'
2010-03-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-04 08:06]
2010-03-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-04 08:06]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Carlo\Dati applicazioni\Mozilla\Firefox\Profiles\083358cm.default\
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-McAfee Security Scan - c:\programmi\McAfee Security Scan\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-03-05 20:41
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmi/File comuni/Akamai/rswin_3648.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmi/File comuni/Akamai/rswin_3648.dll"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
- - - - - - - > 'explorer.exe'(3108)
c:\windows\system32\WININET.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast5\AvastSvc.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
.
**************************************************************************
.
Ora fine scansione: 2010-03-05 20:44:25 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-03-05 19:44
ComboFix2.txt 2010-03-05 15:18
Pre-Run: 57.923.358.720 byte disponibili
Post-Run: 57.879.838.720 byte disponibili
- - End Of File - - 124298A9EB01C37177662038A19EF9E0
ho spostato il file di testo fatto con block notes con il codice che mi hai detto e il nome che mi hai detto di dargli dopo che lo salvato sull'iconcina di combofix e si e aperto da solo e partito eccetra andava fatto cosi?
comunque questo è il nuovo report.
per ora hai trovato danni problemi? grazie dell'aiuto