Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC formattato log combo

PC formattato log combo Opzioni
Topic Precedente · Topic Sucessivo
fdaccc
Inviato: Thursday, March 11, 2010 3:33:43 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
ComboFix 10-03-06.06 - Mimmo 11/03/2010 14.48.33.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1279.797 [GMT 1:00]
Eseguito da: g:\documenti\Applicativi\ComboFix.exe
FW: Alice Total Security Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\XES2B.tmp

.
((((((((((((((((((((((((( Files Creati Da 2010-02-11 al 2010-03-11 )))))))))))))))))))))))))))))))))))
.

2010-03-11 13:19 . 2010-03-11 13:19 -------- d-----w- c:\documents and settings\Mimmo\Dati applicazioni\Ashampoo
2010-03-11 13:19 . 2010-03-11 13:19 -------- d-----w- c:\documents and settings\Mimmo\Impostazioni locali\Dati applicazioni\ashampoo
2010-03-11 13:19 . 2010-03-11 13:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ashampoo
2010-03-11 13:04 . 2010-03-11 13:41 1 ----a-w- c:\documents and settings\Firo & Gabri\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-11 13:03 . 2010-03-11 13:03 -------- d-----w- c:\documents and settings\Firo & Gabri\Dati applicazioni\OpenOffice.org
2010-03-10 20:29 . 2010-03-11 13:54 2361888 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-10 20:27 . 2009-04-14 13:41 33160 ----a-w- c:\windows\zllsputility_loc0410.dll
2010-03-10 20:27 . 2009-04-14 13:41 7048 ----a-w- c:\windows\system32\imslsp_install_loc0410.dll
2010-03-10 20:27 . 2009-04-14 13:41 10632 ----a-w- c:\windows\system32\imsinstall_loc0410.dll
2010-03-10 20:27 . 2010-03-10 20:58 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-03-10 20:27 . 2009-04-14 13:42 34696 ----a-w- c:\windows\system32\vsutil_loc0410_oem1466.dll
2010-03-10 20:27 . 2009-04-14 13:41 46472 ----a-w- c:\windows\system32\vsutil_loc0410.dll
2010-03-10 20:27 . 2009-04-14 13:41 72584 ----a-w- c:\windows\zllsputility.exe
2010-03-10 20:26 . 2009-04-14 13:41 69000 ----a-w- c:\windows\system32\zlcomm.dll
2010-03-10 20:26 . 2009-04-14 13:41 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2010-03-10 20:26 . 2009-04-14 13:41 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2010-03-10 20:26 . 2010-03-11 13:07 -------- d-----w- c:\windows\system32\ZoneLabs
2010-03-10 20:23 . 2010-03-10 20:28 -------- d-----w- c:\programmi\Alice Total Security
2010-03-10 20:22 . 2010-03-11 13:41 -------- d-----w- c:\windows\Internet Logs
2010-03-10 19:18 . 2010-03-10 19:18 141 ----a-w- c:\documents and settings\Firo & Gabri\Impostazioni locali\Dati applicazioni\fusioncache.dat
2010-03-10 19:18 . 2010-03-10 19:18 -------- d-----w- c:\documents and settings\Firo & Gabri\Impostazioni locali\Dati applicazioni\ApplicationHistory
2010-03-10 19:17 . 2010-03-10 19:17 -------- d-sh--w- c:\documents and settings\Firo & Gabri\IECompatCache
2010-03-10 18:00 . 2010-03-10 18:00 -------- d-----w- c:\documents and settings\Firo & Gabri\Impostazioni locali\Dati applicazioni\Mozilla
2010-03-10 17:57 . 2010-03-10 17:57 -------- d-sh--w- c:\documents and settings\Firo & Gabri\PrivacIE
2010-03-10 17:55 . 2010-03-10 17:55 -------- d-sh--w- c:\documents and settings\Firo & Gabri\IETldCache
2010-03-10 17:06 . 2010-03-10 17:06 -------- d-----w- c:\documents and settings\Mimmo\Impostazioni locali\Dati applicazioni\Identities
2010-03-10 16:35 . 2010-03-10 16:35 -------- d-sh--w- c:\documents and settings\Mimmo\IECompatCache
2010-03-10 16:34 . 2010-03-10 16:34 -------- d-sh--w- c:\documents and settings\Mimmo\PrivacIE
2010-03-10 16:34 . 2010-03-10 16:34 -------- d-sh--w- c:\documents and settings\Mimmo\IETldCache
2010-03-10 16:29 . 2010-03-10 16:31 -------- dc-h--w- c:\windows\ie8
2010-03-10 16:29 . 2010-03-10 16:31 -------- d-----w- c:\windows\system32\it-IT
2010-03-10 16:26 . 2010-03-10 16:26 0 ----a-w- c:\windows\nsreg.dat
2010-03-10 16:26 . 2010-03-10 16:26 -------- d-----w- c:\documents and settings\Mimmo\Impostazioni locali\Dati applicazioni\Mozilla
2010-03-10 16:25 . 2010-03-10 16:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2010-03-10 16:22 . 2010-03-10 16:22 -------- d-sh--w- c:\documents and settings\Mimmo\UserData
2010-03-10 16:21 . 2010-03-10 16:21 152576 ----a-w- c:\documents and settings\Mimmo\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2010-03-10 16:21 . 2010-03-10 16:21 79488 ----a-w- c:\documents and settings\Mimmo\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-10 16:20 . 2010-03-10 16:20 -------- d-----w- c:\windows\Motive
2010-03-10 16:20 . 2010-03-10 16:20 -------- d-----w- c:\programmi\File comuni\Motive
2010-03-10 16:20 . 2010-03-10 16:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Motive
2010-03-10 16:20 . 2010-03-10 16:20 -------- d-----w- c:\programmi\Common Files
2010-03-10 16:19 . 2010-03-10 16:19 -------- d-----w- c:\programmi\Motive
2010-03-10 16:19 . 2010-03-10 16:20 -------- d-----w- c:\programmi\Alice ti aiuta
2010-03-10 16:12 . 2004-08-03 22:07 6400 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2010-03-10 16:08 . 2010-03-10 16:08 -------- d-----w- C:\HP
2010-03-10 15:42 . 2010-03-10 15:42 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-10 15:41 . 2010-03-10 15:42 -------- d-----w- c:\programmi\Telecom Italia
2010-03-10 15:40 . 2010-03-10 15:40 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-03-10 14:14 . 2010-03-10 14:14 18064 ----a-w- c:\documents and settings\Firo & Gabri\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-10 14:12 . 2010-03-10 16:45 1 ----a-w- c:\documents and settings\Mimmo\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-10 14:12 . 2010-03-10 14:12 -------- d-----w- c:\documents and settings\Mimmo\Dati applicazioni\OpenOffice.org
2010-03-10 14:08 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-10 14:07 . 2010-03-10 16:23 -------- d-----w- c:\programmi\Java
2010-03-10 14:00 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 13:32 . 2010-03-10 20:29 22640 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-10 16:18 . 2010-03-10 16:18 2232 ----a-w- c:\windows\java\Packages\Data\BLBDBRR7.DAT
2010-03-10 16:18 . 2010-03-10 16:18 155995 ----a-w- c:\windows\java\Packages\XZHBPFB9.ZIP
2010-03-10 16:18 . 2010-03-10 16:18 2678 ----a-w- c:\windows\java\Packages\Data\E7LVD31Z.DAT
2010-03-10 16:18 . 2010-03-10 16:18 2678 ----a-w- c:\windows\java\Packages\Data\V3XRBJ5B.DAT
2010-03-10 16:18 . 2010-03-10 16:18 2678 ----a-w- c:\windows\java\Packages\Data\JNH7F7LB.DAT
2010-03-10 16:18 . 2010-03-10 16:18 2678 ----a-w- c:\windows\java\Packages\Data\DV931BDB.DAT
2010-03-10 16:18 . 2010-03-10 16:18 2678 ----a-w- c:\windows\java\Packages\Data\CVRRFFZX.DAT
2010-03-10 15:31 . 2010-03-10 13:39 18064 ----a-w- c:\documents and settings\Mimmo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-10 13:30 . 2004-09-07 12:00 63180 ----a-w- c:\windows\system32\perfc010.dat
2010-03-10 13:30 . 2004-09-07 12:00 425432 ----a-w- c:\windows\system32\perfh010.dat
2010-03-10 13:28 . 2010-03-10 13:28 134 ----a-w- c:\documents and settings\Mimmo\Impostazioni locali\Dati applicazioni\fusioncache.dat
2010-03-10 13:14 . 2010-03-10 13:14 -------- d-----w- c:\programmi\microsoft frontpage
2010-03-10 13:11 . 2010-03-10 13:11 87747 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-10 13:10 . 2010-03-10 13:10 -------- d-----w- c:\programmi\Servizi in linea
2010-03-10 13:06 . 2010-03-10 13:06 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-10 13:05 . 2010-03-10 13:05 -------- d-----w- c:\programmi\Windows Plus
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WPA"="regedit.exe" [2004-09-07 151552]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-03 50176]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"ZoneAlarm Client"="c:\programmi\Alice Total Security\zlclient.exe" [2009-04-14 982408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-07 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=

S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [10/03/2010 16.42.53 8192]
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-11 c:\windows\Tasks\User_Feed_Synchronization-{CD3E16D8-8A00-4314-8BFE-DEBB74E9306A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Mimmo\Dati applicazioni\Mozilla\Firefox\Profiles\ymwc0wub.default\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-11 14:54
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2010-03-11 14:56:41
ComboFix-quarantined-files.txt 2010-03-11 13:56

Pre-Run: 33.448.693.760 byte disponibili
Post-Run: 33.417.515.008 byte disponibili

- - End Of File - - C9A2D118FB491D070B7B08207EBCC7C1
Torna in alto
 
Sponsor
Inviato: Thursday, March 11, 2010 3:33:43 PM

 
Torna in alto
 
fdaccc
Inviato: Thursday, March 11, 2010 3:38:41 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
no, dovevo eseguirlo dal desktop? :)
Torna in alto
 
fdaccc
Inviato: Thursday, March 11, 2010 3:53:57 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
r16 puoi controllarlo per favore?
Torna in alto
 
r16
Inviato: Thursday, March 11, 2010 4:00:19 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
fdaccc ha scritto:
no, dovevo eseguirlo dal desktop? :)

Esatto.
Questo perchè, se dovevo fare delle eliminazioni, non sarebbe stato possibile.
Comunque è pulito.
Torna in alto
 
fdaccc
Inviato: Thursday, March 11, 2010 4:02:28 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
grazie.

sul sito wintricks ci sono delle chiavi da scaricare e aggiungere al registro di Win.
Sai mica se, una volta aggiunte, si possono togliere?
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC formattato log combo


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.