GUESAN53

Utenti
  • Numero contenuti

    2
  • Iscritto

  • Ultima visita

Tutti i contenuti di GUESAN53

  1. Ciao a tutti e da maggio che non riesco ad aggiornare il mio pc con sp2 di vista mi continua a dare l'enessimo errore:impossibile verificare gli aggiornamenti errore 80072efd questo e il log di surantispywere si qualcuno puo darmi una mano GRAZIE MILLE. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/04/2008 at 03:47 PM Application Version : 4.22.1014 Core Rules Database Version : 3661 Trace Rules Database Version: 1641 Scan type : Custom Scan Total Scan Time : 01:33:03 Memory items scanned : 635 Memory threats detected : 0 Registry items scanned : 7908 Registry threats detected : 2 File items scanned : 66132 File threats detected : 53 Adware.Tracking Cookie C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\alex@ads.sun[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\alex@serving-sys[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\alex@bs.serving-sys[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\alex@microsoftwindows.112.2o7[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\alex@www.googleadservices[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@serving-sys[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@revsci[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tacoda[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ads.sun[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tacoda[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tribalfusion[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@adopt.euroclick[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tribalfusion[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tribalfusion[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@serving-sys[4].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@serving-sys[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@mediaplex[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@statse.webtrendslive[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@zedo[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@bluestreak[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@advertising[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@adserver.hwupgrade[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@atdmt[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@fastclick[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@bs.serving-sys[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@www.banneradmin.rai[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ad.yieldmanager[4].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ad.yieldmanager[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ad.yieldmanager[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ad.yieldmanager[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@adbrite[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@bs.serving-sys[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@yadro[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@2o7[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@2o7[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@2o7[4].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ad.yieldmanager[5].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@adbrite[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@adbrite[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@ads.adbrite[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@bs.serving-sys[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@msnportal.112.2o7[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@overture[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@overture[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@overture[3].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@overture[4].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@pro-market[2].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@revsci[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@serving-sys[5].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@stat.cavion[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@tradedoubler[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@weborama[1].txt C:\Users\ALEX\AppData\Roaming\Microsoft\Windows\Cookies\Low\alex@yadro[1].txt Adware.MyWebSearch/FunWebProducts HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
  2. ComboFix 09-09-13.04 - ALEX 13/09/2009 21.50.38.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.2038.1133 [GMT 2:00] Eseguito da: d:\bajadas\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2056185313-125277316-3771081462-1003 c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\program files\Internet Explorer\msimg32.dll c:\program files\RelevantKnowledge c:\program files\websrvx c:\program files\websrvx\upx.exe c:\users\ALEX\AppData\Local\wmoys_nav.dat c:\windows\9g2234wesdf3dfgjf23 c:\windows\clofghls.dll c:\windows\Downloaded Program Files\popcaploader.dll c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\f23567.dat c:\windows\Installer\13ec92e.msi c:\windows\Installer\25b8e9.msi c:\windows\msmark2.dat c:\windows\system32\f3PSSavr.scr c:\windows\system32\nfr.assembly c:\windows\system32\nfr.gpref c:\windows\t55ft2784f44.dat c:\windows\t55ft2810f44.dat . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_iprip -------\Service_RelevantKnowledge ((((((((((((((((((((((((( Files Creati Da 2009-08-13 al 2009-09-13 ))))))))))))))))))))))))))))))))))) . 2009-09-13 20:11 . 2009-09-13 20:16 -------- d-----w- c:\users\ALEX\AppData\Local\temp 2009-09-13 20:11 . 2009-09-13 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-09-10 17:50 . 2009-09-10 17:50 -------- d-----w- C:\inetpub 2009-09-09 19:49 . 2009-09-09 19:49 -------- d-----w- c:\program files\RegCleaner 2009-09-09 18:20 . 2009-09-09 18:20 -------- d-----w- c:\windows\CheckSur 2009-09-08 14:37 . 2007-12-26 15:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll 2009-09-08 14:37 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll 2009-09-08 14:37 . 2009-09-11 12:11 -------- d-----w- c:\program files\Cheat Engine 2009-09-07 18:21 . 2009-09-07 18:21 -------- d-----w- c:\program files\Common Files\scanner 2009-09-07 18:21 . 2009-09-08 07:54 -------- d-----w- c:\programdata\EmailNotifier 2009-09-07 18:21 . 2009-09-07 18:21 -------- d-----w- c:\program files\vmntoolbar 2009-09-07 18:21 . 2009-09-07 18:21 -------- d-----w- c:\program files\SearchInOneStep 2009-09-07 18:20 . 2009-09-07 18:20 -------- d-----w- c:\program files\Free Screensavers 2009-09-07 18:10 . 2009-09-07 18:15 -------- d-----w- c:\users\ALEX\AppData\Roaming\Auslogics 2009-09-07 18:10 . 2009-09-07 18:10 -------- d-----w- c:\program files\Auslogics 2009-09-07 17:50 . 2009-09-09 21:07 -------- d-----w- c:\program files\Conduit . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-13 20:13 . 2008-04-12 08:52 12 ----a-w- c:\windows\bthservsdp.dat 2009-09-13 15:54 . 2006-11-06 01:52 745112 ----a-w- c:\windows\system32\perfh010.dat 2009-09-13 15:54 . 2006-11-06 01:52 152112 ----a-w- c:\windows\system32\perfc010.dat 2009-09-12 21:08 . 2008-04-12 09:20 -------- d-----w- c:\users\ALEX\AppData\Roaming\Winamp 2009-09-12 21:05 . 2008-06-02 08:47 -------- d-----w- c:\program files\Winamp 2009-09-12 08:54 . 2009-09-12 08:52 18015723 ----a-w- c:\programdata\vlc-1.0.1-win32.exe 2009-09-09 19:44 . 2008-07-26 18:00 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-09-07 18:06 . 2008-04-11 14:59 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-29 07:10 . 2008-06-26 17:49 -------- d-----w- c:\program files\Java 2009-08-28 08:53 . 2008-11-19 15:44 -------- d-----w- c:\program files\DVDVideoSoft 2009-08-28 08:53 . 2008-11-19 15:44 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2009-08-28 08:52 . 2009-07-04 11:42 -------- d-----w- c:\program files\WINDEasyConnect 2009-08-28 08:50 . 2008-09-26 17:31 -------- d-----w- c:\program files\FrostWire 2009-08-16 18:29 . 2008-07-01 19:23 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-16 18:29 . 2008-07-01 19:23 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-16 18:29 . 2008-07-01 19:23 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-07-25 03:23 . 2008-12-01 20:15 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-23 14:09 . 2009-06-10 11:11 -------- d-----w- c:\programdata\Messenger Plus! 2009-07-04 11:42 . 2009-07-04 11:42 101504 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2009-06-23 17:20 . 2009-02-25 16:58 5433520 ----a-w- c:\windows\system32\SpoonUninstall.exe . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-07-24 07:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-27 1830128] "Google Update"="c:\users\ALEX\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-06-04 133104] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe" [2009-06-05 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 865840] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2007-02-09 397312] "MSConfig"="c:\windows\System32\msconfig.exe" [2008-01-19 227840] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-16 2007832] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-07 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-01-02 11:52 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "RtHDVCpl"=RtHDVCpl.exe "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "PLFSet"=rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "My Web Search Bar Search Scope Monitor"="c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w "MyWebSearch Plugin"=rundll32 c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF "AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{82FD46C9-2EBC-4247-8017-BF812D4AAA6D}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{4FA771CF-08C5-45DC-B89A-39CB89731CA3}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{637A8ADE-353E-49A0-B450-F7B3D35AC60B}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{29912D08-C34A-4390-A727-8867EFBA52CE}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{84CB5279-225E-4AEC-8F76-FD793AE60266}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{F262402C-6CD7-4806-B27F-EF8827EB0404}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{85F6F6E2-83C9-46DA-B437-7581DE79F3F8}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{EB4E3790-E837-451F-8946-0CC1F17B8CDE}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM "{BCA326FC-2A40-4779-8D2F-04B424A704A5}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{7D3E2FAA-ECA9-46AB-A841-CF4F825B8F00}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player "UDP Query User{3AFEEE34-BCB5-430B-9576-D5CA8FF4AAD7}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player "TCP Query User{A3405DD0-6524-4671-96E6-303D26795E19}d:\\adunanza\\emule_adnza.exe"= UDP:d:\adunanza\emule_adnza.exe:eMule "UDP Query User{3F107061-0533-4AFA-86B2-4395ABF2BCAD}d:\\adunanza\\emule_adnza.exe"= TCP:d:\adunanza\emule_adnza.exe:eMule "{C54E4266-092C-4AEB-8589-4D994B26E475}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{80E74AFC-A8D8-4B2C-9E59-9B88B6DF3656}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{2787D1EA-A159-4832-B84B-D6D2A2B929E4}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{3FEE8AA1-5BE1-43DA-A7AA-574B461A1F27}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{273F1D6C-374E-441F-B529-1A5E5FA5665E}"= UDP:4662:emule "{5488A3AD-FE05-4F71-A5F9-477C4C744738}"= TCP:4672:mulo "{BE984900-E011-47DD-AD33-DDB777887B81}"= UDP:c:\windows\System32\lxbkcoms.exe:Lexmark Communications System "{D3E2D0FE-A1C3-46CC-B4B5-E13B11BEA4BC}"= TCP:c:\windows\System32\lxbkcoms.exe:Lexmark Communications System "{2280A172-FE5F-4FCB-B8F3-4E0989C95744}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe:Printer Status Window "{C693C391-59E7-4C96-ADDF-5BBBA6E41629}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxbkpswx.exe:Printer Status Window "{BE339081-F444-42F5-8A0A-FBB1C45E83CA}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{4F972365-4988-4AB0-A39D-DF4E91DA69F5}d:\\adunanza\\emule_adnza.exe"= UDP:d:\adunanza\emule_adnza.exe:eMule "UDP Query User{5722EC65-CE13-4065-9472-5377ED4B1430}d:\\adunanza\\emule_adnza.exe"= TCP:d:\adunanza\emule_adnza.exe:eMule "TCP Query User{3E83BC55-FA7B-45F9-8321-D560BB459703}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player "UDP Query User{8721DCCA-5308-4F5F-A34A-9313C19C724C}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player "TCP Query User{32C0C89D-9D8C-4492-8BEB-F099C3EC3D4B}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{F366C813-D01A-4A61-93F9-E228266A155F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{CAB901EF-BD16-4B20-B92C-EADAE2DBE9A6}c:\\users\\alex\\desktop\\my mobile\\mymobiler\\mymobiler.exe"= UDP:c:\users\alex\desktop\my mobile\mymobiler\mymobiler.exe:mymobiler.exe "UDP Query User{FAE7DAA6-7D8A-4654-B0C3-CC528282F878}c:\\users\\alex\\desktop\\my mobile\\mymobiler\\mymobiler.exe"= TCP:c:\users\alex\desktop\my mobile\mymobiler\mymobiler.exe:mymobiler.exe "TCP Query User{FCBC182D-2489-434F-8E96-BCFA596BAAA4}c:\\users\\alex\\desktop\\my mobile\\mymobiler\\mexplorer.exe"= UDP:c:\users\alex\desktop\my mobile\mymobiler\mexplorer.exe:mexplorer.exe "UDP Query User{EFD5A629-BF1F-4C51-9A73-CDBE102EECC2}c:\\users\\alex\\desktop\\my mobile\\mymobiler\\mexplorer.exe"= TCP:c:\users\alex\desktop\my mobile\mymobiler\mexplorer.exe:mexplorer.exe "TCP Query User{21642F40-B06F-44F7-B306-3E49E9BF1C5F}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule "UDP Query User{61BF902A-3623-4F02-AC17-2986DA886980}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule "{F3EA9358-9CBE-4562-923C-00223B44A1A7}"= UDP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "{F9A6753F-D159-4CAB-86D4-BFADB2DEED5B}"= TCP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "TCP Query User{1A146637-B2F1-48C7-853F-4A16F0A0A646}c:\\windows\\system32\\rundll32.exe"= UDP:c:\windows\system32\rundll32.exe:Processo host di Windows (Rundll32) "UDP Query User{4AF20DB5-AD5E-44C2-98C4-818132B3C4BE}c:\\windows\\system32\\rundll32.exe"= TCP:c:\windows\system32\rundll32.exe:Processo host di Windows (Rundll32) "{9373DE40-4A72-43DA-B870-6FAB8902EA80}"= UDP:c:\program files\AVG\AVG8\avgtray.exe:AVG Free Tray Icon "{87333CED-440B-42F7-AC58-05EB496C2470}"= TCP:c:\program files\AVG\AVG8\avgtray.exe:AVG Free Tray Icon "{11C43B29-AA9F-4BBC-BC42-90F477FF516C}"= UDP:c:\program files\AVG\AVG8\avgui.exe:AVG Free User Interface "{13DE9B07-2A21-418B-A036-A21A46D9C374}"= TCP:c:\program files\AVG\AVG8\avgui.exe:AVG Free User Interface "{25E9A19D-E1C9-4698-BFF0-2B79A26B3419}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "TCP Query User{4C80C5A5-FD36-4518-83CA-914CFC85B992}c:\\program files\\live-player\\live-player.exe"= UDP:c:\program files\live-player\live-player.exe:Live-Player "UDP Query User{F20636E6-5BC7-4292-A605-29A385824A9A}c:\\program files\\live-player\\live-player.exe"= TCP:c:\program files\live-player\live-player.exe:Live-Player "{FF0C8939-AE91-4C34-ADF3-FA9326B2A8B2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{82DC860F-8530-47BC-BBDB-213EA422CDBE}"= UDP:c:\program files\VistaCodecPack\filters\ac3config.exe:AC3filter configuration "{6126BFC3-D4F3-4AB1-B5C2-3BC8B2715992}"= TCP:c:\program files\VistaCodecPack\filters\ac3config.exe:AC3filter configuration "{410394B4-5AE7-41EE-8CF3-41EF1ACB4272}"= UDP:c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:SUPERAntiSpyware Free Edition "{D0355325-1032-4650-8264-21449629CA32}"= TCP:c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:SUPERAntiSpyware Free Edition [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System] "Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200| R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [01/07/2008 21.23.32 335240] R1 c2scsi;c2scsi;c:\windows\System32\drivers\C2SCSI.SYS [18/08/2007 1.34.34 252152] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [28/05/2008 10.33.36 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/05/2008 10.33.36 55024] R1 SSHDRV65;SSHDRV65;c:\windows\System32\drivers\SSHDRV65.sys [29/09/2008 17.20.49 120320] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [11/04/2008 17.03.42 13560] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [01/07/2008 21.23.20 297752] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [09/10/2008 14.47.16 47640] R2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe -service --> c:\windows\system32\lxbkcoms.exe -service [?] R3 b57nd60x;%SvcDispName%;c:\windows\System32\drivers\b57nd60x.sys [28/04/2008 13.06.48 179712] R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 7.51.40 43008] S2 gupdate1ca03e6b644de94;Servizio di Google Update (gupdate1ca03e6b644de94);c:\program files\Google\Update\GoogleUpdate.exe [13/07/2009 20.21.06 133104] S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\System32\drivers\hcw95bda.sys [15/10/2008 15.18.58 560640] S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\System32\drivers\hcw95rc.sys [15/10/2008 15.18.57 15616] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [21/02/2009 12.21.19 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [21/02/2009 12.21.19 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [21/02/2009 12.21.19 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [21/02/2009 12.21.19 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [21/02/2009 12.21.19 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [21/02/2009 12.21.19 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [21/02/2009 12.21.20 117672] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/05/2008 10.33.38 7408] S4 RoxLiveShare10;LiveShare P2P Server 10; [x] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr ipripsvc REG_MULTI_SZ iprip [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenuto della cartella 'Scheduled Tasks' 2009-09-13 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-26 18:17] 2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-13 18:20] 2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-13 18:20] 2009-09-12 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\users\ALEX\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-04 18:08] 2009-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2056185313-125277316-3771081462-1000Core.job - c:\users\ALEX\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-04 18:08] 2009-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2056185313-125277316-3771081462-1000UA.job - c:\users\ALEX\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-04 18:08] 2009-09-12 c:\windows\Tasks\NeroLiveEpgUpdate-PC-ALEX_ALEX.job - c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 11:51] 2009-09-13 c:\windows\Tasks\User_Feed_Synchronization-{B6E68C81-DEDF-40ED-9BCB-5506772B575D}.job - c:\windows\system32\msfeedssync.exe [2009-04-01 11:31] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/webhp?rls=ig uInternet Settings,ProxyServer = http=localhost:7171 IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: microsoft.com\*.update Trusted Zone: microsoft.com\.update Trusted Zone: windowsupdate.com\download DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab . - - - - CHIAVI ORFANE RIMOSSE - - - - WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file) ShellExecuteHooks-{8912DBA0-A96F-48F1-9A42-EE6CD54B7A9D} - (no file) ************************************************************************** scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- [HKEY_USERS\S-1-5-21-2056185313-125277316-3771081462-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{12942A74-8869-2210-CD80-E1FFDE7EA275}*] "fadhifilojdc"=hex:66,61,6e,66,6f,6a,6c,63,6f,6b,64,66,00,ff [HKEY_USERS\S-1-5-21-2056185313-125277316-3771081462-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:00000020 [HKEY_USERS\S-1-5-21-2056185313-125277316-3771081462-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-2056185313-125277316-3771081462-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-2056185313-125277316-3771081462-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\System32\audiodg.exe c:\windows\System32\wlanext.exe c:\windows\System32\CISVC.EXE c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\windows\System32\lxbkcoms.exe c:\program files\Google\Update\1.2.183.7\GoogleCrashHandler.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\System32\TCPSVCS.EXE c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\windows\System32\WUDFHost.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Ora fine scansione: 2009-09-13 22.25.30 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2009-09-13 20:25 ComboFix2.txt 2008-04-04 18:16 Pre-Run: 16.887.918.592 byte disponibili Post-Run: 17.215.270.912 byte disponibili 344