lorenzetto23

Utenti

Visualizza profilo Vedi la sua attività

Numero contenuti
20
Iscritto
December 19, 2007
Ultima visita
March 6, 2013

Su lorenzetto23

Livello
Iniziato

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Mr,ergo...il pc non va per niente meglio all'inizio mi era sembrato più reattivo ma dopo appena 10 minuti di navigazione ha ricominciato a fare i capricci,si è prima bloccato sulla home di facebook/mentre scendevo con le notizie)poi aprendo altre pagine si è addirittura bloccato tutto per alcuni minuti,insomma continua ad avere minuti di blocco totale e specie quando si passa da una pagina all'altra di Chrome ad es. rimane bloccato sulla vecchia pagina e ci mette alcuni secondi per passare sull'altra...
- February 23, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Ciao Mr,allora il pc sembra andare meglio,fammelo usare una giornata e ti riscrivo domani per conferma,per il momento comunque sembra tutto liscio! Grazie dell'assistenza
- February 23, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Ciao Mr,a fare la scansione con Eset ci ho messo parecchio, Log di Combofix; ComboFix 13-02-22.01 - Lorenzo 22/02/2013 19:08:29.6.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3950.2738 [GMT 1:00] Eseguito da: c:\users\Lorenzo\Desktop\ComboFix.exe Opzioni usate :: c:\users\Lorenzo\Desktop\CFScript.txt AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} AV: Kaspersky Anti-Virus *Disabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE} FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Anti-Virus *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\SysWow64\sho530B.tmp" "c:\windows\SysWow64\sho793D.tmp" "c:\windows\SysWow64\sho95F9.tmp" . . ((((((((((((((((((((((((( Files Creati Da 2013-01-22 al 2013-02-22 ))))))))))))))))))))))))))))))))))) . . 2013-02-22 18:21 . 2013-02-22 18:21 -------- d-----w- c:\users\Default\AppData\Local emp 2013-02-22 11:04 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CB05A54-07C3-444A-AC9D-3CF6478DC236}\mpengine.dll 2013-02-19 19:09 . 2013-02-19 19:09 0 ----a-w- c:\windows\SysWow64\sho95F9.tmp 2013-02-19 09:49 . 2013-02-21 14:28 -------- d-----w- c:\users\Lorenzo\AppData\Local\CrashDumps 2013-02-17 02:03 . 2013-02-17 02:03 -------- d-----w- c:\users\Lorenzo\AppData\Roaming\TechSmith 2013-02-17 02:02 . 2013-02-17 02:02 -------- d-----w- c:\users\Lorenzo\AppData\Local\TechSmith 2013-02-17 01:57 . 2013-02-17 01:57 -------- d-----w- c:\program files (x86)\QuickTime 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\programdata\TechSmith 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\program files (x86)\TechSmith 2013-02-13 12:14 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:14 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:08 . 2013-01-09 01:48 17812992 ----a-w- c:\windows\system32\mshtml.dll 2013-02-13 12:08 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll 2013-02-13 11:55 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 11:55 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 11:55 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 11:55 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 11:55 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 11:55 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 11:55 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 11:55 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 11:55 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 11:55 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 11:55 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers cpip.sys 2013-02-13 11:55 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-11 23:24 . 2013-02-11 23:25 -------- d-----w- c:\program files (x86)\PokerStars.IT 2013-02-11 18:08 . 2013-02-11 18:08 -------- d--h--w- c:\windows\SysWow64\CyberInstallerUninstallerSystem 2013-02-11 18:07 . 1998-06-17 22:00 89360 ----a-w- c:\windows\SysWow64\VB5DB.DLL 2013-02-11 18:07 . 1998-03-26 00:12 53248 ----a-w- c:\windows\SysWow64\zlib.dll 2013-02-11 18:07 . 2004-03-08 22:00 440352 ----a-w- c:\windows\SysWow64\MSHFLXGD.OCX 2013-02-11 18:07 . 2004-03-08 22:00 260880 ----a-w- c:\windows\SysWow64\MSFLXGRD.OCX 2013-02-11 18:07 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\RICHTX32.OCX 2013-02-11 18:07 . 2005-04-15 18:58 1071088 ----a-w- c:\windows\SysWow64\mscomctl.OCX 2013-02-11 18:07 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx 2013-02-11 18:07 . 2002-10-05 22:46 376832 ----a-w- c:\windows\SysWow64\actskin4.ocx 2013-02-11 18:05 . 2013-02-11 18:05 -------- d-----w- c:\users\Lorenzo\AppData\Roaming\CyberInstaller Studio 2008 2013-02-11 13:39 . 2004-08-05 12:00 59904 ----a-w- c:\windows\SysWow64\wbemdisp.tlb 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{1603C575-DE0E-4DC1-AC4B-24F18AA993C3} 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{460E7E9D-9010-4CD6-BE5B-0ED8FC2B4E95} 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A99423B3-61B7-4057-B0EE-29FEDCF4E625} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{9DDD206B-EEB3-4930-8633-0BCF0E12489F} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{289C471C-B3CA-4D45-B9F6-C7ABF6FFD997} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{00F3AECA-6FA1-4456-82B8-CD2B190E63C5} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B91D4286-466C-494D-A8C4-A6C4DA97613B} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B3C8205A-B022-43A4-AE57-5DE9C9BCF7E5} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{91B61A70-7BDB-40FD-B613-B8A61CD2249C} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A46B1C0B-0D86-4BC8-979A-66B931270C9C} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7EB8A378-EDE8-41C3-B41E-CA2BA4B4DD9B} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{03D4F668-E1CA-4527-921D-D7B269679B89} 2013-02-08 18:06 . 2006-01-29 11:48 45056 ----a-w- c:\windows\SysWow64\Synsopos.exe 2013-02-08 18:06 . 2006-01-29 11:48 401462 ----a-w- c:\windows\SysWow64 emp.000 2013-02-08 18:06 . 2006-01-29 11:48 147456 ----a-w- c:\windows\SysWow64\SynsoLChk.dll 2013-02-08 18:06 . 2013-02-08 18:09 -------- d-----w- c:\program files (x86)\Syncrosoft 2013-02-08 18:06 . 2007-02-23 12:57 757760 ----a-w- c:\windows\SysWow64\SYNSOACC.dll 2013-01-30 11:55 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL 2013-01-28 15:36 . 2013-01-28 15:36 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-13 13:32 . 2010-07-15 14:02 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-09 18:50 . 2012-09-07 20:31 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-09 18:50 . 2011-09-17 21:08 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-17 00:28 . 2010-09-07 20:35 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-04 04:43 . 2013-02-13 11:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-21 01:01 . 2012-12-21 01:01 0 ----a-w- c:\windows\SysWow64\sho793D.tmp 2012-12-16 17:11 . 2012-12-22 01:47 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 01:47 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:47 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:47 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-09 11:50 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 11:50 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 11:50 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 11:50 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 11:50 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 11:50 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 11:50 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 11:50 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 11:50 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 11:50 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 11:50 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 11:50 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 11:50 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 11:50 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 11:50 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 11:50 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 11:50 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 11:50 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 11:50 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 11:50 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 11:50 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 11:50 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 11:50 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 11:50 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 11:50 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-12-07 10:46 . 2013-01-09 11:50 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-05 15:00 . 2012-12-05 15:00 0 ----a-w- c:\windows\SysWow64\sho530B.tmp 2012-11-30 05:45 . 2013-01-09 11:49 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-09 11:49 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-09 11:49 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-09 11:49 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-09 11:49 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-09 11:49 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-09 11:49 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-20 39408] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] "eMuleAutoStart"="c:\program files (x86)\eMule\emule.exe" [2010-04-07 5758976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2012-01-13 340520] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] . c:\users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Voixio Communicator.lnk - c:\program files (x86)\Voixio Communicator\Voixio Communicator.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-24 113664] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2009-12-01 20:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux8"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor;c:\windows\system32\SupportAppXL\onda_mon.exe [x] R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-30 362992] R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-15 99384] R3 ffusb2audio;Focusrite USB 2.0 Audio Driver;c:\windows\system32\DRIVERS\ffusb2audio.sys [2011-07-07 57688] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x] R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-09-16 150656] R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [2008-09-16 167424] R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2008-09-16 150656] R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [2008-09-16 150656] R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-30 313840] R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 203320] R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynUSB64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers susbflt.sys [2010-11-20 59392] R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [2010-08-18 21200] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-05 834544] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 27152] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 202752] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 4948992] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920] S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-09-27 303872] S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264] . . Contenuto della cartella 'Scheduled Tasks' . 2013-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 18:50] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:18] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:18] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-888985583-17482544-4123605646-1001Core.job - c:\users\Lorenzo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 14:12] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-888985583-17482544-4123605646-1001UA.job - c:\users\Lorenzo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 14:12] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896] "Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [bU] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-20 171520] . ------- Scansione supplementare ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google uInternet Settings,ProxyOverride = *.local IE: Add to Playlist - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\program files (x86)\PokerStars.IT\PokerStarsUpdate.exe Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 192.168.1.1 . - - - - CHIAVI ORFANE RIMOSSE - - - - . AddRemove-FINAL FANTASY VIII - c:\windows\IsUn0410.exe AddRemove-{2AAC4085-DCBF-417B-AEBD-182197839240} - c:\programdata\{A0DFE2A5-DE68-41F3-8861-73E954C1D41D}\Traktor Setup PC.exe AddRemove-{F4E3B11A-863A-4ACE-8259-91C562EFEC25}_is1 - h:\resident evil 5\Uninstall\unins000.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\SecuROM\License information*] "datasecu"=hex:49,21,a0,31,49,6a,86,e6,1b,21,8f,71,31,ae,53,30,11,af,b2,d2,f0, 90,67,a6,78,4e,37,f7,dc,59,ed,c3,c5,95,8c,09,95,64,0f,ef,85,12,3e,6f,14,b0,\ "rkeysecu"=hex:53,77,a7,34,63,c2,96,32,43,d4,84,36,0e,30,7c,6c . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Ora fine scansione: 2013-02-22 19:26:38 ComboFix-quarantined-files.txt 2013-02-22 18:26 ComboFix2.txt 2013-02-22 14:43 ComboFix3.txt 2013-02-20 15:37 ComboFix4.txt 2013-02-20 15:18 ComboFix5.txt 2013-02-22 18:06 . Pre-Run: 214.312.587.264 byte disponibili Post-Run: 214.228.545.536 byte disponibili . - - End Of File - - 052168A360B7F49455FDEC31A12FD3AA Per quanto riguarda il log di Eset dopo la scansione(lunghissima)non ha trovato nessuna minaccia e l'unico log presente in quella cartella indicata riporta ciò; ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK (Ma non è stato creato dopo la scansione esisteva già!) Il log di Malwarebytes invece è; Malwarebytes Anti-Malware (Prova) 1.70.0.1100 www.malwarebytes.org Versione database: v2013.02.23.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Lorenzo :: OLIVER [amministratore] Protezione: Attivata 23/02/2013 01:27:41 mbam-log-2013-02-23 (01-27-41).txt Tipo di scansione: Scansione veloce Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM Opzioni di scansione disattivate: P2P Elementi esaminati: 215790 Tempo impiegato: 4 minuti, 28 secondi Processi rilevati in memoria: 0 (non sono stati rilevati elementi nocivi) Moduli di memoria rilevati: 0 (non sono stati rilevati elementi nocivi) Chiavi di registro rilevate: 0 (non sono stati rilevati elementi nocivi) Valori di registro rilevati: 0 (non sono stati rilevati elementi nocivi) Voci rilevate nei dati di registro: 0 (non sono stati rilevati elementi nocivi) Cartelle rilevate: 0 (non sono stati rilevati elementi nocivi) File rilevati: 0 (non sono stati rilevati elementi nocivi) (fine) Sperando di aver fatto tutto bene ti saluto e ringrazio per il momento!
- February 23, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Ciao Mr, Allora,log di Adw Cleaner; # AdwCleaner v2.112 - Logfile creato il 21/02/2013 alle 14:50:26 # Aggiornamento 10/02/2013 by Xplode # Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits) # Utente : Lorenzo - OLIVER # Modalità Avvio : Modalità Normale # Eseguito da : C:\Users\Lorenzo\Downloads\AdwCleaner.exe # Opzioni [Elimina] ***** [servizi] ***** Fermato & Eliminato : WajamUpdater ***** [File / Cartelle] ***** Cartella Eliminato : C:\Program Files (x86)\Conduit Cartella Eliminato : C:\Program Files (x86)\Wajam Cartella Eliminato : C:\ProgramData\Partner Cartella Eliminato : C:\Users\Lorenzo\AppData\Local\Conduit Cartella Eliminato : C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Cartella Eliminato : C:\Users\Lorenzo\AppData\Local\OpenCandy Cartella Eliminato : C:\Users\Lorenzo\AppData\Local\Wajam Cartella Eliminato : C:\Users\Lorenzo\AppData\LocalLow\Conduit Cartella Eliminato : C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam ***** [Registro] ***** Chiave Eliminata : HKCU\Software\1ClickDownload Chiave Eliminata : HKCU\Software\APN PIP Chiave Eliminata : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Chiave Eliminata : HKCU\Software\cacaoweb Chiave Eliminata : HKCU\Software\Conduit Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chiave Eliminata : HKCU\Software\Softonic Chiave Eliminata : HKCU\Software\Wajam Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2530241 Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2801948 Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2851640 Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamBHO Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1 Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamDownloader Chiave Eliminata : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1 Chiave Eliminata : HKLM\Software\Conduit Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Chiave Eliminata : HKLM\Software\PIP Chiave Eliminata : HKLM\Software\Wajam Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Chiave Eliminata : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}] ***** [browser Internet] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registro Pulito. -\\ Google Chrome v24.0.1312.57 File : C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File Pulito. ************************* AdwCleaner[s1].txt - [4989 octets] - [21/02/2013 14:50:26] ########## EOF - C:\AdwCleaner[s1].txt - [5049 octets] ########## e log di combofix eseguito dopo Adw Cleaner ; ComboFix 13-02-22.01 - Lorenzo 22/02/2013 15:23:54.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3950.444 [GMT 1:00] Eseguito da: c:\users\Lorenzo\Desktop\ComboFix.exe AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} AV: Kaspersky Anti-Virus *Disabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE} FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Anti-Virus *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Creati Da 2013-01-22 al 2013-02-22 ))))))))))))))))))))))))))))))))))) . . 2013-02-22 14:38 . 2013-02-22 14:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-22 11:04 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CB05A54-07C3-444A-AC9D-3CF6478DC236}\mpengine.dll 2013-02-19 19:09 . 2013-02-19 19:09 0 ----a-w- c:\windows\SysWow64\sho95F9.tmp 2013-02-19 09:49 . 2013-02-21 14:28 -------- d-----w- c:\users\Lorenzo\AppData\Local\CrashDumps 2013-02-17 02:03 . 2013-02-17 02:03 -------- d-----w- c:\users\Lorenzo\AppData\Roaming\TechSmith 2013-02-17 02:02 . 2013-02-17 02:02 -------- d-----w- c:\users\Lorenzo\AppData\Local\TechSmith 2013-02-17 01:57 . 2013-02-17 01:57 -------- d-----w- c:\program files (x86)\QuickTime 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\programdata\TechSmith 2013-02-17 01:56 . 2013-02-17 01:56 -------- d-----w- c:\program files (x86)\TechSmith 2013-02-13 12:14 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:14 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:08 . 2013-01-09 01:48 17812992 ----a-w- c:\windows\system32\mshtml.dll 2013-02-13 12:08 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll 2013-02-13 11:55 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 11:55 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 11:55 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 11:55 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 11:55 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 11:55 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 11:55 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 11:55 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 11:55 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 11:55 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 11:55 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 11:55 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-11 23:24 . 2013-02-11 23:25 -------- d-----w- c:\program files (x86)\PokerStars.IT 2013-02-11 18:08 . 2013-02-11 18:08 -------- d--h--w- c:\windows\SysWow64\CyberInstallerUninstallerSystem 2013-02-11 18:07 . 1998-06-17 22:00 89360 ----a-w- c:\windows\SysWow64\VB5DB.DLL 2013-02-11 18:07 . 1998-03-26 00:12 53248 ----a-w- c:\windows\SysWow64\zlib.dll 2013-02-11 18:07 . 2004-03-08 22:00 440352 ----a-w- c:\windows\SysWow64\MSHFLXGD.OCX 2013-02-11 18:07 . 2004-03-08 22:00 260880 ----a-w- c:\windows\SysWow64\MSFLXGRD.OCX 2013-02-11 18:07 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\RICHTX32.OCX 2013-02-11 18:07 . 2005-04-15 18:58 1071088 ----a-w- c:\windows\SysWow64\mscomctl.OCX 2013-02-11 18:07 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx 2013-02-11 18:07 . 2002-10-05 22:46 376832 ----a-w- c:\windows\SysWow64\actskin4.ocx 2013-02-11 18:05 . 2013-02-11 18:05 -------- d-----w- c:\users\Lorenzo\AppData\Roaming\CyberInstaller Studio 2008 2013-02-11 13:39 . 2004-08-05 12:00 59904 ----a-w- c:\windows\SysWow64\wbemdisp.tlb 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{1603C575-DE0E-4DC1-AC4B-24F18AA993C3} 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{460E7E9D-9010-4CD6-BE5B-0ED8FC2B4E95} 2013-02-09 11:57 . 2013-02-09 11:57 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A99423B3-61B7-4057-B0EE-29FEDCF4E625} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{9DDD206B-EEB3-4930-8633-0BCF0E12489F} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{289C471C-B3CA-4D45-B9F6-C7ABF6FFD997} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{00F3AECA-6FA1-4456-82B8-CD2B190E63C5} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B91D4286-466C-494D-A8C4-A6C4DA97613B} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B3C8205A-B022-43A4-AE57-5DE9C9BCF7E5} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{91B61A70-7BDB-40FD-B613-B8A61CD2249C} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A46B1C0B-0D86-4BC8-979A-66B931270C9C} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7EB8A378-EDE8-41C3-B41E-CA2BA4B4DD9B} 2013-02-09 11:52 . 2013-02-09 11:52 -------- d-----w- c:\windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{03D4F668-E1CA-4527-921D-D7B269679B89} 2013-02-08 18:06 . 2006-01-29 11:48 45056 ----a-w- c:\windows\SysWow64\Synsopos.exe 2013-02-08 18:06 . 2006-01-29 11:48 401462 ----a-w- c:\windows\SysWow64\temp.000 2013-02-08 18:06 . 2006-01-29 11:48 147456 ----a-w- c:\windows\SysWow64\SynsoLChk.dll 2013-02-08 18:06 . 2013-02-08 18:09 -------- d-----w- c:\program files (x86)\Syncrosoft 2013-02-08 18:06 . 2007-02-23 12:57 757760 ----a-w- c:\windows\SysWow64\SYNSOACC.dll 2013-01-30 11:55 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL 2013-01-28 15:36 . 2013-01-28 15:36 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-13 13:32 . 2010-07-15 14:02 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-09 18:50 . 2012-09-07 20:31 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-09 18:50 . 2011-09-17 21:08 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-17 00:28 . 2010-09-07 20:35 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-04 04:43 . 2013-02-13 11:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-21 01:01 . 2012-12-21 01:01 0 ----a-w- c:\windows\SysWow64\sho793D.tmp 2012-12-16 17:11 . 2012-12-22 01:47 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 01:47 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:47 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:47 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-09 11:50 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 11:50 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 11:50 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 11:50 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 11:50 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 11:50 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 11:50 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 11:50 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 11:50 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 11:50 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 11:50 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 11:50 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 11:50 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 11:50 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 11:50 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 11:50 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 11:50 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 11:50 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 11:50 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 11:50 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 11:50 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 11:50 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 11:50 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 11:50 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 11:50 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 11:50 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 11:50 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-12-07 10:46 . 2013-01-09 11:50 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-05 15:00 . 2012-12-05 15:00 0 ----a-w- c:\windows\SysWow64\sho530B.tmp 2012-11-30 05:45 . 2013-01-09 11:49 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-09 11:49 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-09 11:49 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-09 11:49 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-09 11:49 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-09 11:49 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-09 11:49 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 11:49 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-20 39408] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] "eMuleAutoStart"="c:\program files (x86)\eMule\emule.exe" [2010-04-07 5758976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2012-01-13 340520] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] . c:\users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Voixio Communicator.lnk - c:\program files (x86)\Voixio Communicator\Voixio Communicator.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-24 113664] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2009-12-01 20:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux8"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor;c:\windows\system32\SupportAppXL\onda_mon.exe [x] R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-30 362992] R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-15 99384] R3 ffusb2audio;Focusrite USB 2.0 Audio Driver;c:\windows\system32\DRIVERS\ffusb2audio.sys [2011-07-07 57688] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x] R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-09-16 150656] R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [2008-09-16 167424] R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2008-09-16 150656] R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [2008-09-16 150656] R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-30 313840] R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 203320] R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynUSB64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [2010-08-18 21200] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-05 834544] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 27152] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 202752] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 4948992] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920] S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-09-27 303872] S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264] . . Contenuto della cartella 'Scheduled Tasks' . 2013-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 18:50] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:18] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:18] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-888985583-17482544-4123605646-1001Core.job - c:\users\Lorenzo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 14:12] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-888985583-17482544-4123605646-1001UA.job - c:\users\Lorenzo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 14:12] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896] "Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [bU] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-20 171520] . ------- Scansione supplementare ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google uInternet Settings,ProxyOverride = *.local IE: Add to Playlist - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\program files (x86)\PokerStars.IT\PokerStarsUpdate.exe Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 192.168.1.1 . - - - - CHIAVI ORFANE RIMOSSE - - - - . AddRemove-FINAL FANTASY VIII - c:\windows\IsUn0410.exe AddRemove-{2AAC4085-DCBF-417B-AEBD-182197839240} - c:\programdata\{A0DFE2A5-DE68-41F3-8861-73E954C1D41D}\Traktor Setup PC.exe AddRemove-{F4E3B11A-863A-4ACE-8259-91C562EFEC25}_is1 - h:\resident evil 5\Uninstall\unins000.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-888985583-17482544-4123605646-1001\Software\SecuROM\License information*] "datasecu"=hex:49,21,a0,31,49,6a,86,e6,1b,21,8f,71,31,ae,53,30,11,af,b2,d2,f0, 90,67,a6,78,4e,37,f7,dc,59,ed,c3,c5,95,8c,09,95,64,0f,ef,85,12,3e,6f,14,b0,\ "rkeysecu"=hex:53,77,a7,34,63,c2,96,32,43,d4,84,36,0e,30,7c,6c . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Ora fine scansione: 2013-02-22 15:43:45 ComboFix-quarantined-files.txt 2013-02-22 14:43 ComboFix2.txt 2013-02-20 15:37 ComboFix3.txt 2013-02-20 15:18 ComboFix4.txt 2013-02-13 12:48 . Pre-Run: 214.786.170.880 byte disponibili Post-Run: 214.479.065.088 byte disponibili . - - End Of File - - 5ABFE13DF3BCD6732E782E8DACCA89AB
- February 22, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Ciao Mr,ti allego il log di combofix,ho riscontrato un problema però...quando vado a riattivare windows defender,e clicco sull'icona mi dice"E' stata tentata un'operazione non consentita su una chiave di registro di sistema segnata per l'eliminazione". Come faccio a riattivare Windows defender? Grazie a presto! log combo.txt
- February 20, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Ciao Mr,grazie della risposta intanto,ti volevo chiedere solo una cosa prima di procedere,io come ti ho detto avevo fatto la scansione con combofix,ma l'ho tenuto installato con la sua relativa cartella di quarantena,quando vado a fare la procedura da te proposta come faccio?disinstallo il vecchio e la relativa cartella o rischio qualcosa e quindi mi rimetto tutte le chiavi in quarantena al loro posto?(se dovessi procedere in tal senso mi potresti spiegare come fare a farlo per piacere?) Grazie a presto
- February 20, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Il mio computer va sempre peggio! C'è nessuno che possa aiutarmi!?
- February 19, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Eh mi devi perdonare... ho editato il vecchio messaggio Grazie,a presto!
- February 14, 2013
- 20 risposte
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha risposto a lorenzetto23 nel forum ComboFix Logs & Malware Removal

Grazie Mr 4011 della risposta e dell'assistenza,fatto tutto come richiesto ti allego di seguito i log di dds attach; . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 15/07/2010 14:11:36 System Uptime: 14/02/2013 11:49:53 (1 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | N/A | 2266/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 455 GiB total, 202,358 GiB free. D: is Removable E: is Removable F: is CDROM () G: is CDROM () I: is CDROM () J: is CDROM () K: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {5c69eefe-3c1e-44ef-8501-f475f902fca7} Description: USB Protection Device Device ID: ROOT\SYNCROSOFT_PROTECTION_DEVICE\0000 Manufacturer: SIA Syncrosoft Name: USB Protection Device PNP Device ID: ROOT\SYNCROSOFT_PROTECTION_DEVICE\0000 Service: SynasUSB . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Photoshop CS Adobe Reader 9.5.2 - Italiano Alice MOBILE_MT503HSA Alps Pointing-device for VAIO AmpegSVX Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 3 ASIO4ALL ATI Catalyst Install Manager µTorrent aTube Catcher Audacity 2.0 Batman: Arkham Asylum Bonjour CamStudio Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Creative ALchemy Universal D3DX10 Defraggler EAX™ Unified (SHELL) eMule Evernote F1 2010 FIFA 12 © EA version 1 FINAL FANTASY VIII FM Screen Capture Codec (Remove Only) Focusrite Scarlett Plug-in Suite 1.1 Focusrite USB 2.0 Audio Driver 2.1 Gestione alimentazione VAIO Google Chrome Google Toolbar for Internet Explorer Google Update Helper Grand Theft Auto IV Impostazioni di Programma di monitoraggio contenuto VAIO Impostazioni funzioni originali VAIO Intel® Control Center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver iTunes Java Auto Updater Java™ 6 Update 16 (64-bit) Java™ 6 Update 20 Java™ 6 Update 37 Junk Mail filter update Kaspersky Anti-Virus 2010 L.A. Noire Live 8.0.1 ManyCam 2.6.1 (remove only) Media Gallery Mesh Runtime Messenger Companion MetalGearSolid2 Substance Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) Microsoft .NET Framework 4 Client Profile ITA Language Pack Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft MPEG-4 VKI Video Codec V1/V2/V3 Microsoft Office 2010 Microsoft Office a portata di clic 2010 Microsoft Office Outlook MUI (Spanish) 2007 Microsoft Office Starter 2010 - Italiano Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Compact 3.5 SP1 x64 English Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Xbox 360 Accessories 1.2 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MusicStation Native Instruments Controller Editor Native Instruments Guitar Rig 4 Native Instruments Service Center NBA 2K13 neroxml NVIDIA PhysX OpenAL OpenOffice.org 3.2 Pacchetto driver Windows - Focusrite USB 2.0 Audio Driver (07/07/2011 15.32.4.883) PartyPoker.it PC Sync PCSX2 - Playstation 2 Emulator PMB PMB VAIO Edition Guide PMB VAIO Edition Plug-in PokerStars.it Prince of Persia T2T Quick Web Access Raccolta foto di Windows Live Rapture3D 2.4.4 Game Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver Remote Keyboard Resident Evil 5 Rockstar Games Social Club Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy Media Creator 10 LJ Roxio Easy Media Creator Home Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Setting Utility Series Setup_msm_VCMS_x64 Setup_msm_VOFS_x64 Setup_VEP_x64_Contain_SSDB Skype Click to Call Skype™ 6.1 Sonnox Oxford R3 Dynamics Native VST v1.3.1 Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 Steinberg Cubase 5 Supporto trasferimento VAIO Syncrosoft License Control Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Utility Configurazione iPhone VAIO - PMB VAIO Edition Guide VAIO - PMB VAIO Edition Plug-in VAIO - Tastiera remota VAIO Care VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Intelligent Network Service Manager VAIO Content Metadata Manager Settings VAIO Content Metadata XML Interface Library VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data VAIO Entertainment Platform VAIO Event Service VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Marketing Tools VAIO Media plus VAIO Media plus Opening Movie VAIO Movie Story Template Data VAIO Personalization Manager VAIO Premium Partners VAIO screensaver VAIO Smart Network VAIO Update VAIO Update Merge Module x64 VAIO Wallpaper Contents VC80CRTRedist - 8.0.50727.6195 Visualizzatore di Microsoft PowerPoint VLC media player 1.1.11 VU5x64 VU5x86 Wajam WIDCOMM Bluetooth Software Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR gestione archivi . ==== End Of File =========================== dds; . DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 Run by Lorenzo at 12:45:11 on 2013-02-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3950.255 [GMT 1:00] . AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} AV: Kaspersky Anti-Virus *Disabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE} SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Anti-Virus *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Windows\SysWOW64\SupportAppXL\onda_mon.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32 askhost.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Windows\system32 askeng.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\eMule\emule.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Windows\System32\vds.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\explorer.exe C:\Users\Lorenzo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32 askeng.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mStart Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google mSearch Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Guida per l'accesso a Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Lorenzo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VOIXIO~1.LNK - C:\Program Files (x86)\Voixio Communicator\Voixio Communicator.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Playlist - C:\Program Files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 IE: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files (x86)\PokerStars.IT\PokerStarsUpdate.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll Trusted Zone: internet Trusted Zone: mcafee.com Trusted Zone: mcafee.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\14E64627F69646140543532393 : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\14E64627F69646140543532393A7 : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\B6163656E6B61613 : DHCPNameServer = 10.0.0.138 TCP: Interfaces\{B88FF334-7DE4-4327-8B9E-97508A7EB68E} : DHCPNameServer = 213.230.155.10 213.230.130.222 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll AppInit_DLLs= C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll SSODL: WebCheck - <orphaned> x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe x64-Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: klogon - C:\Windows\System32\klogon.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\System32\drivers\klbg.sys [2009-10-14 40464] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-5-20 55856] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2009-9-14 27152] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-8 202752] R2 AVP;Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-10-20 340520] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-19 13336] R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-7-17 4948992] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor;C:\Windows\System32\SupportAppXL\onda_mon.exe --> C:\Windows\System32\SupportAppXL\onda_mon.exe [?] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-5-19 93696] R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-5-19 75776] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-29 259192] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-5-20 104960] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-15 2320920] R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-9-27 864000] R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-10-6 845312] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-5-20 19968] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-19 56344] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-10-2 21008] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-5-19 11392] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-9-27 303872] R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-5-20 571248] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-11-29 44736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-5-19 395264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-5-19 52264] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-5-19 35104] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-2-15 99384] S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;C:\Windows\System32\drivers\ffusb2audio.sys [2011-12-1 57688] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-1-5 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-5-19 151936] S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-5-19 244736] S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;C:\Windows\System32\drivers\ONDAusbmdm6k.sys [2011-9-4 150656] S3 ONDAusbnet;ONDA USB-NDIS miniport;C:\Windows\System32\drivers\ONDAusbnet.sys [2011-9-4 167424] S3 ONDAusbnmea;ONDA NMEA Port;C:\Windows\System32\drivers\ONDAusbnmea.sys [2011-9-4 150656] S3 ONDAusbser6k;ONDA Diagnostic Port;C:\Windows\System32\drivers\ONDAusbser6k.sys [2011-9-4 150656] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-2-15 203320] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-1 59392] S3 TVICHW64;TVICHW64;C:\Windows\System32\drivers\TVicHW64.sys [2010-8-18 21200] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152] S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] S3 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-10-5 109064] S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-15 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-02-13 12:40:25 -------- d-----w- C:\$RECYCLE.BIN 2013-02-13 12:15:23 98816 ----a-w- C:\Windows\sed.exe 2013-02-13 12:15:23 256000 ----a-w- C:\Windows\PEV.exe 2013-02-13 12:15:23 208896 ----a-w- C:\Windows\MBR.exe 2013-02-13 12:14:54 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 12:14:53 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 11:55:30 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 11:55:29 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-13 11:55:29 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-13 11:55:23 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 11:55:20 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-13 11:55:20 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-13 11:55:20 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-13 11:55:20 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-13 11:55:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-13 11:55:20 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-13 11:55:17 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-13 11:55:17 1913192 ----a-w- C:\Windows\System32\drivers cpip.sys 2013-02-12 11:46:56 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E44C5C06-9BF3-4518-9C08-643312394865}\mpengine.dll 2013-02-11 23:24:17 -------- d-----w- C:\Program Files (x86)\PokerStars.IT 2013-02-11 18:08:58 -------- d--h--w- C:\Windows\SysWow64\CyberInstallerUninstallerSystem 2013-02-11 18:07:18 89360 ----a-w- C:\Windows\SysWow64\VB5DB.DLL 2013-02-11 18:07:18 53248 ----a-w- C:\Windows\SysWow64\zlib.dll 2013-02-11 18:07:17 440352 ----a-w- C:\Windows\SysWow64\MSHFLXGD.OCX 2013-02-11 18:07:17 260880 ----a-w- C:\Windows\SysWow64\MSFLXGRD.OCX 2013-02-11 18:07:17 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX 2013-02-11 18:07:16 662288 ----a-w- C:\Windows\SysWow64\mscomct2.ocx 2013-02-11 18:07:16 1071088 ----a-w- C:\Windows\SysWow64\mscomctl.OCX 2013-02-11 18:05:17 -------- d-----w- C:\Users\Lorenzo\AppData\Roaming\CyberInstaller Studio 2008 2013-02-11 13:39:13 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb 2013-02-09 11:57:14 -------- d-----w- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{1603C575-DE0E-4DC1-AC4B-24F18AA993C3} 2013-02-09 11:57:12 -------- d-----w- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{460E7E9D-9010-4CD6-BE5B-0ED8FC2B4E95} 2013-02-09 11:57:10 -------- d-----w- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A99423B3-61B7-4057-B0EE-29FEDCF4E625} 2013-02-09 11:52:21 -------- d-----w- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{9DDD206B-EEB3-4930-8633-0BCF0E12489F} 2013-02-09 11:52:21 -------- d-----w- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{289C471C-B3CA-4D45-B9F6-C7ABF6FFD997} 2013-02-09 11:52:21 -------- d-----w- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{00F3AECA-6FA1-4456-82B8-CD2B190E63C5} 2013-02-09 11:52:17 -------- d-----w- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B91D4286-466C-494D-A8C4-A6C4DA97613B} 2013-02-09 11:52:17 -------- d-----w- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{B3C8205A-B022-43A4-AE57-5DE9C9BCF7E5} 2013-02-09 11:52:17 -------- d-----w- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{91B61A70-7BDB-40FD-B613-B8A61CD2249C} 2013-02-09 11:52:13 -------- d-----w- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A46B1C0B-0D86-4BC8-979A-66B931270C9C} 2013-02-09 11:52:13 -------- d-----w- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7EB8A378-EDE8-41C3-B41E-CA2BA4B4DD9B} 2013-02-09 11:52:13 -------- d-----w- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{03D4F668-E1CA-4527-921D-D7B269679B89} 2013-02-08 18:06:54 45056 ----a-w- C:\Windows\SysWow64\Synsopos.exe 2013-02-08 18:06:50 401462 ----a-w- C:\Windows\SysWow64 emp.000 2013-02-08 18:06:45 147456 ----a-w- C:\Windows\SysWow64\SynsoLChk.dll 2013-02-08 18:06:44 757760 ----a-w- C:\Windows\SysWow64\SYNSOACC.dll 2013-02-08 18:06:44 -------- d-----w- C:\Program Files (x86)\Syncrosoft 2013-02-02 13:42:22 -------- d-----w- C:\Users\Lorenzo\AppData\Local\{85FB48D5-6742-478D-BF82-791892C65C50} 2013-01-30 11:55:12 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL . ==================== Find3M ==================== . 2013-02-09 18:50:49 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-09 18:50:48 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-21 01:01:12 0 ----a-w- C:\Windows\SysWow64\sho793D.tmp 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-12-05 15:00:32 0 ----a-w- C:\Windows\SysWow64\sho530B.tmp 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32 askhost.exe 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-18 01:22:57 0 ----a-w- C:\Windows\SysWow64\sho5F9.tmp . ============= FINISH: 12:45:50,86 =============== E' tutto...penso! Grazie e a presto! aswMBR.rar
- February 14, 2013
- 20 risposte
Un Ciao A Tutti Gli Utenti

lorenzetto23 ha aggiunto un topic in Esercitati qui a scrivere su WinInizio (non si risponderà a problemi informatici)

Ciao qui è Lorenzo,mi sono appena iscritto al forum,spero di avere una buona permanenza
- February 13, 2013
- 1 risposta
Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

lorenzetto23 ha aggiunto un topic in ComboFix Logs & Malware Removal

Ciao a tutti,è ormai un mesetto che il mio notebook Vaio Vpcec2m1e mi crea non pochi problemi,sia all'accensione(tempi di caricamento molto lunghi per rendersi operativo)sia durante l'uso(le pagine si aprono lente,anche ora mentre scrivo qui sul forum mi si blocca temporaneamente la scrittura,quando passo da una finestra all'altra ci sono dei momenti di blocco totale),leggendo qua e là sul forum,ho pensato di fare un'analisi con Combofix di cui vi allego il log,ora visto e considerato che il problema non mi sembra migliorato,vorrei chiedere se ho fatto tutto bene(ho disattivato antivirus,e connessione internet)e se quelle chiavi che ha messo in quarantena sono eliminabili oppure no. A me non sembra aver ricevuto grande beneficio per ora(ho anche riavviato,perché prima del riavvio se cliccavo sulle icone di Chrome o Esplora risorse mi diceva che la chiave era stata spostata/eliminata,dopo il riavvio però sembra tutto tornato ok). C'è qualcuno che sa confermarmi innanzitutto se posso procedere con la disinstallazione di combofix(viste le chiavi che lui considera infette),e consigliarmi come procedere eventualmente in maniera più efficace? Grazie molte a presto,Lorenzo P.s. Ho creato un punto di ripristino dopo aver fatto l'analisi con Combofix log combofix.txt
- February 13, 2013
- 20 risposte
Partizione Si O Partizione No!?

lorenzetto23 ha aggiunto un topic in Hard Disk, SSD, Memory Card, USB Pendrive

Ciao a tutti ho da poco acquistato un sony vaio...;che dire bella macchina adatta ai miei scopi...dopo aver creato i dischi di ripristino mi è sorto il dubbio riguardo alla partizione del hd,ho un hd da 500 gb,e ho sentito che dischi di grandi dimensioni hanno maggiori prestazioni se partizionati,il mio dubbio è:conviene davvero la partizione nel mio caso(una primaria ed una logica)considerando il fatto che,se ho ben capito i notebook hanno già di per se una partizione per il recovery? Comunque trovo che potrebbe restare utile per una futura(scongiuri)instabilità di sistema e non perdere i dati,ma vorrei avere pareri sicuramente più esperti,con corrispondenti rischi o controindicazioni. Grazie mille come al solito a chi vorrà e potrà rispondere.
- August 5, 2010
- 4 risposte
Correggere Gli Errori In Windows Xp Aiutatemi!

lorenzetto23 ha risposto a lorenzetto23 nel forum Antispyware - Problemi e consigli d'uso

bene questi sono i log allegati io credo di aver fatto tutto bene...ma non ne posso essere sicuro...quello che mi lascia perplesso e' che vedo che mi hai detto ricordati di riattivare il ripristino delle configurazioni di sistema su tutte le unita' perche nella tua prima risposta io ho capito che bisogna disattivare e poi riattivarle subito e poi creare un punto di ripristino quindi al termine della procedura io me le trovo gia' riattivate perche l ho gia fatto prima...non ho capito bene questo passo e forse ho sbagliato li comunque intanto leggi i log file e dimmi un po che ne pensi...se ti va ti chiedo di farmi capire meglio passo per passo la procedura se l ho sbagliata che ti ho detto dove mi sono incasinato...cmq x ora ti ringrazio....ciao disattiva il ripristino configurazione di sistema (nota che questo ELIMINERA' TUTTI i punti di ripristino e quindi anche i virus) Poi Riabilitalo almeno sull'unità dove hai il sistema operativo e crea un nuovo punto di ripristino pulito al termine delle operazioni. questo passo per la precisione e' quelloche ho capito male per_angelique.txt avenger_file.txt
- December 22, 2007
- 12 risposte
Correggere Gli Errori In Windows Xp Aiutatemi!

lorenzetto23 ha risposto a lorenzetto23 nel forum Antispyware - Problemi e consigli d'uso

mhhh ok ora lo rifaccio....ma il dubbio che insorge e' ora che non ho piu punti di ripristino...anche debbellando il problema riesco ad avere il computer come prima???????grazie scusa se ti rompo.....
- December 22, 2007
- 12 risposte
Correggere Gli Errori In Windows Xp Aiutatemi!

lorenzetto23 ha risposto a lorenzetto23 nel forum Antispyware - Problemi e consigli d'uso

ho provato a fare quanto da te richiesto.....ma disattivando il ripristino della configurazione di sitema ho perso tutti i punti di ripristino ed ora non posso piu' tornare indietro :sigh: :sigh: quindi penso che prima di passare ad una formattazione sia utile provare a fare bene cio che dici ho fatto tutto come mi hai detto ma quando vado in modalita' provvisoria e faccio la scansione con hijacks non mi rileva tutte le voci che mi hai elencato a cui mettere la spunta!!!!quale puo' essere l'origine del problema????calcola che ho impostato mozzilla come browser principale per poter riuscire a navigare...ora ho rimesso explorer ma la scansione l ho fatto con mozzilla come browser predefinito puo' avere influito quello od ho sbagliato qualcosa?????fammi sapere thanks......cmq il tuo metodo si puo' eseguire anche senza settare come descritto nella guida il nod 32????perche io ho la versione vecchia e non ha tutte le opzioni per la nuova versione dovrei spendere $$$$ e non ne vedo il motivo visto che la mia va benone.....
- December 22, 2007
- 12 risposte

Accedi

lorenzetto23

Numero contenuti

Iscritto

Ultima visita

Su lorenzetto23

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Un Ciao A Tutti Gli Utenti

Pc Instabile,ho Usato Combofix Ma Vorrei Un Parere Dai Più Esperti

Partizione Si O Partizione No!?

Correggere Gli Errori In Windows Xp Aiutatemi!

Correggere Gli Errori In Windows Xp Aiutatemi!

Correggere Gli Errori In Windows Xp Aiutatemi!

Sezioni principali

Attività