Accedi per seguire   
Seguaci 0
DaniFilth

Log Di Combofix

Iniziato da DaniFilth,

3 messaggi in questa discussione

Inviato

Salve, ho fatto la scansione con combofix.adesso ve la faccio vedere.

vi posto il log

ComboFix 08-07-09.5 - privato 2008-07-11 13:40:40.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.197 [GMT 2:00]

Eseguito da: C:\Documents and Settings\privato\Desktop\ComboFix.exe

* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\privato\Menu Avvio\Programmi\PlayMP3z

C:\WINDOWS\system32\dcads-remove.exe

C:\WINDOWS\system32\superiorads-uninst.exe

.

((((((((((((((((((((((((( Files Creati Da 2008-06-11 al 2008-07-11 )))))))))))))))))))))))))))))))))))

.

2008-07-11 11:47 . 2008-07-11 11:47 <DIR> d-------- C:\Programmi\Yahoo!

2008-07-11 11:47 . 2008-07-11 11:49 <DIR> d-------- C:\Programmi\CCleaner

2008-07-10 16:29 . 2008-07-10 16:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-07-10 16:29 . 2008-07-10 16:29 1,409 --a------ C:\WINDOWS\QTFont.for

2008-07-03 09:44 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-07-03 09:42 . 2008-07-03 09:42 <DIR> d-------- C:\Programmi\File comuni\Java

2008-06-18 12:15 . 2008-06-18 12:31 921,600 --a------ C:\SQ.bin

2008-06-12 10:48 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys

2008-06-12 10:48 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

2008-06-11 20:46 . 2008-06-11 20:46 <DIR> d-------- C:\WINDOWS\Sun

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-11 10:46 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\LimeWire

2008-07-11 09:58 --------- d-----w C:\Programmi\a-squared Free

2008-07-11 09:26 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP

2008-07-05 11:04 --------- d--h--w C:\Programmi\InstallShield Installation Information

2008-07-05 11:03 --------- d-----w C:\Programmi\Windows Live

2008-07-05 09:57 --------- d-----w C:\Programmi\QuickTime

2008-07-05 09:55 --------- d-----w C:\Programmi\File comuni\Adobe

2008-07-03 07:44 --------- d-----w C:\Programmi\Java

2008-06-20 17:39 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-06-10 08:50 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\Malwarebytes

2008-06-10 08:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes

2008-06-09 10:06 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\Uniblue

2008-06-09 08:15 --------- d-----w C:\Programmi\PC Tools Firewall Plus

2008-06-07 19:45 --------- d-----w C:\Programmi\Macrogaming

2008-06-07 18:24 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\Setup live bird

2008-06-07 18:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Support Site Inside Heck

2008-06-07 18:14 --------- d-----w C:\Programmi\Avira

2008-06-07 18:14 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Avira

2008-06-07 18:12 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Avg7

2008-06-07 18:10 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Grisoft

2008-06-07 18:06 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\PCToolsFirewallPlus

2008-06-07 18:04 --------- d-----w C:\Programmi\File comuni\PC Tools

2008-06-07 17:51 --------- d-----w C:\Programmi\CodeStuff

2008-05-24 15:27 --------- d-----w C:\Documents and Settings\privato\Dati applicazioni\Windows Live Writer

2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll

2008-04-21 07:01 662,016 ----a-w C:\WINDOWS\system32\wininet.dll

2006-12-25 18:52 92,064 ----a-w C:\Documents and Settings\privato\mqdmmdm.sys

2006-12-25 18:52 9,232 ----a-w C:\Documents and Settings\privato\mqdmmdfl.sys

2006-12-25 18:52 79,328 ----a-w C:\Documents and Settings\privato\mqdmserd.sys

2006-12-25 18:52 66,656 ----a-w C:\Documents and Settings\privato\mqdmbus.sys

2006-12-25 18:52 6,208 ----a-w C:\Documents and Settings\privato\mqdmcmnt.sys

2006-12-25 18:52 5,936 ----a-w C:\Documents and Settings\privato\mqdmwhnt.sys

2006-12-25 18:52 4,048 ----a-w C:\Documents and Settings\privato\mqdmcr.sys

2006-12-25 18:52 25,600 ----a-w C:\Documents and Settings\privato\usbsermptxp.sys

2006-12-25 18:52 22,768 ----a-w C:\Documents and Settings\privato\usbsermpt.sys

2007-05-27 09:16 16 --sha-r C:\WINDOWS\group.dat

2007-05-27 09:45 16 --sha-r C:\WINDOWS\winsys.dat

.

((((((((((((((((((((((((((((( snapshot@2008-06-08_14.35.40,54 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-06-08 08:51:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-07-11 09:26:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-06-14 17:59:10 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys

- 2008-05-15 12:36:49 593,920 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2008-07-10 11:44:37 593,920 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe

- 2008-05-15 12:36:49 12,288 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2008-07-10 11:44:37 12,288 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2008-05-15 12:36:49 86,016 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2008-07-10 11:44:37 86,016 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2008-05-15 12:36:49 135,168 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2008-07-10 11:44:37 135,168 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2008-05-15 12:36:50 11,264 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2008-07-10 11:44:37 11,264 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2008-05-15 12:36:50 27,136 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2008-07-10 11:44:37 27,136 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2008-05-15 12:36:50 4,096 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2008-07-10 11:44:38 4,096 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2008-05-15 12:36:50 794,624 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2008-07-10 11:44:38 794,624 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2008-05-15 12:36:49 249,856 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-07-10 11:44:37 249,856 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2008-05-15 12:36:49 61,440 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2008-07-10 11:44:37 61,440 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2008-05-15 12:36:50 23,040 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2008-07-10 11:44:38 23,040 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2008-05-15 12:36:49 286,720 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2008-07-10 11:44:37 286,720 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2008-05-15 12:36:49 409,600 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2008-07-10 11:44:37 409,600 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2008-05-15 12:34:11 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe

+ 2008-06-11 08:28:41 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe

- 2006-12-07 17:56:23 2,266 ----a-w C:\WINDOWS\mozver.dat

+ 2008-06-20 10:45:23 2,397 ----a-w C:\WINDOWS\mozver.dat

- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe

+ 2008-03-19 17:23:20 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

+ 2008-03-19 17:36:22 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll

+ 2008-03-19 17:24:02 487,424 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll

+ 2008-03-19 16:46:26 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll

+ 2008-03-19 17:24:04 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll

+ 2008-03-19 16:42:42 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll

+ 2008-03-19 17:22:34 249,856 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll

+ 2008-03-19 17:25:36 442,368 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll

+ 2008-03-19 17:36:06 439,736 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100429.exe

+ 2008-03-19 17:26:20 110,592 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe

+ 2008-03-19 17:22:22 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll

+ 1999-06-25 08:55:30 149,504 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE

- 2008-02-16 09:01:18 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll

+ 2008-04-21 07:01:13 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll

- 2008-02-16 09:01:18 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll

+ 2008-04-21 07:01:14 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll

- 2008-06-08 12:03:50 1,632 ----a-w C:\WINDOWS\system32\d3d8caps.dat

+ 2008-06-09 13:59:38 1,632 ----a-w C:\WINDOWS\system32\d3d8caps.dat

- 2008-06-02 14:12:37 1,744 ----a-w C:\WINDOWS\system32\d3d9caps.dat

+ 2008-06-30 10:50:36 1,744 ----a-w C:\WINDOWS\system32\d3d9caps.dat

- 2008-02-16 09:01:18 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll

+ 2008-04-21 07:01:15 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll

- 2004-08-03 21:14:16 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys

+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys

- 2008-02-16 09:01:18 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll

+ 2008-04-21 07:01:13 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll

- 2008-02-16 09:01:18 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll

+ 2008-04-21 07:01:14 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll

- 2008-02-16 09:01:18 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll

+ 2008-04-21 07:01:15 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll

- 2008-02-20 05:33:54 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

+ 2008-06-20 17:39:47 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

- 2008-02-16 09:01:18 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll

+ 2008-04-21 07:01:15 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll

- 2008-02-16 09:01:18 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll

+ 2008-04-21 07:01:15 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll

- 2008-02-16 09:01:18 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll

+ 2008-04-21 07:01:15 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll

- 2008-02-15 09:23:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe

+ 2008-04-17 10:52:54 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe

- 2008-02-16 09:01:18 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll

+ 2008-04-21 07:01:15 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll

- 2008-02-16 09:01:18 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll

+ 2008-04-21 07:01:16 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll

- 2008-02-16 09:01:19 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll

+ 2008-04-21 07:01:16 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll

- 2008-02-16 22:31:22 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll

+ 2008-04-21 07:01:20 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll

- 2008-02-16 09:01:21 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll

+ 2008-04-21 07:01:20 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll

- 2008-02-16 09:01:21 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll

+ 2008-04-21 07:01:20 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll

- 2008-02-16 09:01:21 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll

+ 2008-04-21 07:01:21 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll

- 2004-08-19 13:39:20 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll

+ 2008-06-20 17:39:47 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll

- 2008-02-16 09:01:21 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll

+ 2008-04-21 07:01:21 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll

- 2007-10-29 22:42:50 1,292,800 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll

+ 2008-05-07 05:14:42 1,292,800 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll

- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys

+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys

- 2008-02-16 09:01:22 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll

+ 2008-04-21 07:01:23 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll

- 2008-02-16 09:01:23 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll

+ 2008-04-21 07:01:23 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll

- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys

+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys

- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys

+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys

- 2008-02-16 09:01:23 616,960 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll

+ 2008-04-21 07:01:24 616,960 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll

- 2008-02-16 09:01:23 662,016 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll

+ 2008-04-21 07:01:24 662,016 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll

- 2008-02-20 05:33:54 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll

+ 2008-06-20 17:39:47 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll

- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

- 2008-02-16 09:01:18 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll

+ 2008-04-21 07:01:15 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll

- 2008-02-16 09:01:18 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll

+ 2008-04-21 07:01:15 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll

- 2008-02-16 09:01:18 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll

+ 2008-04-21 07:01:15 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll

- 2008-02-16 09:01:18 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll

+ 2008-04-21 07:01:15 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll

- 2008-02-16 09:01:18 96,768 ----a-w C:\WINDOWS\system32\inseng.dll

+ 2008-04-21 07:01:16 96,768 ----a-w C:\WINDOWS\system32\inseng.dll

- 2007-07-11 23:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe

+ 2008-03-24 23:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe

- 2007-07-11 23:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe

+ 2008-03-24 23:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe

- 2007-07-12 00:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe

+ 2008-03-25 00:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe

- 2008-02-16 09:01:19 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll

+ 2008-04-21 07:01:16 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll

- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe

- 2008-02-16 22:31:22 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll

+ 2008-04-21 07:01:20 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll

- 2008-02-16 09:01:21 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll

+ 2008-04-21 07:01:20 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll

- 2008-02-16 09:01:21 146,432 ----a-w C:\WINDOWS\system32\msrating.dll

+ 2008-04-21 07:01:20 146,432 ----a-w C:\WINDOWS\system32\msrating.dll

- 2008-02-16 09:01:21 532,480 ----a-w C:\WINDOWS\system32\mstime.dll

+ 2008-04-21 07:01:21 532,480 ----a-w C:\WINDOWS\system32\mstime.dll

- 2008-02-16 09:01:21 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll

+ 2008-04-21 07:01:21 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll

- 2008-02-16 09:01:22 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll

+ 2008-04-21 07:01:23 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll

- 2008-02-16 09:01:23 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll

+ 2008-04-21 07:01:23 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll

- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2007-11-30 12:39:40 18,808 ------w C:\WINDOWS\system32\spmsg.dll

- 2008-02-16 09:01:23 616,960 ----a-w C:\WINDOWS\system32\urlmon.dll

+ 2008-04-21 07:01:24 616,960 ----a-w C:\WINDOWS\system32\urlmon.dll

- 2008-02-15 23:03:16 367,104 ----a-w C:\WINDOWS\system32\xpsp3res.dll

+ 2008-04-17 11:03:49 367,104 ----a-w C:\WINDOWS\system32\xpsp3res.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-26 14:11 68856]

"msnmsgr"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"00PCTFW"="C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2008-03-28 14:37 2598808]

"avgnt"="C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programmi\\LimeWire\\LimeWire.exe"=

R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-03-12 09:30]

R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-02-21 08:56]

R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-02-21 08:56]

R3 SQTECH930B;Trust WB-3500T USB2 Webcam;C:\WINDOWS\system32\Drivers\Capt930b.sys [2005-04-21 16:55]

.

Contenuto della cartella 'Scheduled Tasks'

"2008-07-11 11:02:02 C:\WINDOWS\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"

- C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE

.

- - - - ORPHANS REMOVED - - - -

BHO-{88990fdd-e7d5-719e-bc86-a6e43ed1e400} - C:\WINDOWS\system32\nsv46.dll

HKCU-Run-Uniblue RegistryBooster 2 - C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe

Notify-WgaLogon - (no file)

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-11 13:42:42

Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo

Files nascosti: 0

**************************************************************************

.

Ora fine scansione: 2008-07-11 13:46:27

ComboFix-quarantined-files.txt 2008-07-11 11:45:41

ComboFix2.txt 2008-06-08 12:36:48

11 Directory 30,146,621,440 byte disponibili

15 Directory 30,201,712,640 byte disponibili

273 --- E O F --- 2008-07-10 11:44:42

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

ciao

che problemi hai?

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

Il computer era un po lentuccio ma adesso va alla perfezione , volevo sapere combofix cosa aveva intercettato con il log che vi ho postato

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora
Accedi per seguire   
Seguaci 0
Vai alla lista Discussioni HiJackThis - Posta qui i Log