• No results found

Combo Fix

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Combo Fix"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

ComboFix 13-07-03.01 - Utente 03/07/2013 17:52:41.1.1 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3838.2212 [GMT 2:0 0]

Eseguito da: c:\users\Utente\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} .

[i] ADS - Windows: deleted 192 bytes in 1 streams. [/i] . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))) )))))))))))))))))))))))))))))))) . . c:\users\Utente\AppData\Roaming\inst.exe D:\install.exe . . ((((((((((((((((((((((((( Files Creati Da 2013-06-03 al 2013-07-03 )))))))))) ))))))))))))))))))))))))) . . 2013-07-03 07:33 . 2013-07-03 07:33 225280 ----a-w- c:\programdata\M icrosoft\Media Tools\MediaIconsOverlays.dll 2013-07-03 07:33 . 2013-07-03 07:37 --- d---w- c:\progr am files (x86)\x264 Video Codec

2013-07-03 07:09 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\M icrosoft\Windows Defender\Definition Updates\{2066F420-4FAB-4BDA-918A-BFE4C6B0D9 1D}\mpengine.dll 2013-07-02 13:52 . 2013-07-02 13:57 --- d---w- c:\users \Utente\AppData\Roaming\Nitro PDF 2013-06-29 14:07 . 2013-07-02 13:29 --- d---w- c:\users \Utente\AppData\Roaming\Downloaded Installations 2013-06-29 13:33 . 2013-06-29 13:33 --- d---w- c:\progr amdata\FLEXnet 2013-06-29 13:29 . 2013-06-29 13:41 --- d---w- c:\progr am files (x86)\Common Files\Adobe

2013-06-29 13:12 . 2013-06-29 14:10 --- d---w- c:\users \Utente\AppData\Roaming\Media Player Classic

2013-06-29 13:11 . 2013-06-29 13:11 --- d---w- c:\progr am files\K-Lite Codec Pack x64

2013-06-29 07:32 . 2013-07-03 07:31 --- d---w- c:\users \Utente\AppData\Roaming\vlc 2013-06-28 16:20 . 2013-06-28 16:20 972712 ----a-w- c:\windows\syste m32\deployJava1.dll 2013-06-28 16:20 . 2013-06-28 16:20 312232 ----a-w- c:\windows\syste m32\javaws.exe 2013-06-28 16:20 . 2013-06-28 16:20 1093032 ----a-w- c:\windows\syste m32\npDeployJava1.dll 2013-06-28 16:20 . 2013-06-28 16:20 108968 ----a-w- c:\windows\syste m32\WindowsAccessBridge-64.dll 2013-06-28 16:20 . 2013-06-28 16:20 189352 ----a-w- c:\windows\syste m32\javaw.exe 2013-06-28 16:20 . 2013-06-28 16:20 188840 ----a-w- c:\windows\syste m32\java.exe 2013-06-28 16:20 . 2013-06-28 16:20 --- d---w- c:\progr am files\Java 2013-06-27 07:01 . 2013-06-27 07:05 --- d---w- c:\users \Utente\AppData\Roaming\eM Client for SoftMaker

(2)

\Utente\AppData\Roaming\SoftMaker

2013-06-27 06:56 . 2013-06-27 06:57 --- d---w- c:\progr am files (x86)\SoftMaker Office Professional 2012

2013-06-26 14:19 . 2013-06-26 14:19 --- d---w- c:\users \Utente\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-06-26 14:19 . 2013-06-26 14:19 --- d---w- c:\progr am files (x86)\Adobe Download Assistant

2013-06-26 14:19 . 2013-06-27 07:33 --- d---w- c:\progr am files (x86)\Common Files\Adobe AIR

2013-06-26 09:53 . 2013-06-26 15:30 --- d---w- c:\progr am files (x86)\Mozilla Thunderbird

2013-06-24 07:14 . 2013-06-25 06:19 --- d---w- c:\progr am files (x86)\MisuraInternetSpeedTest

2013-06-21 08:22 . 2013-06-25 06:18 --- d---w- c:\users \Utente\AppData\Local\CouponDropDown Plugin

2013-06-21 08:22 . 2013-06-25 06:18 --- d---w- c:\progr am files (x86)\CouponDropDown Plugin

2013-06-21 08:21 . 2013-06-21 08:37 --- d---w- c:\progr am files (x86)\uTorrent Ultra Accelerator

2013-06-21 07:07 . 2013-06-26 06:57 --- d---w- c:\progr am files\WinRAR 2013-06-18 06:45 . 2009-09-04 15:29 235344 ----a-w- c:\windows\SysWo w64\d3dx11_42.dll 2013-06-18 06:40 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\SysWo w64\D3DCompiler_37.dll 2013-06-18 06:40 . 2008-02-05 21:07 462864 ----a-w- c:\windows\SysWo w64\d3dx10_37.dll 2013-06-18 06:40 . 2008-03-05 13:56 4910088 ----a-w- c:\windows\syste m32\D3DX9_37.dll 2013-06-18 06:40 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\SysWo w64\D3DX9_37.dll 2013-06-18 06:40 . 2007-10-22 01:40 411656 ----a-w- c:\windows\syste m32\xactengine2_10.dll 2013-06-18 06:40 . 2007-10-22 01:39 267272 ----a-w- c:\windows\SysWo w64\xactengine2_10.dll 2013-06-18 06:40 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\syste m32\D3DCompiler_36.dll 2013-06-18 06:40 . 2007-10-02 07:56 508264 ----a-w- c:\windows\syste m32\d3dx10_36.dll 2013-06-18 06:40 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWo w64\X3DAudio1_2.dll 2013-06-18 06:40 . 2007-10-22 01:37 21000 ----a-w- c:\windows\syste m32\X3DAudio1_2.dll 2013-06-17 13:19 . 2005-07-22 17:59 3807440 ----a-w- c:\windows\syste m32\d3dx9_27.dll 2013-06-17 13:19 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\syste m32\d3dx9_26.dll 2013-06-17 13:19 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWo w64\d3dx9_26.dll 2013-06-17 13:19 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\syste m32\d3dx9_25.dll 2013-06-17 13:19 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\syste m32\d3dx9_24.dll 2013-06-17 09:13 . 2013-06-17 09:13 --- d---w- c:\users \Utente\AppData\Roaming\IsolatedStorage 2013-06-17 09:13 . 2013-06-17 09:13 --- d---w- c:\progr amdata\IsolatedStorage 2013-06-17 09:13 . 2013-06-17 09:13 --- d---w- c:\users \Utente\AppData\Local\ _ 2013-06-17 09:12 . 2013-06-17 12:33 --- d---w- c:\progr

(3)

am files\FileViewPro 2013-06-17 08:13 . 2013-06-18 08:27 --- d---w- c:\users \Utente\AppData\Roaming\Rovio 2013-06-14 08:20 . 2013-06-14 08:27 --- d---w- c:\progr am files (x86)\PSPaudioware 2013-06-12 13:36 . 2013-06-12 13:36 --- d---w- c:\users \Utente\.MakeMKV 2013-06-12 13:36 . 2013-06-14 08:28 --- d---w- c:\progr am files (x86)\MakeMKV 2013-06-12 06:31 . 2013-06-08 12:28 2706432 ----a-w- c:\windows\syste m32\mshtml.tlb 2013-06-12 06:28 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\syste m32\drivers\tcpip.sys 2013-06-10 14:21 . 2013-06-10 14:21 --- d---w- c:\progr am files (x86)\Shark007 2013-06-10 14:19 . 2013-06-29 12:54 --- d---w- c:\progr amdata\Advanced 2013-06-10 14:11 . 2013-06-10 14:23 --- d---w- c:\users \Utente\AppData\Roaming\Shark007 2013-06-10 14:11 . 2013-06-10 14:23 --- d---w- c:\progr amdata\Shark007 2013-06-10 14:11 . 2013-03-17 08:22 3554304 ----a-w- c:\windows\syste m32\x264vfw.dll 2013-06-10 14:11 . 2012-07-21 10:55 180736 ----a-w- c:\windows\syste m32\ac3acm.acm 2013-06-10 14:11 . 2012-07-21 10:54 361472 ----a-w- c:\windows\syste m32\aacacm.acm 2013-06-10 14:11 . 2011-12-07 18:37 148992 ----a-w- c:\windows\syste m32\lagarith.dll 2013-06-10 14:11 . 2013-04-05 19:27 2231296 ----a-w- c:\windows\syste m32\ac3filter.acm 2013-06-10 14:11 . 2012-07-17 13:21 206336 ----a-w- c:\windows\syste m32\unrar64.dll 2013-06-10 14:11 . 2013-06-21 18:00 127488 ----a-w- c:\windows\syste m32\ff_vfw.dll 2013-06-10 14:11 . 2013-06-10 14:23 --- d---w- c:\progr am files\Shark007 2013-06-10 14:11 . 2013-05-31 09:00 1922048 ----a-w- c:\windows\syste m32\VSFilter.dll 2013-06-10 14:11 . 2009-01-22 20:51 124909 ----a-w- c:\windows\syste m32\pthreadGC2.dll 2013-06-09 09:41 . 2013-06-09 09:41 --- d---w- c:\users \Utente\AppData\Roaming\Malwarebytes 2013-06-09 09:41 . 2013-06-09 09:41 --- d---w- c:\progr amdata\Malwarebytes 2013-06-09 09:41 . 2013-06-09 09:41 --- d---w- c:\progr am files (x86)\Malwarebytes' Anti-Malware

2013-06-09 09:41 . 2013-04-04 12:50 25928 ----a-w- c:\windows\syste m32\drivers\mbam.sys 2013-06-08 16:29 . 2013-06-08 17:11 --- d---w- c:\progr amdata\Tarma Installer 2013-06-08 16:29 . 2013-06-08 16:33 --- d---w- c:\progr am files (x86)\YourFileDownloader 2013-06-08 16:29 . 2013-06-08 16:29 --- d---w- c:\users \Utente\AppData\Roaming\YourFileDownloader 2013-06-08 07:45 . 2013-06-08 16:41 --- d---w- c:\progr am files (x86)\7 Quick Fix

2013-06-05 08:02 . 2013-06-05 08:02 --- d---w- c:\users \Utente\AppData\Roaming\TuneUp Software

(4)

amdata\TuneUp Software 2013-06-05 08:01 . 2013-06-05 08:13 --- d-sh--w- c:\progr amdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))) )))))))))))))))))))))))))))))) . 2013-07-01 08:08 . 2013-05-09 16:23 867240 ----a-w- c:\windows\SysWo w64\npDeployJava1.dll 2013-07-01 08:08 . 2013-05-09 16:23 789416 ----a-w- c:\windows\SysWo w64\deployJava1.dll 2013-06-27 20:51 . 2013-05-12 06:12 189936 ----a-w- c:\windows\syste m32\drivers\aswVmm.sys 2013-06-27 20:51 . 2013-05-12 06:12 378944 ----a-w- c:\windows\syste m32\drivers\aswSP.sys 2013-06-27 20:51 . 2013-05-12 06:12 1030952 ----a-w- c:\windows\syste m32\drivers\aswSnx.sys 2013-06-19 07:04 . 2013-05-10 16:02 71048 ----a-w- c:\windows\SysWo w64\FlashPlayerCPLApp.cpl 2013-06-19 07:04 . 2013-05-10 16:02 692104 ----a-w- c:\windows\SysWo w64\FlashPlayerApp.exe 2013-06-12 06:36 . 2013-05-09 15:48 75825640 ----a-w- c:\windo ws\system32\MRT.exe 2013-05-16 12:59 . 2013-05-16 12:59 367200 ----a-w- c:\windows\syste m32\drivers\afcdp.sys 2013-05-16 12:59 . 2013-05-16 12:59 1340040 ----a-w- c:\windows\syste m32\drivers\tdrpman.sys 2013-05-16 12:59 . 2013-05-16 12:59 1093256 ----a-w- c:\windows\syste m32\drivers\tib_mounter.sys 2013-05-16 12:59 . 2013-05-16 12:59 228488 ----a-w- c:\windows\syste m32\drivers\vididr.sys 2013-05-16 12:59 . 2013-05-16 12:59 166024 ----a-w- c:\windows\syste m32\drivers\vidsflt.sys 2013-05-16 12:59 . 2013-05-16 12:59 340104 ----a-w- c:\windows\syste m32\drivers\snapman.sys 2013-05-16 12:59 . 2013-05-16 12:59 155272 ----a-w- c:\windows\syste m32\drivers\fltsrv.sys 2013-05-16 07:57 . 2013-05-16 07:57 82816 ----a-w- c:\users\Utente\ AppData\Roaming\pcouffin.sys 2013-05-12 06:37 . 2013-05-12 06:38 1187697 ----a-w- c:\windows\unins 000.exe 2013-05-09 15:27 . 2013-05-09 15:27 97280 ----a-w- c:\windows\syste m32\mshtmled.dll 2013-05-09 15:27 . 2013-05-09 15:27 92160 ----a-w- c:\windows\syste m32\SetIEInstalledDate.exe 2013-05-09 15:27 . 2013-05-09 15:27 905728 ----a-w- c:\windows\syste m32\mshtmlmedia.dll 2013-05-09 15:27 . 2013-05-09 15:27 81408 ----a-w- c:\windows\syste m32\icardie.dll 2013-05-09 15:27 . 2013-05-09 15:27 77312 ----a-w- c:\windows\syste m32\tdc.ocx 2013-05-09 15:27 . 2013-05-09 15:27 762368 ----a-w- c:\windows\syste m32\ieapfltr.dll 2013-05-09 15:27 . 2013-05-09 15:27 73728 ----a-w- c:\windows\SysWo w64\SetIEInstalledDate.exe 2013-05-09 15:27 . 2013-05-09 15:27 719360 ----a-w- c:\windows\SysWo w64\mshtmlmedia.dll 2013-05-09 15:27 . 2013-05-09 15:27 62976 ----a-w- c:\windows\syste

(5)

m32\pngfilt.dll 2013-05-09 15:27 . 2013-05-09 15:27 61952 ----a-w- c:\windows\SysWo w64\tdc.ocx 2013-05-09 15:27 . 2013-05-09 15:27 599552 ----a-w- c:\windows\syste m32\vbscript.dll 2013-05-09 15:27 . 2013-05-09 15:27 523264 ----a-w- c:\windows\SysWo w64\vbscript.dll 2013-05-09 15:27 . 2013-05-09 15:27 52224 ----a-w- c:\windows\syste m32\msfeedsbs.dll 2013-05-09 15:27 . 2013-05-09 15:27 51200 ----a-w- c:\windows\syste m32\imgutil.dll 2013-05-09 15:27 . 2013-05-09 15:27 48640 ----a-w- c:\windows\SysWo w64\mshtmler.dll 2013-05-09 15:27 . 2013-05-09 15:27 48640 ----a-w- c:\windows\syste m32\mshtmler.dll 2013-05-09 15:27 . 2013-05-09 15:27 452096 ----a-w- c:\windows\syste m32\dxtmsft.dll 2013-05-09 15:27 . 2013-05-09 15:27 441856 ----a-w- c:\windows\syste m32\html.iec 2013-05-09 15:27 . 2013-05-09 15:27 38400 ----a-w- c:\windows\SysWo w64\imgutil.dll 2013-05-09 15:27 . 2013-05-09 15:27 361984 ----a-w- c:\windows\SysWo w64\html.iec 2013-05-09 15:27 . 2013-05-09 15:27 281600 ----a-w- c:\windows\syste m32\dxtrans.dll 2013-05-09 15:27 . 2013-05-09 15:27 27648 ----a-w- c:\windows\syste m32\licmgr10.dll 2013-05-09 15:27 . 2013-05-09 15:27 270848 ----a-w- c:\windows\syste m32\iedkcs32.dll 2013-05-09 15:27 . 2013-05-09 15:27 247296 ----a-w- c:\windows\syste m32\webcheck.dll 2013-05-09 15:27 . 2013-05-09 15:27 235008 ----a-w- c:\windows\syste m32\url.dll 2013-05-09 15:27 . 2013-05-09 15:27 23040 ----a-w- c:\windows\SysWo w64\licmgr10.dll 2013-05-09 15:27 . 2013-05-09 15:27 226304 ----a-w- c:\windows\syste m32\elshyph.dll 2013-05-09 15:27 . 2013-05-09 15:27 216064 ----a-w- c:\windows\syste m32\msls31.dll 2013-05-09 15:27 . 2013-05-09 15:27 197120 ----a-w- c:\windows\syste m32\msrating.dll 2013-05-09 15:27 . 2013-05-09 15:27 185344 ----a-w- c:\windows\SysWo w64\elshyph.dll 2013-05-09 15:27 . 2013-05-09 15:27 173568 ----a-w- c:\windows\syste m32\ieUnatt.exe 2013-05-09 15:27 . 2013-05-09 15:27 167424 ----a-w- c:\windows\syste m32\iexpress.exe 2013-05-09 15:27 . 2013-05-09 15:27 158720 ----a-w- c:\windows\SysWo w64\msls31.dll 2013-05-09 15:27 . 2013-05-09 15:27 1509376 ----a-w- c:\windows\syste m32\inetcpl.cpl 2013-05-09 15:27 . 2013-05-09 15:27 150528 ----a-w- c:\windows\SysWo w64\iexpress.exe 2013-05-09 15:27 . 2013-05-09 15:27 149504 ----a-w- c:\windows\syste m32\occache.dll 2013-05-09 15:27 . 2013-05-09 15:27 144896 ----a-w- c:\windows\syste m32\wextract.exe 2013-05-09 15:27 . 2013-05-09 15:27 1441280 ----a-w- c:\windows\SysWo w64\inetcpl.cpl 2013-05-09 15:27 . 2013-05-09 15:27 1400416 ----a-w- c:\windows\syste

(6)

m32\ieapfltr.dat 2013-05-09 15:27 . 2013-05-09 15:27 138752 ----a-w- c:\windows\SysWo w64\wextract.exe 2013-05-09 15:27 . 2013-05-09 15:27 13824 ----a-w- c:\windows\syste m32\mshta.exe 2013-05-09 15:27 . 2013-05-09 15:27 137216 ----a-w- c:\windows\SysWo w64\ieUnatt.exe 2013-05-09 15:27 . 2013-05-09 15:27 136192 ----a-w- c:\windows\syste m32\iepeers.dll 2013-05-09 15:27 . 2013-05-09 15:27 135680 ----a-w- c:\windows\syste m32\IEAdvpack.dll 2013-05-09 15:27 . 2013-05-09 15:27 12800 ----a-w- c:\windows\SysWo w64\mshta.exe 2013-05-09 15:27 . 2013-05-09 15:27 12800 ----a-w- c:\windows\syste m32\msfeedssync.exe 2013-05-09 15:27 . 2013-05-09 15:27 110592 ----a-w- c:\windows\SysWo w64\IEAdvpack.dll 2013-05-09 15:27 . 2013-05-09 15:27 1054720 ----a-w- c:\windows\syste m32\MsSpellCheckingFacility.exe 2013-05-09 15:27 . 2013-05-09 15:27 102912 ----a-w- c:\windows\syste m32\inseng.dll 2013-05-09 08:59 . 2013-05-12 06:12 72016 ----a-w- c:\windows\syste m32\drivers\aswRdr2.sys 2013-05-09 08:59 . 2013-05-12 06:12 64288 ----a-w- c:\windows\syste m32\drivers\aswTdi.sys 2013-05-09 08:59 . 2013-05-12 06:12 65336 ----a-w- c:\windows\syste m32\drivers\aswRvrt.sys 2013-05-09 08:59 . 2013-05-12 06:12 33400 ----a-w- c:\windows\syste m32\drivers\aswFsBlk.sys 2013-05-09 08:59 . 2013-05-12 06:12 22600 ----a-w- c:\windows\syste m32\drivers\aswKbd.sys 2013-05-09 08:59 . 2013-05-12 06:12 80816 ----a-w- c:\windows\syste m32\drivers\aswMonFlt.sys 2013-05-09 08:58 . 2013-05-12 06:11 41664 ----a-w- c:\windows\avast SS.scr 2013-05-09 08:58 . 2013-05-09 17:23 287840 ----a-w- c:\windows\syste m32\aswBoot.exe 2013-05-08 08:00 . 2013-05-08 08:00 421888 ----a-w- c:\windows\SysWo w64\RealMediaSplitter.ax

2013-05-08 08:00 . 2013-05-08 08:00 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll 2013-05-02 00:06 . 2010-11-21 03:27 278800 ---w- c:\windows\syste m32\MpSigStub.exe 2013-04-15 09:50 . 2013-05-18 08:44 127384 ----a-w- c:\windows\syste m32\drivers\scdemu.sys 2013-04-13 05:49 . 2013-05-16 05:59 135168 ----a-w- c:\windows\apppa tch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-16 05:59 350208 ----a-w- c:\windows\apppa tch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-16 05:59 308736 ----a-w- c:\windows\apppa tch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-16 05:59 111104 ----a-w- c:\windows\apppa tch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-16 05:59 474624 ----a-w- c:\windows\apppa tch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-16 05:59 2176512 ----a-w- c:\windows\apppa tch\AcGenral.dll 2013-04-12 14:45 . 2013-05-09 14:47 1656680 ----a-w- c:\windows\syste m32\drivers\ntfs.sys 2013-04-10 06:01 . 2013-05-16 05:59 265064 ----a-w- c:\windows\syste

(7)

m32\drivers\dxgmms1.sys 2013-04-10 06:01 . 2013-05-16 05:59 983400 ----a-w- c:\windows\syste m32\drivers\dxgkrnl.sys 2013-04-10 03:30 . 2013-05-16 06:20 3153920 ----a-w- c:\windows\syste m32\win32k.sys . .

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))) )))))))))))))))))))))))))))))))

. .

*Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart .exe" [2010-02-10 98304]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] "AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMount er\TibMounterMonitor.exe" [2012-07-24 942376]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch ed.exe" [2013-03-12 253816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch ed.exe"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c :\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft .NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mba mservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [ x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c: \program files (x86)\Skype\Updater\Updater.exe [x]

R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\ program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]

R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNAT IVE\DRIVERS\PFC027.SYS [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\dri vers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATI VE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD .sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\ WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x]

(8)

S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.s ys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]

S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c :\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]

S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows \SYSNATIVE\DRIVERS\vididr.sys [x]

S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c :\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]

S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x]

S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\A cronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv .exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\a tiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSN ATIVE\drivers\aswMonFlt.sys [x] S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvan y.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware \mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamschedul er.exe [x]

S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files \Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]

S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\wind ows\SysWOW64\NLSSRV32.EXE [x]

S2 PDFSFilter;PDFSFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys;c:\windows\S YSNATIVE\DRIVERS\PDFsFilter.sys [x]

S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\A cronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\Sy ncAgent\syncagentsrv.exe [x]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVER S\afcdp.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\wind ows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\S YSNATIVE\drivers\mbam.sys [x]

. .

Altri Servizi/Drivers In Memoria ---. *NewlyCreated* - WS2IFSL . . --- X64 Entries ---. . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon overlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\ Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon overlayidentifiers\AcronisSyncError]

(9)

[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]

2012-09-24 21:56 2736240 ----a-w- c:\program files (x86)\Acronis\T rueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon overlayidentifiers\AcronisSyncInProgress] @="{00F848DC-B1D4-4892-9C25-CAADC86A215D}" [HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]

2012-09-24 21:56 2736240 ----a-w- c:\program files (x86)\Acronis\T rueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon overlayidentifiers\AcronisSyncOk] @="{71573297-552E-46fc-BE3D-3DFAF88D47B7}" [HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]

2012-09-24 21:56 2736240 ----a-w- c:\program files (x86)\Acronis\T rueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 654811 2] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedu le2\schedhlp.exe" [2012-09-24 404144]

.

Scansione supplementare ---.

uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000 IE: I&nvia a OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105

TCP: Interfaces\{FEAF0D2E-4556-4C67-806B-89C64F6A0A86}: NameServer = 8.8.8.8,8.8 .4.4

FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2 ybq4.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ FF - prefs.js: network.proxy.type - 4

FF - ExtSQL: 2013-05-09 19:33; [email protected]; c:\program files\AVAST Software\Av ast\WebRep\FF

FF - ExtSQL: 2013-05-10 16:45; {B17C1C5A-04B1-11DB-9804-B622A1EF5492}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{B17 C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi

FF - ExtSQL: 2013-05-10 16:50; {66E978CD-981F-47DF-AC42-E3CF417C1467}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{66E 978CD-981F-47DF-AC42-E3CF417C1467}.xpi

FF - ExtSQL: 2013-05-11 15:55; [email protected]; c:\users\Utente\AppData\ Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\alldebrid@alldebrid .com.xpi

FF - ExtSQL: 2013-05-13 15:24; [email protected]; c:\users\Utente\AppData\Roaming \Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\[email protected]

FF - ExtSQL: 2013-05-14 12:25; [email protected]; c:\users\Utente\AppData\Roaming\M ozilla\Firefox\Profiles\s4g2ybq4.default\extensions\[email protected]

FF - ExtSQL: 2013-05-24 16:36; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{d10 d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-05-24 16:51; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{a0d 7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

(10)

FF - ExtSQL: 2013-06-12 15:45; jid1-MA2AfbgHyjJd9g@jetpack; c:\users\Utente\AppD ata\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\jid1-MA2AfbgHyj [email protected]

FF - ExtSQL: 2013-06-22 09:53; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{DDC 359D1-844A-42a7-9AA1-88A850A938A8}.xpi

FF - ExtSQL: 2013-06-25 12:03; [email protected]; c:\users\Utente\AppData\Roam ing\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\[email protected] FF - ExtSQL: 2013-06-26 10:47; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:\users\ Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{053 8E3E3-7E9B-4d49-8831-A227C80A7AD3}

.

CHIAVI ORFANE RIMOSSE -.

ShellIconOverlayIdentifiers-{1EC23CFF-4C58-458f-924C-8519AEF61B32} - (no file) .

. .

CHIAVI DI REGISTRO BLOCCATE ---. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66 }] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700 _224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66 }\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66 }\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66 }\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C 9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C 9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C 9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700 _224_ActiveX.exe,-101" .

(11)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" .

(12)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B 0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B 0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B 0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone)

.

Altri processi in esecuzione ---.

c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\SysWOW64\srvany.exe

c:\windows\KMService.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe .

************************************************************************** .

Ora fine scansione: 2013-07-03 18:04:34 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2013-07-03 16:04

.

Pre-Run: 43.900.211.200 byte disponibili Post-Run: 46.786.203.648 byte disponibili .

- - End Of File - - 69DC7692C6E859F1E3495D6DE361FB99 A36C5E4F47E84449FF07ED3517B43A31

References

Download now ( PDF - 12 Page - 26.06 KB )

Related documents

1. Amalgamation & Absorption Workbook Teachers

A Total no. of shares held by other transferor Co.. W Note 1 Calculation of Intrinsic value of shares No. of shares to be issued.. Dr Rs Cr Rs. 1 Investment in shares in y ltd

Pharmaceutical Compliance and Regulatory Congress 2009

Be proactive!  Establish regular meetings,  make reporting a standard monthly  procedure. Have senior management 

Filtering News from Document Streams: Evaluation Aspects and Modeled Stream Utility

The Temporal Summarization Track (TST) (Aslam et al., 2013 ; Aslam et al., 2014 ) at the Text Retrieval Conference (TREC), in particular, fosters the development and the evaluation

Installing CM4D Reporter with Microsoft SQL Server Express R2 x64 for Windows 7

Navigate to the CM4D installation directory where the database install script is located.. This is typically C:\Program Files

Federal Employee Viewpoint Survey

The Office of the Executive Director will be partnering with each office to discuss the office and division level survey results and develop an action plan to further improve

Senior Business Analyst

 Maintain effective stakeholder relationships with the business areas, information systems and technology service (IS&T), and project/programme managers in relation to

Evolution of nonconformal Landau-Levich-Bretherton films of partially wetting liquids

We experimentally and theoretically describe the dynamics of evolution and eventual rupture of Landau-Levich-Bretherton films of partially wetting liquids in microchannels in terms

The Hyper Suprime-Cam SSP Survey: Overview and survey design

The ´etendue of HSC is the largest of all exist- ing wide-field optical imaging cameras, not to be surpassed un- til the Large Synoptic Survey Telescope (LSST; LSST