grazie per l'interesse!
questo è il mio problema
e questo il log di Hijackthis:
Codice:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.11.12, on 18/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Chiavetta Internet MT833UP\UIMain.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\ProgramData\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.2.556\it\setup.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\s@m\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.goggle.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=91&bd=Pavilion&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0215BFEA-8657-488D-A98F-0E3A7C87CC2A}: NameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBB5FB84-3D41-4203-B319-B725CFF5DF1B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0215BFEA-8657-488D-A98F-0E3A7C87CC2A}: NameServer = 213.230.130.222 217.200.200.42
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_7c71e337\STacSV.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
--
End of file - 6538 bytes
Codice:
ComboFix 11-05-16.03 - s@m 18/05/2011 13.55.48.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.1917.1114 [GMT 2:00]
Eseguito da: c:\users\s@m\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-04-18 al 2011-05-18 )))))))))))))))))))))))))))))))))))
.
.
2011-05-18 12:15 . 2011-05-18 12:15 -------- d-----w- c:\users\s@m\AppData\Local\temp
2011-05-18 12:15 . 2011-05-18 12:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-05-18 12:15 . 2011-05-18 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-18 11:04 . 2010-10-05 18:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
2011-05-18 11:04 . 2010-10-05 18:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2011-05-18 09:36 . 2011-05-18 09:36 97859 ----a-w- c:\windows\system32\drivers\klick.dat
2011-05-18 09:36 . 2011-05-18 09:36 114243 ----a-w- c:\windows\system32\drivers\klin.dat
2011-05-18 09:25 . 2011-05-18 09:25 -------- d-----w- c:\program files\Kaspersky Lab
2011-05-18 09:24 . 2011-05-18 11:49 -------- d-----w- c:\programdata\Kaspersky Lab
2011-05-18 09:04 . 2011-05-18 09:04 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2011-05-17 15:22 . 2011-05-17 15:22 0 ---ha-w- c:\users\s@m\AppData\Local\BIT740F.tmp
2011-05-17 15:02 . 2011-05-17 15:02 -------- d-----w- C:\32788R22FWJFW(1)
2011-05-17 14:34 . 2011-05-17 14:34 0 ---ha-w- c:\users\s@m\AppData\Local\BITDBC0.tmp
2011-05-17 14:34 . 2011-05-17 14:34 0 ---ha-w- c:\users\s@m\AppData\Local\BITD70D.tmp
2011-05-12 20:42 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-12 13:36 . 2011-05-12 13:36 -------- d-----w- c:\program files\CCleaner
2011-04-29 10:38 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-29 10:38 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-29 09:41 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-19 07:08 . 2011-04-19 07:08 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-19 07:08 . 2011-04-19 07:08 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-19 07:08 . 2011-04-19 07:08 307200 ----a-w- c:\program files\Internet Explorer\iediagcmd.exe
2011-04-19 07:08 . 2011-04-19 07:08 107008 ----a-w- c:\program files\Internet Explorer\iecleanup.exe
2011-04-19 07:08 . 2011-04-19 07:08 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 17:03 . 2011-04-14 20:56 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-14 20:56 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-03 15:42 . 2011-04-14 20:55 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-04-29 10:38 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-29 10:38 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-29 10:38 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-29 10:38 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:25 . 2011-04-14 20:55 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 15:44 . 2011-04-14 20:55 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-22 14:13 . 2011-03-23 08:33 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33 . 2011-03-23 08:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:33 . 2011-03-23 08:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:24 . 2011-04-14 20:57 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-22 13:24 . 2011-04-14 20:57 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-22 13:23 . 2011-04-14 20:57 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-22 13:23 . 2011-04-14 20:57 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-18 14:03 . 2011-04-14 20:56 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-18 14:03 . 2011-04-14 20:56 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-18 14:03 . 2011-04-14 20:56 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-12-20 16:08 443728 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"Windows Mobile-based device management"=%windir%\WindowsMobile\wmdSync.exe
"SysTrayApp"=%ProgramFiles%\IDT\WDM\sttray.exe
"SmartMenu"=%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 136176]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 136176]
R3 onda_mx83xup_cpo;ONDA Mx83xUP Mass Storage Device;c:\windows\system32\DRIVERS\onda_mx83xup_cpo.sys [2010-03-19 9856]
R3 onda_mx83xup_ppo;ONDA Mx83xUP Serial ACM Driver;c:\windows\system32\DRIVERS\onda_mx83xup_ppo.sys [2010-03-19 18560]
R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [x]
R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [x]
R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2008-04-03 104960]
R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [x]
R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys [2007-11-15 468096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-23 365952]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-01-06 296320]
S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-01-06 116096]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
ezSharedSvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2009-12-12 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At10.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At11.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At12.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At13.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At14.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At15.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At16.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At17.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At18.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At19.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At20.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At21.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At22.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At23.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At24.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At25.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At26.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At27.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At28.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At29.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At3.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At30.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At31.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At32.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At33.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At34.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At35.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At36.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At37.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At38.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At39.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At4.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At40.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At41.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At42.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At43.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At44.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At45.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At46.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At47.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At48.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At49.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At5.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At50.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At6.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At7.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At8.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-12-12 c:\windows\Tasks\At9.job
- c:\windows\system32\Shutdown.exe [2008-01-21 02:34]
.
2009-07-08 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-07-08 10:02]
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 19:55]
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 19:55]
.
2009-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4240622333-3650837084-2381652321-1000Core.job
- c:\users\s@m\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-26 21:42]
.
2011-05-18 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.goggle.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=91&bd=Pavilion&pf=cnnb
IE: Aggiungi ad Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {CBB5FB84-3D41-4203-B319-B725CFF5DF1B} = 192.168.0.1
FF - ProfilePath - c:\users\s@m\AppData\Roaming\Mozilla\Firefox\Profiles\rlczihty.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Barra degli strumenti di Kaspersky: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Black Steel: {e2c58150-9d72-11dd-ad8b-0800200c9a66} - %profile%\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Cooliris: piclens@cooliris.com - %profile%\extensions\piclens@cooliris.com
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-18 14:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
.
c:\windows\TEMP\kls770.tmp 91240 bytes
.
Scansione completata con successo
Files nascosti: 1
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2011-05-18 14:23:40
ComboFix-quarantined-files.txt 2011-05-18 12:23
ComboFix2.txt 2010-02-21 08:40
.
Pre-Run: 82.778.157.056 byte disponibili
Post-Run: 82.686.939.136 byte disponibili
.
- - End Of File - - B9764E5E72D1A4B6FBD56FAF06BD0B61
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.orgVersione database: 6561
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
18/05/2011 3.27.09
mbam-log-2011-05-18 (03-27-09).txt
Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi esaminati: 376272
Tempo trascorso: 6 ore, 40 minuti, 28 secondi
Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0
Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)
Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)
Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)
Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)
Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)
Cartelle infette:
(Non sono stati rilevati elementi nocivi)
File infetti:
(Non sono stati rilevati elementi nocivi)
grazie!
Forum
Login
Iscriviti
FAQ
Cerca
