PC che si blocca e si riavvia [era: La sfida del secolo...]

**Pera** · 22-04-2010, 14:59

Log COMBOFIX seconda parte

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"P17Helper"="P17.dll" [2006-03-17 81408]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"InCD"="c:\programmi\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\Motive SB.exe" [2006-04-21 438359]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\programmi\ScanSoft\OmniPageSE4.0\O pwareSE4.exe" [2006-03-21 69632]
"VIRIT LITE MONITOR"="c:\vexplite2\MONLITE.EXE" [2010-04-20 278528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2007-12-1 217088]
ImageMixer 3 SE Camera Monitor Ver.4.lnk - c:\programmi\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe [2009-7-5 253952]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Windows Search.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10 35696 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-12-11 09:56 286720 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"4665:TCP"= 4665:TCP:mulo
"46755:UDP"= 46755:UDP:mulo2

R0 viasraid;viasraid;c:\windows\system32\drivers\vias raid.sys [23/12/2004 20.26.25 77312]
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRA GTLT.SYS [15/06/2007 12.38.49 45312]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate. exe [21/04/2010 20.49.32 136176]
S2 viritsvclite;Virit eXplorer Lite;c:\virit\VIRITSVC.EXE [06/03/2007 18.54.08 57344]
S3 p17filt;p17filt;c:\windows\system32\drivers\p17fil t.sys [20/03/2006 18.34.56 1452032]
.
Contenuto della cartella 'Scheduled Tasks'

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-21 18:49]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-21 18:49]

2010-04-21 c:\windows\Tasks\Norton Security Scan for Massimo - Adm.job
- c:\programmi\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2010-04-19 13:48]
.
.
------- Scansione supplementare -------
.
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-iTunesHelper - c:\programmi\iTunes\iTunesHelper.exe

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-22 01:40
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

************************************************** ************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\h–€|ÿÿÿÿ¤•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\s ystem32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(268)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1688)
c:\windows\system32\WININET.dll
.
Ora fine scansione: 2010-04-22 01:46:01 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-04-21 23:45

Pre-Run: 94.973.407.232 byte disponibili
Post-Run: 95.991.721.984 byte disponibili

- - End Of File - - 77ACC862D87031FECDEE1114DF8D44E2

Discussione: PC che si blocca e si riavvia [era: La sfida del secolo...]

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio