reindirizzamento a pagina sconosciuta

**blukarma** · 11-11-2011, 13:11

.
.
((((((((((((((((((((((((( Files Creati Da 2011-10-11 al 2011-11-11 )))))))))))))))))))))))))))))))))))
.
.
2011-11-11 10:36 . 2011-11-11 10:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-11 02:00 . 2011-11-11 02:00 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-11-10 18:15 . 2011-11-10 18:15 388096 ----a-r- c:\users\m.bona\AppData\Roaming\Microsoft\Installe r\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-10 18:15 . 2011-11-10 18:15 -------- d-----w- c:\program files (x86)\Trend Micro
2011-11-10 15:58 . 2011-11-10 15:58 -------- d-----w- c:\users\m.bona\AppData\Roaming\Malwarebytes
2011-11-10 15:58 . 2011-11-10 15:58 -------- d-----w- c:\programdata\Malwarebytes
2011-11-10 15:58 . 2011-11-10 15:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-10 14:48 . 2011-11-10 14:48 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-11-10 14:48 . 2011-11-10 14:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-10 14:48 . 2011-11-10 14:48 -------- d-----w- c:\program files (x86)\Java
2011-11-10 11:04 . 2011-11-10 16:46 -------- d-----w- c:\users\m.bona\AppData\Roaming\3EEB7
2011-11-10 10:03 . 2009-06-30 09:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
2011-11-10 10:03 . 2011-11-10 10:03 -------- d-----w- c:\program files (x86)\Panda Security
2011-11-10 08:26 . 2011-11-10 17:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-10 08:26 . 2011-11-10 08:30 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-11-10 08:25 . 2011-11-10 08:25 -------- d-----w- c:\program files (x86)\Ask.com
2011-11-10 08:25 . 2011-11-10 08:25 -------- d-----w- C:\Firefox
2011-11-10 08:24 . 2011-11-10 08:24 -------- d-----w- c:\program files (x86)\Glary Utilities
2011-11-10 08:18 . 2011-11-10 08:18 -------- d-----w- c:\users\m.bona\AppData\Local\AresXZ
2011-11-10 08:13 . 2011-11-10 15:45 -------- d-sh--w- c:\users\m.bona\AppData\Local\9f35580e
2011-11-10 07:38 . 2011-11-10 07:38 -------- d-----w- c:\users\m.bona\AppData\Roaming\Avira
2011-11-10 07:34 . 2011-11-10 16:07 -------- d-----w- c:\program files (x86)\B7788
2011-11-10 07:07 . 2011-11-10 07:07 -------- d-----w- c:\program files (x86)\Conduit
2011-11-10 07:07 . 2011-11-10 07:07 -------- d-----w- C:\extensions
2011-11-10 07:07 . 2011-11-10 07:16 -------- d-----w- c:\users\m.bona\AppData\Local\Conduit
2011-11-10 07:07 . 2011-11-10 07:36 -------- d-----w- c:\users\m.bona\AppData\Roaming\uTorrent
2011-11-10 06:51 . 2011-11-10 06:51 -------- d-----w- c:\users\m.bona\AppData\Local\eMule AdunanzA
2011-11-10 06:51 . 2011-11-10 06:51 -------- d-----w- c:\programdata\eMule AdunanzA
2011-11-10 06:51 . 2011-11-10 17:39 -------- d-----w- c:\program files (x86)\eMule AdunanzA
2011-11-09 03:56 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 03:56 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 03:56 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 03:56 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-10-16 17:55 . 2011-10-16 17:55 18139008 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2011-10-14 10:35 . 2011-10-14 10:35 -------- d-----w- c:\users\m.bona\AppData\Local\Research In Motion
2011-10-14 10:11 . 2011-10-14 10:11 -------- d-----w- c:\users\m.bona\AppData\Roaming\Blackberry Desktop
2011-10-14 09:29 . 2011-10-14 09:36 256 ----a-w- c:\windows\SysWow64\pool.bin
2011-10-14 09:28 . 2011-10-14 10:36 -------- d-----w- c:\users\m.bona\AppData\Roaming\Research In Motion
2011-10-14 09:25 . 2011-10-14 09:25 -------- d-----w- c:\users\m.bona\AppData\Roaming\InstallShield
2011-10-14 09:25 . 2011-10-14 09:25 -------- d-----w- c:\programdata\Sonic
2011-10-14 09:25 . 2011-10-14 09:25 -------- d-----w- c:\users\m.bona\AppData\Local\Programs
2011-10-14 09:25 . 2011-10-14 10:35 -------- d-----w- c:\programdata\Roxio
2011-10-14 09:23 . 2009-01-09 14:02 31744 ----a-w- c:\windows\system32\drivers\RimSerial_AMD64.sys
2011-10-14 09:23 . 2011-10-28 17:11 -------- d-----w- c:\program files (x86)\Research In Motion
2011-10-13 10:37 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 10:37 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 10:37 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 10:37 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 10:37 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 10:37 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 10:37 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 10:37 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2011-10-11 05:16 . 2011-05-14 17:01 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-31 05:08 . 2011-05-19 14:41 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-31 05:08 . 2011-05-19 14:41 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 18:17 1487240 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Free Download Manager"="c:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-08-22 593920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system3 2\AppleChargerSrv.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.e xe [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t64.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIV ERS\AppleCharger.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-23 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 WSDPrintDevice;Supporto stampa WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S3 WSDScan;Supporto digitalizzazione WSD tramite UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-11-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-11-10 12:08]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
IE: I&nvia a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Scarica con Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.140.2.43 213.140.2.49
DPF: {08FD87EF-2A15-11D1-AF00-00A0C91F4B89} - hxxp://cartogis.provincia.genova.it/cartogis/activeX/webplot.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - (no file)
.
.

Discussione: reindirizzamento a pagina sconosciuta

Strumenti discussione

Ricerca discussione

Visualizza

Hybrid View

Permessi di invio