ComboFix 12-05-06.01 - Admin 06/05/2012 15:37:02.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.1919.1119 [GMT 2:00]
Eseguito da: c:\users\Admin\Desktop\ComboFix.exe
AV: AVG Internet Security 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
c:\users\Admin\AppData\Roaming\dach100.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2012-04-06 al 2012-05-06 )))))))))))))))))))))))))))))))))))
.
.
2012-05-06 13:51 . 2012-05-06 13:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-06 13:51 . 2012-05-06 13:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-06 13:51 . 2012-05-06 13:51 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-05-05 10:57 . 2012-05-05 10:57 -------- d-----w- c:\program files\Dachshund Software
2012-05-05 06:37 . 2012-05-05 06:37 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-05-05 03:49 . 2012-05-05 03:49 -------- d-----w- c:\users\Admin\dwhelper
2012-04-28 02:17 . 2012-04-28 02:17 388096 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer \{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-28 02:17 . 2012-04-28 02:17 -------- d-----w- c:\program files\Trend Micro
2012-04-28 02:01 . 2012-04-28 02:01 -------- d-----w- c:\users\Admin\AppData\Roaming\HD Tune Pro
2012-04-28 02:01 . 2012-04-28 02:01 -------- d-----w- c:\program files\HD Tune Pro
2012-04-28 01:46 . 2012-04-28 17:26 -------- d-----w- c:\programdata\blekko toolbars
2012-04-28 01:45 . 2012-04-28 17:26 -------- d-----w- c:\program files\blekkotb
2012-04-28 01:43 . 2012-04-28 01:45 -------- d-----w- c:\program files\CrystalDiskInfo
2012-04-28 01:43 . 2012-04-28 01:44 -------- d-----w- c:\users\Admin\AppData\Roaming\OpenCandy
2012-04-28 01:19 . 2012-04-28 01:19 -------- d-----w- c:\programdata\AltrixSoft
2012-04-28 01:18 . 2012-04-28 01:18 -------- d-----w- c:\program files\Hard Drive Inspector
2012-04-28 01:18 . 2012-04-28 01:18 -------- d-----w- c:\program files\Common Files\AltrixSoft
2012-04-26 01:14 . 2012-04-26 02:08 -------- d-----w- c:\users\Admin\AppData\Local\AnVir
2012-04-26 01:13 . 2012-04-26 01:14 -------- d-----w- c:\program files\AnVir Task Manager Pro
2012-04-24 18:25 . 2012-04-24 18:25 -------- d-----w- c:\programdata\TamoSoft
2012-04-24 18:24 . 2012-04-24 18:25 -------- d-----w- c:\program files\CommViewWiFi
2012-04-24 18:03 . 2012-04-24 18:03 2846720 ----a-w- c:\windows\system32\drivers\athr.sys
2012-04-24 17:50 . 2012-04-24 17:50 514152 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2012-04-24 17:50 . 2012-04-24 17:50 80488 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-04-24 17:50 . 2012-04-24 17:50 100968 ----a-w- c:\windows\system32\RTNUninst32.dll
2012-04-24 17:29 . 2012-04-24 17:30 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-24 17:29 . 2012-04-24 17:29 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-24 17:29 . 2012-04-24 17:29 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-22 04:04 . 2012-04-22 04:04 -------- d-----w- c:\program files\FreeCommander
2012-04-22 04:04 . 2012-04-22 04:04 -------- d-----w- c:\users\Admin\AppData\Roaming\FreeCommander
2012-04-13 09:10 . 2012-04-13 09:11 -------- d-----w- c:\users\Guest
2012-04-13 09:04 . 2012-04-13 09:05 -------- d-----w- c:\users\windows 8
2012-04-13 01:02 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-13 01:02 . 2012-03-01 05:49 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-13 01:02 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 01:02 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 01:01 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-13 01:01 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 23:56 . 2012-04-12 00:16 -------- d-----w- c:\program files\SpeedFan
2012-04-06 14:03 . 2012-05-05 06:38 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2012-05-05 06:38 . 2011-06-29 23:32 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-15 05:44 . 2012-03-14 04:07 826368 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 04:22 . 2012-03-14 04:07 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:22 . 2012-03-14 04:07 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:41 . 2012-03-14 12:30 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:41 . 2012-03-14 12:30 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 05:41 . 2012-03-14 12:30 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 05:41 . 2012-03-14 12:30 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 12:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-04-24 17:29 . 2012-02-16 02:01 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-03-07 17:02 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-07 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"StartMenuXP"="c:\program files\Start Menu XP\StartMenuXP.exe" [2011-05-08 2675096]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2009-11-12 552960]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-13 7707168]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-03-07 982880]
"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-24 928096]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2012-01-25 499584]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
AntiCrash.lnk - c:\program files\Dachshund Software\AntiCrash\AntiCrash.exe [2002-12-17 2301798]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC0 5C79BBB91.exe [2011-5-21 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-20 22:46 136176 ----atw- c:\users\Admin\AppData\Local\Google\Update\GoogleU pdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2011-09-20 13:53 1493288 ----a-w- c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerSuite]
2011-11-01 14:35 67448 ----a-w- c:\progra~1\Uniblue\POWERS~1\Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-03-27 00:46 3905920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-05-20 23:38 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2011-09-30 16:49 5402115 ----a-w- c:\users\Admin\Desktop\Tor Browser\App\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [2011-03-09 2708024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPl ayerUpdateService.exe [2012-05-05 257696]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-11-04 112640]
R3 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-20 136176]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-20 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-24 129976]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.e xe [2011-05-20 1343400]
R4 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\pro gram files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-07 918880]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGI DSEH.Sys [2011-02-22 22992]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
Rispondi quotando