Log combofix

[kasper799]

- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-12 19:25
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
************************************************** ************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-261478967-527237240-1003\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\{462A2C83-6610-95F9-348C-4D65800F7FF1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"hapmjildgidgfgai"=hex:61,61,00,00
"hapmjildajndncjg"=hex:61,61,00,00
"iadplhfmhciiojmgdk"=hex:69,61,69,65,62,70,6c,68,6 2,6b,70,6f,68,6b,6f,6b,6f,6f,
00,00
"habpaafbihafalek"=hex:69,61,69,65,62,70,6c,68,62, 6b,70,6f,68,6b,6f,6b,6f,6f,
00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{462A2C8 3-6610-95F9-348C-4D65800F7FF1}\InProcServer32*]
"iafpghbhjflbehpnog"=hex:61,61,00,00
"iafpghbhjfbbkijcck"=hex:61,61,00,00
"jafpcmgakbapcenlpgpn"=hex:69,61,69,65,62,70,6c,68 ,62,6b,70,6f,68,6b,6f,6b,6f,
6f,00,00
"iafpinaejboccfihjb"=hex:69,61,69,65,62,70,6c,68,6 2,6b,70,6f,68,6b,6f,6b,6f,6f,
00,00
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(1144)
c:\windows\system32\sfc_os.dll
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSH EX.dll
.
- - - - - - - > 'lsass.exe'(1200)
c:\windows\system32\scecli.dll
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSH EX.dll
.
Ora fine scansione: 2012-10-12 19:28:08
ComboFix-quarantined-files.txt 2012-10-12 17:28
.
Pre-Run: 3.106.889.728 byte disponibili
Post-Run: 3.230.363.648 byte disponibili
.
- - End Of File - - BC6DFCB732CBF329BC4B702A7CFA0211



Grazie