Scribd
Upload
92 views12 pages

Combo Fix

log

Uploaded by

Heather Harper
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
92 views12 pages

Combo Fix

log

Uploaded by

Heather Harper
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 12

ComboFix 13-07-03.01 - Utente 03/07/2013 17:52:41.1.

1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3838.2212 [GMT 2:0
0]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 192 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))
))))))))))))))))))))))))))))))))
.
.
c:\users\Utente\AppData\Roaming\inst.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2013-06-03 al 2013-07-03 ))))))))))
)))))))))))))))))))))))))
.
.
2013-07-03 07:33 . 2013-07-03 07:33
225280 ----a-wc:\programdata\M
icrosoft\Media Tools\MediaIconsOverlays.dll
2013-07-03 07:33 . 2013-07-03 07:37
-------d-----wc:\progr
am files (x86)\x264 Video Codec
2013-07-03 07:09 . 2013-06-12 03:08
9552976 ----a-wc:\programdata\M
icrosoft\Windows Defender\Definition Updates\{2066F420-4FAB-4BDA-918A-BFE4C6B0D9
1D}\mpengine.dll
2013-07-02 13:52 . 2013-07-02 13:57
-------d-----wc:\users
\Utente\AppData\Roaming\Nitro PDF
2013-06-29 14:07 . 2013-07-02 13:29
-------d-----wc:\users
\Utente\AppData\Roaming\Downloaded Installations
2013-06-29 13:33 . 2013-06-29 13:33
-------d-----wc:\progr
amdata\FLEXnet
2013-06-29 13:29 . 2013-06-29 13:41
-------d-----wc:\progr
am files (x86)\Common Files\Adobe
2013-06-29 13:12 . 2013-06-29 14:10
-------d-----wc:\users
\Utente\AppData\Roaming\Media Player Classic
2013-06-29 13:11 . 2013-06-29 13:11
-------d-----wc:\progr
am files\K-Lite Codec Pack x64
2013-06-29 07:32 . 2013-07-03 07:31
-------d-----wc:\users
\Utente\AppData\Roaming\vlc
2013-06-28 16:20 . 2013-06-28 16:20
972712 ----a-wc:\windows\syste
m32\deployJava1.dll
2013-06-28 16:20 . 2013-06-28 16:20
312232 ----a-wc:\windows\syste
m32\javaws.exe
2013-06-28 16:20 . 2013-06-28 16:20
1093032 ----a-wc:\windows\syste
m32\npDeployJava1.dll
2013-06-28 16:20 . 2013-06-28 16:20
108968 ----a-wc:\windows\syste
m32\WindowsAccessBridge-64.dll
2013-06-28 16:20 . 2013-06-28 16:20
189352 ----a-wc:\windows\syste
m32\javaw.exe
2013-06-28 16:20 . 2013-06-28 16:20
188840 ----a-wc:\windows\syste
m32\java.exe
2013-06-28 16:20 . 2013-06-28 16:20
-------d-----wc:\progr
am files\Java
2013-06-27 07:01 . 2013-06-27 07:05
-------d-----wc:\users
\Utente\AppData\Roaming\eM Client for SoftMaker
2013-06-27 06:56 . 2013-06-27 06:59
-------d-----wc:\users

\Utente\AppData\Roaming\SoftMaker
2013-06-27 06:56 . 2013-06-27 06:57
-------d-----wc:\progr
am files (x86)\SoftMaker Office Professional 2012
2013-06-26 14:19 . 2013-06-26 14:19
-------d-----wc:\users
\Utente\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-06-26 14:19 . 2013-06-26 14:19
-------d-----wc:\progr
am files (x86)\Adobe Download Assistant
2013-06-26 14:19 . 2013-06-27 07:33
-------d-----wc:\progr
am files (x86)\Common Files\Adobe AIR
2013-06-26 09:53 . 2013-06-26 15:30
-------d-----wc:\progr
am files (x86)\Mozilla Thunderbird
2013-06-24 07:14 . 2013-06-25 06:19
-------d-----wc:\progr
am files (x86)\MisuraInternetSpeedTest
2013-06-21 08:22 . 2013-06-25 06:18
-------d-----wc:\users
\Utente\AppData\Local\CouponDropDown Plugin
2013-06-21 08:22 . 2013-06-25 06:18
-------d-----wc:\progr
am files (x86)\CouponDropDown Plugin
2013-06-21 08:21 . 2013-06-21 08:37
-------d-----wc:\progr
am files (x86)\uTorrent Ultra Accelerator
2013-06-21 07:07 . 2013-06-26 06:57
-------d-----wc:\progr
am files\WinRAR
2013-06-18 06:45 . 2009-09-04 15:29
235344 ----a-wc:\windows\SysWo
w64\d3dx11_42.dll
2013-06-18 06:40 . 2008-03-05 13:56
1420824 ----a-wc:\windows\SysWo
w64\D3DCompiler_37.dll
2013-06-18 06:40 . 2008-02-05 21:07
462864 ----a-wc:\windows\SysWo
w64\d3dx10_37.dll
2013-06-18 06:40 . 2008-03-05 13:56
4910088 ----a-wc:\windows\syste
m32\D3DX9_37.dll
2013-06-18 06:40 . 2008-03-05 13:56
3786760 ----a-wc:\windows\SysWo
w64\D3DX9_37.dll
2013-06-18 06:40 . 2007-10-22 01:40
411656 ----a-wc:\windows\syste
m32\xactengine2_10.dll
2013-06-18 06:40 . 2007-10-22 01:39
267272 ----a-wc:\windows\SysWo
w64\xactengine2_10.dll
2013-06-18 06:40 . 2007-10-12 13:14
2006552 ----a-wc:\windows\syste
m32\D3DCompiler_36.dll
2013-06-18 06:40 . 2007-10-02 07:56
508264 ----a-wc:\windows\syste
m32\d3dx10_36.dll
2013-06-18 06:40 . 2007-10-22 01:37
17928 ----a-wc:\windows\SysWo
w64\X3DAudio1_2.dll
2013-06-18 06:40 . 2007-10-22 01:37
21000 ----a-wc:\windows\syste
m32\X3DAudio1_2.dll
2013-06-17 13:19 . 2005-07-22 17:59
3807440 ----a-wc:\windows\syste
m32\d3dx9_27.dll
2013-06-17 13:19 . 2005-05-26 13:34
3767504 ----a-wc:\windows\syste
m32\d3dx9_26.dll
2013-06-17 13:19 . 2005-05-26 13:34
2297552 ----a-wc:\windows\SysWo
w64\d3dx9_26.dll
2013-06-17 13:19 . 2005-03-18 15:19
3823312 ----a-wc:\windows\syste
m32\d3dx9_25.dll
2013-06-17 13:19 . 2005-02-05 17:45
3544272 ----a-wc:\windows\syste
m32\d3dx9_24.dll
2013-06-17 09:13 . 2013-06-17 09:13
-------d-----wc:\users
\Utente\AppData\Roaming\IsolatedStorage
2013-06-17 09:13 . 2013-06-17 09:13
-------d-----wc:\progr
amdata\IsolatedStorage
2013-06-17 09:13 . 2013-06-17 09:13
-------d-----wc:\users
\Utente\AppData\Local\ _
2013-06-17 09:12 . 2013-06-17 12:33
-------d-----wc:\progr

am files\FileViewPro
2013-06-17 08:13 . 2013-06-18 08:27
-------d-----wc:\users
\Utente\AppData\Roaming\Rovio
2013-06-14 08:20 . 2013-06-14 08:27
-------d-----wc:\progr
am files (x86)\PSPaudioware
2013-06-12 13:36 . 2013-06-12 13:36
-------d-----wc:\users
\Utente\.MakeMKV
2013-06-12 13:36 . 2013-06-14 08:28
-------d-----wc:\progr
am files (x86)\MakeMKV
2013-06-12 06:31 . 2013-06-08 12:28
2706432 ----a-wc:\windows\syste
m32\mshtml.tlb
2013-06-12 06:28 . 2013-05-08 06:39
1910632 ----a-wc:\windows\syste
m32\drivers\tcpip.sys
2013-06-10 14:21 . 2013-06-10 14:21
-------d-----wc:\progr
am files (x86)\Shark007
2013-06-10 14:19 . 2013-06-29 12:54
-------d-----wc:\progr
amdata\Advanced
2013-06-10 14:11 . 2013-06-10 14:23
-------d-----wc:\users
\Utente\AppData\Roaming\Shark007
2013-06-10 14:11 . 2013-06-10 14:23
-------d-----wc:\progr
amdata\Shark007
2013-06-10 14:11 . 2013-03-17 08:22
3554304 ----a-wc:\windows\syste
m32\x264vfw.dll
2013-06-10 14:11 . 2012-07-21 10:55
180736 ----a-wc:\windows\syste
m32\ac3acm.acm
2013-06-10 14:11 . 2012-07-21 10:54
361472 ----a-wc:\windows\syste
m32\aacacm.acm
2013-06-10 14:11 . 2011-12-07 18:37
148992 ----a-wc:\windows\syste
m32\lagarith.dll
2013-06-10 14:11 . 2013-04-05 19:27
2231296 ----a-wc:\windows\syste
m32\ac3filter.acm
2013-06-10 14:11 . 2012-07-17 13:21
206336 ----a-wc:\windows\syste
m32\unrar64.dll
2013-06-10 14:11 . 2013-06-21 18:00
127488 ----a-wc:\windows\syste
m32\ff_vfw.dll
2013-06-10 14:11 . 2013-06-10 14:23
-------d-----wc:\progr
am files\Shark007
2013-06-10 14:11 . 2013-05-31 09:00
1922048 ----a-wc:\windows\syste
m32\VSFilter.dll
2013-06-10 14:11 . 2009-01-22 20:51
124909 ----a-wc:\windows\syste
m32\pthreadGC2.dll
2013-06-09 09:41 . 2013-06-09 09:41
-------d-----wc:\users
\Utente\AppData\Roaming\Malwarebytes
2013-06-09 09:41 . 2013-06-09 09:41
-------d-----wc:\progr
amdata\Malwarebytes
2013-06-09 09:41 . 2013-06-09 09:41
-------d-----wc:\progr
am files (x86)\Malwarebytes' Anti-Malware
2013-06-09 09:41 . 2013-04-04 12:50
25928 ----a-wc:\windows\syste
m32\drivers\mbam.sys
2013-06-08 16:29 . 2013-06-08 17:11
-------d-----wc:\progr
amdata\Tarma Installer
2013-06-08 16:29 . 2013-06-08 16:33
-------d-----wc:\progr
am files (x86)\YourFileDownloader
2013-06-08 16:29 . 2013-06-08 16:29
-------d-----wc:\users
\Utente\AppData\Roaming\YourFileDownloader
2013-06-08 07:45 . 2013-06-08 16:41
-------d-----wc:\progr
am files (x86)\7 Quick Fix
2013-06-05 08:02 . 2013-06-05 08:02
-------d-----wc:\users
\Utente\AppData\Roaming\TuneUp Software
2013-06-05 08:02 . 2013-06-05 09:30
-------d-----wc:\progr

amdata\TuneUp Software
2013-06-05 08:01 . 2013-06-05 08:13
-------d-sh--wc:\progr
amdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
))))))))))))))))))))))))))))))
.
2013-07-01 08:08 . 2013-05-09 16:23
867240 ----a-wc:\windows\SysWo
w64\npDeployJava1.dll
2013-07-01 08:08 . 2013-05-09 16:23
789416 ----a-wc:\windows\SysWo
w64\deployJava1.dll
2013-06-27 20:51 . 2013-05-12 06:12
189936 ----a-wc:\windows\syste
m32\drivers\aswVmm.sys
2013-06-27 20:51 . 2013-05-12 06:12
378944 ----a-wc:\windows\syste
m32\drivers\aswSP.sys
2013-06-27 20:51 . 2013-05-12 06:12
1030952 ----a-wc:\windows\syste
m32\drivers\aswSnx.sys
2013-06-19 07:04 . 2013-05-10 16:02
71048 ----a-wc:\windows\SysWo
w64\FlashPlayerCPLApp.cpl
2013-06-19 07:04 . 2013-05-10 16:02
692104 ----a-wc:\windows\SysWo
w64\FlashPlayerApp.exe
2013-06-12 06:36 . 2013-05-09 15:48
75825640
----a-wc:\windo
ws\system32\MRT.exe
2013-05-16 12:59 . 2013-05-16 12:59
367200 ----a-wc:\windows\syste
m32\drivers\afcdp.sys
2013-05-16 12:59 . 2013-05-16 12:59
1340040 ----a-wc:\windows\syste
m32\drivers\tdrpman.sys
2013-05-16 12:59 . 2013-05-16 12:59
1093256 ----a-wc:\windows\syste
m32\drivers\tib_mounter.sys
2013-05-16 12:59 . 2013-05-16 12:59
228488 ----a-wc:\windows\syste
m32\drivers\vididr.sys
2013-05-16 12:59 . 2013-05-16 12:59
166024 ----a-wc:\windows\syste
m32\drivers\vidsflt.sys
2013-05-16 12:59 . 2013-05-16 12:59
340104 ----a-wc:\windows\syste
m32\drivers\snapman.sys
2013-05-16 12:59 . 2013-05-16 12:59
155272 ----a-wc:\windows\syste
m32\drivers\fltsrv.sys
2013-05-16 07:57 . 2013-05-16 07:57
82816 ----a-wc:\users\Utente\
AppData\Roaming\pcouffin.sys
2013-05-12 06:37 . 2013-05-12 06:38
1187697 ----a-wc:\windows\unins
000.exe
2013-05-09 15:27 . 2013-05-09 15:27
97280 ----a-wc:\windows\syste
m32\mshtmled.dll
2013-05-09 15:27 . 2013-05-09 15:27
92160 ----a-wc:\windows\syste
m32\SetIEInstalledDate.exe
2013-05-09 15:27 . 2013-05-09 15:27
905728 ----a-wc:\windows\syste
m32\mshtmlmedia.dll
2013-05-09 15:27 . 2013-05-09 15:27
81408 ----a-wc:\windows\syste
m32\icardie.dll
2013-05-09 15:27 . 2013-05-09 15:27
77312 ----a-wc:\windows\syste
m32\tdc.ocx
2013-05-09 15:27 . 2013-05-09 15:27
762368 ----a-wc:\windows\syste
m32\ieapfltr.dll
2013-05-09 15:27 . 2013-05-09 15:27
73728 ----a-wc:\windows\SysWo
w64\SetIEInstalledDate.exe
2013-05-09 15:27 . 2013-05-09 15:27
719360 ----a-wc:\windows\SysWo
w64\mshtmlmedia.dll
2013-05-09 15:27 . 2013-05-09 15:27
62976 ----a-wc:\windows\syste

m32\pngfilt.dll
2013-05-09 15:27 .
w64\tdc.ocx
2013-05-09 15:27 .
m32\vbscript.dll
2013-05-09 15:27 .
w64\vbscript.dll
2013-05-09 15:27 .
m32\msfeedsbs.dll
2013-05-09 15:27 .
m32\imgutil.dll
2013-05-09 15:27 .
w64\mshtmler.dll
2013-05-09 15:27 .
m32\mshtmler.dll
2013-05-09 15:27 .
m32\dxtmsft.dll
2013-05-09 15:27 .
m32\html.iec
2013-05-09 15:27 .
w64\imgutil.dll
2013-05-09 15:27 .
w64\html.iec
2013-05-09 15:27 .
m32\dxtrans.dll
2013-05-09 15:27 .
m32\licmgr10.dll
2013-05-09 15:27 .
m32\iedkcs32.dll
2013-05-09 15:27 .
m32\webcheck.dll
2013-05-09 15:27 .
m32\url.dll
2013-05-09 15:27 .
w64\licmgr10.dll
2013-05-09 15:27 .
m32\elshyph.dll
2013-05-09 15:27 .
m32\msls31.dll
2013-05-09 15:27 .
m32\msrating.dll
2013-05-09 15:27 .
w64\elshyph.dll
2013-05-09 15:27 .
m32\ieUnatt.exe
2013-05-09 15:27 .
m32\iexpress.exe
2013-05-09 15:27 .
w64\msls31.dll
2013-05-09 15:27 .
m32\inetcpl.cpl
2013-05-09 15:27 .
w64\iexpress.exe
2013-05-09 15:27 .
m32\occache.dll
2013-05-09 15:27 .
m32\wextract.exe
2013-05-09 15:27 .
w64\inetcpl.cpl
2013-05-09 15:27 .

2013-05-09 15:27

61952

----a-w-

c:\windows\SysWo

2013-05-09 15:27

599552 ----a-w-

c:\windows\syste

2013-05-09 15:27

523264 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

52224

----a-w-

c:\windows\syste

2013-05-09 15:27

51200

----a-w-

c:\windows\syste

2013-05-09 15:27

48640

----a-w-

c:\windows\SysWo

2013-05-09 15:27

48640

----a-w-

c:\windows\syste

2013-05-09 15:27

452096 ----a-w-

c:\windows\syste

2013-05-09 15:27

441856 ----a-w-

c:\windows\syste

2013-05-09 15:27

38400

----a-w-

c:\windows\SysWo

2013-05-09 15:27

361984 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

281600 ----a-w-

c:\windows\syste

2013-05-09 15:27

27648

----a-w-

c:\windows\syste

2013-05-09 15:27

270848 ----a-w-

c:\windows\syste

2013-05-09 15:27

247296 ----a-w-

c:\windows\syste

2013-05-09 15:27

235008 ----a-w-

c:\windows\syste

2013-05-09 15:27

23040

----a-w-

c:\windows\SysWo

2013-05-09 15:27

226304 ----a-w-

c:\windows\syste

2013-05-09 15:27

216064 ----a-w-

c:\windows\syste

2013-05-09 15:27

197120 ----a-w-

c:\windows\syste

2013-05-09 15:27

185344 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

173568 ----a-w-

c:\windows\syste

2013-05-09 15:27

167424 ----a-w-

c:\windows\syste

2013-05-09 15:27

158720 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

1509376 ----a-w-

c:\windows\syste

2013-05-09 15:27

150528 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

149504 ----a-w-

c:\windows\syste

2013-05-09 15:27

144896 ----a-w-

c:\windows\syste

2013-05-09 15:27

1441280 ----a-w-

c:\windows\SysWo

2013-05-09 15:27

1400416 ----a-w-

c:\windows\syste

m32\ieapfltr.dat
2013-05-09 15:27 . 2013-05-09 15:27
w64\wextract.exe
2013-05-09 15:27 . 2013-05-09 15:27
m32\mshta.exe
2013-05-09 15:27 . 2013-05-09 15:27
w64\ieUnatt.exe
2013-05-09 15:27 . 2013-05-09 15:27
m32\iepeers.dll
2013-05-09 15:27 . 2013-05-09 15:27
m32\IEAdvpack.dll
2013-05-09 15:27 . 2013-05-09 15:27
w64\mshta.exe
2013-05-09 15:27 . 2013-05-09 15:27
m32\msfeedssync.exe
2013-05-09 15:27 . 2013-05-09 15:27
w64\IEAdvpack.dll
2013-05-09 15:27 . 2013-05-09 15:27
m32\MsSpellCheckingFacility.exe
2013-05-09 15:27 . 2013-05-09 15:27
m32\inseng.dll
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswKbd.sys
2013-05-09 08:59 . 2013-05-12 06:12
m32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-05-12 06:11
SS.scr
2013-05-09 08:58 . 2013-05-09 17:23
m32\aswBoot.exe
2013-05-08 08:00 . 2013-05-08 08:00
w64\RealMediaSplitter.ax
2013-05-08 08:00 . 2013-05-08 08:00
(x86)\Common Files\atimpenc.dll
2013-05-02 00:06 . 2010-11-21 03:27
m32\MpSigStub.exe
2013-04-15 09:50 . 2013-05-18 08:44
m32\drivers\scdemu.sys
2013-04-13 05:49 . 2013-05-16 05:59
tch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 05:59
tch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 05:59
tch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 05:59
tch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 05:59
tch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 05:59
tch\AcGenral.dll
2013-04-12 14:45 . 2013-05-09 14:47
m32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 05:59

138752 ----a-w-

c:\windows\SysWo

13824

----a-w-

c:\windows\syste

137216 ----a-w-

c:\windows\SysWo

136192 ----a-w-

c:\windows\syste

135680 ----a-w-

c:\windows\syste

12800

----a-w-

c:\windows\SysWo

12800

----a-w-

c:\windows\syste

110592 ----a-w-

c:\windows\SysWo

1054720 ----a-w-

c:\windows\syste

102912 ----a-w-

c:\windows\syste

72016

----a-w-

c:\windows\syste

64288

----a-w-

c:\windows\syste

65336

----a-w-

c:\windows\syste

33400

----a-w-

c:\windows\syste

22600

----a-w-

c:\windows\syste

80816

----a-w-

c:\windows\syste

41664

----a-w-

c:\windows\avast

287840 ----a-w-

c:\windows\syste

421888 ----a-w-

c:\windows\SysWo

2174976 ----a-w-

c:\program files

278800 ------w-

c:\windows\syste

127384 ----a-w-

c:\windows\syste

135168 ----a-w-

c:\windows\apppa

350208 ----a-w-

c:\windows\apppa

308736 ----a-w-

c:\windows\apppa

111104 ----a-w-

c:\windows\apppa

474624 ----a-w-

c:\windows\apppa

2176512 ----a-w-

c:\windows\apppa

1656680 ----a-w-

c:\windows\syste

265064 ----a-w-

c:\windows\syste

m32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 05:59
983400 ----a-wc:\windows\syste
m32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 06:20
3153920 ----a-wc:\windows\syste
m32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart
.exe" [2010-02-10 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMount
er\TibMounterMonitor.exe" [2012-07-24 942376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch
ed.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute
REG_MULTI_SZ
PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch
ed.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c
:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft
.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mba
mservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [
x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:
\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\
program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNAT
IVE\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\dri
vers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATI
VE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD
.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\
WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]

S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.s


ys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c
:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows
\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c
:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\A
cronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv
.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\a
tiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSN
ATIVE\drivers\aswMonFlt.sys [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvan
y.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware
\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamschedul
er.exe [x]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common
Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files
\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\wind
ows\SysWOW64\NLSSRV32.EXE [x]
S2 PDFSFilter;PDFSFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys;c:\windows\S
YSNATIVE\DRIVERS\PDFsFilter.sys [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\A
cronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\Sy
ncAgent\syncagentsrv.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVER
S\afcdp.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\wind
ows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\S
YSNATIVE\drivers\mbam.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria --.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries ----------.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
overlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58
133840 ----a-wc:\program files\AVAST Software\
Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
overlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"

[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2012-09-24 21:56
2736240 ----a-wc:\program files (x86)\Acronis\T
rueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
overlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2012-09-24 21:56
2736240 ----a-wc:\program files (x86)\Acronis\T
rueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
overlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2012-09-24 21:56
2736240 ----a-wc:\program files (x86)\Acronis\T
rueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 654811
2]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedu
le2\schedhlp.exe" [2012-09-24 404144]
.
------- Scansione supplementare ------.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: Interfaces\{FEAF0D2E-4556-4C67-806B-89C64F6A0A86}: NameServer = 8.8.8.8,8.8
.4.4
FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2
ybq4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-05-09 19:33; wrc@avast.com; c:\program files\AVAST Software\Av
ast\WebRep\FF
FF - ExtSQL: 2013-05-10 16:45; {B17C1C5A-04B1-11DB-9804-B622A1EF5492}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{B17
C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
FF - ExtSQL: 2013-05-10 16:50; {66E978CD-981F-47DF-AC42-E3CF417C1467}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{66E
978CD-981F-47DF-AC42-E3CF417C1467}.xpi
FF - ExtSQL: 2013-05-11 15:55; alldebrid@alldebrid.com; c:\users\Utente\AppData\
Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\alldebrid@alldebrid
.com.xpi
FF - ExtSQL: 2013-05-13 15:24; uriloader@pdf.js; c:\users\Utente\AppData\Roaming
\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\uriloader@pdf.js.xpi
FF - ExtSQL: 2013-05-14 12:25; q5mve@uae-.net; c:\users\Utente\AppData\Roaming\M
ozilla\Firefox\Profiles\s4g2ybq4.default\extensions\q5mve@uae-.net
FF - ExtSQL: 2013-05-24 16:36; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{d10
d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-05-24 16:51; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{a0d
7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - ExtSQL: 2013-06-12 15:45; jid1-MA2AfbgHyjJd9g@jetpack; c:\users\Utente\AppD


ata\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\jid1-MA2AfbgHyj
Jd9g@jetpack.xpi
FF - ExtSQL: 2013-06-22 09:53; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{DDC
359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-06-25 12:03; client@anonymox.net; c:\users\Utente\AppData\Roam
ing\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-06-26 10:47; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:\users\
Utente\AppData\Roaming\Mozilla\Firefox\Profiles\s4g2ybq4.default\extensions\{053
8E3E3-7E9B-4d49-8831-A227C80A7AD3}
.
- - - - CHIAVI ORFANE RIMOSSE - - - .
ShellIconOverlayIdentifiers-{1EC23CFF-4C58-458f-924C-8519AEF61B32} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE --------------------.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700
_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700
_224_ActiveX.exe,-101"
.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione -----------------------.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\KMService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
.
**************************************************************************
.
Ora fine scansione: 2013-07-03 18:04:34 - Il pc stato riavviato
ComboFix-quarantined-files.txt 2013-07-03 16:04
.
Pre-Run: 43.900.211.200 byte disponibili
Post-Run: 46.786.203.648 byte disponibili
.
- - End Of File - - 69DC7692C6E859F1E3495D6DE361FB99
A36C5E4F47E84449FF07ED3517B43A31

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy