Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

COMBBOOFIXXE

By: a guest on May 5th, 2012  |  syntax: None  |  size: 24.70 KB  |  hits: 42  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. ComboFix 12-05-05.05 - siemens 05/05/2012  11:14:41.1.2 - x64
  2. Microsoft Windows 7 Home Premium   6.1.7601.1.1252.39.1040.18.7989.5349 [GMT 2:00]
  3. Eseguito da: c:\users\siemens\Downloads\ComboFix.exe
  4. AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
  5. FW: FireWall *Enabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57}
  6. SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8.  * Creato nuovo punto di ripristino
  9. .
  10. .
  11. (((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
  12. .
  13. .
  14. c:\users\Public\hosts
  15. c:\users\siemens\Documents\SYS
  16. c:\windows\SysWow64\install
  17. .
  18. .
  19. (((((((((((((((((((((((((   Files Creati Da 2012-04-05 al 2012-05-05  )))))))))))))))))))))))))))))))))))
  20. .
  21. .
  22. 2012-05-05 09:19 . 2012-05-05 09:19     --------        d-----w-        c:\users\Default\AppData\Local\temp
  23. 2012-05-04 17:02 . 2012-05-04 17:06     --------        d-----w-        c:\program files (x86)\Appnimi
  24. 2012-05-04 11:29 . 2012-04-13 08:46     8917360 ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6413143E-9E43-41E0-B604-F12F38520704}\mpengine.dll
  25. 2012-05-02 07:24 . 2012-05-02 07:24     --------        d-----w-        c:\program files (x86)\MIKSOFT
  26. 2012-05-01 11:41 . 2012-05-01 11:46     --------        d-----w-        c:\program files\NetSpeedMonitor
  27. 2012-05-01 11:38 . 2012-05-01 11:37     716318  ----a-w-        c:\windows\unins000.exe
  28. 2012-04-30 20:10 . 2012-05-05 07:54     --------        d-----w-        c:\programdata\i2p
  29. 2012-04-30 20:10 . 2012-04-30 20:10     --------        d-----w-        c:\program files (x86)\i2p
  30. 2012-04-30 20:01 . 2012-04-30 20:01     --------        d-----w-        c:\program files (x86)\CCleaner
  31. 2012-04-26 17:42 . 2012-04-26 17:42     --------        d-----w-        C:\UnicoOnLine
  32. 2012-04-24 20:10 . 2012-04-24 20:10     --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
  33. 2012-04-23 08:37 . 2012-04-23 08:37     --------        d-----w-        c:\program files (x86)\Codice Fiscale
  34. 2012-04-23 07:43 . 2012-04-23 07:43     --------        d-----w-        c:\windows\Sun
  35. 2012-04-22 19:18 . 2012-04-22 19:18     --------        d-----r-        C:\Sandbox
  36. 2012-04-20 17:56 . 2009-08-19 21:50     24416   ----a-r-        c:\windows\system32\AdobePDFUI.dll
  37. 2012-04-20 17:56 . 2009-08-19 21:50     52568   ----a-r-        c:\windows\system32\AdobePDF.dll
  38. 2012-04-20 17:50 . 2009-02-27 10:55     111992  ----a-w-        c:\windows\SysWow64\acaptuser32.dll
  39. 2012-04-20 17:46 . 2012-04-20 17:46     --------        d-----w-        c:\programdata\FLEXnet
  40. 2012-04-20 17:42 . 2012-04-20 17:42     --------        d-----w-        c:\program files (x86)\Common Files\Macrovision Shared
  41. 2012-04-20 17:34 . 2009-02-24 16:35     255552  ----a-w-        c:\windows\SysWow64\drivers\mcdbus.sys
  42. 2012-04-20 17:34 . 2009-02-24 16:35     255552  ----a-w-        c:\windows\system32\drivers\mcdbus.sys
  43. 2012-04-20 17:34 . 2012-04-20 17:34     --------        d-----w-        c:\program files (x86)\MagicDisc
  44. 2012-04-20 17:32 . 2012-04-20 17:32     --------        d-----w-        c:\program files (x86)\MagicISO
  45. 2012-04-20 16:54 . 2012-02-03 13:18     139512  ----a-w-        c:\windows\system32\drivers\avfwot.sys
  46. 2012-04-20 16:54 . 2012-02-03 13:18     113768  ----a-w-        c:\windows\system32\drivers\avfwim.sys
  47. 2012-04-20 16:51 . 2012-05-05 08:51     8769696 ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
  48. 2012-04-20 16:43 . 2012-02-03 13:35     97312   ----a-w-        c:\windows\system32\drivers\avgntflt.sys
  49. 2012-04-20 16:43 . 2012-02-03 13:35     27760   ----a-w-        c:\windows\system32\drivers\avkmgr.sys
  50. 2012-04-20 16:43 . 2012-02-03 13:35     132320  ----a-w-        c:\windows\system32\drivers\avipbb.sys
  51. 2012-04-20 16:43 . 2012-04-20 16:43     --------        d-----w-        c:\program files (x86)\Avira
  52. 2012-04-20 16:02 . 2012-05-05 08:51     419488  ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
  53. 2012-04-20 16:02 . 2012-04-20 16:02     --------        d-----w-        c:\windows\system32\Macromed
  54. 2012-04-19 18:24 . 2012-04-19 18:24     21712   ----a-w-        c:\windows\SysWow64\drivers\DrvAgent64.SYS
  55. 2012-04-19 14:10 . 2012-04-19 14:19     --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
  56. 2012-04-19 14:10 . 2012-04-04 13:56     24904   ----a-w-        c:\windows\system32\drivers\mbam.sys
  57. 2012-04-18 20:55 . 2012-04-18 20:56     237     ----a-w-        C:\user.js
  58. 2012-04-18 20:53 . 2012-04-18 20:54     --------        d-----w-        c:\program files (x86)\Your Uninstaller! 7
  59. 2012-04-18 19:44 . 2012-04-18 19:44     --------        d-----w-        c:\programdata\Sync App Settings
  60. 2012-04-18 19:42 . 2012-04-18 19:43     --------        d-----w-        c:\program files (x86)\Allway Sync
  61. 2012-04-18 17:31 . 2012-04-18 17:35     --------        d-----w-        c:\programdata\PC Suite
  62. 2012-04-18 17:24 . 2012-04-18 17:25     --------        d-----w-        c:\program files (x86)\Common Files\Nokia
  63. 2012-04-18 17:24 . 2012-04-18 17:24     --------        d-----w-        c:\programdata\Nokia
  64. 2012-04-18 17:20 . 2012-04-18 17:20     --------        d-----w-        c:\program files\DIFX
  65. 2012-04-18 17:20 . 2008-08-28 09:44     25600   ----a-w-        c:\windows\system32\drivers\pccsmcfdx64.sys
  66. 2012-04-18 17:19 . 2012-04-18 17:20     --------        dc----w-        c:\windows\system32\DRVSTORE
  67. 2012-04-18 17:16 . 2012-04-18 17:17     --------        d-----w-        c:\program files (x86)\PC Connectivity Solution
  68. 2012-04-18 16:51 . 2012-04-18 16:51     --------        d-----w-        c:\program files (x86)\Epocware
  69. 2012-04-18 09:01 . 2012-02-23 12:24     24408   ----a-w-        c:\windows\system32\RegistryDefragBootTime.exe
  70. 2012-04-18 08:49 . 2012-04-18 08:49     --------        d-----w-        c:\programdata\IObit
  71. 2012-04-18 08:48 . 2012-04-18 08:48     --------        d-----w-        c:\program files (x86)\IObit
  72. 2012-04-17 21:47 . 2012-04-17 21:47     --------        d-----w-        c:\programdata\Comodo
  73. 2012-04-17 21:29 . 2012-04-18 09:33     --------        d-----w-        c:\programdata\regid.1986-12.com.adobe
  74. 2012-04-17 21:23 . 2012-04-17 21:23     --------        d-----w-        c:\program files (x86)\Trend Micro
  75. 2012-04-17 20:39 . 2012-04-17 21:18     --------        d-----w-        C:\adobetmp
  76. 2012-04-17 19:23 . 2012-04-20 16:54     --------        d-----w-        c:\programdata\Avira
  77. 2012-04-17 18:01 . 2008-10-15 11:26     90112   ----a-w-        c:\windows\system32\Spool\prtprocs\x64\GSIMPPR.DLL
  78. 2012-04-17 17:57 . 2012-04-17 17:57     --------        d-----w-        c:\users\Public\LFxV2
  79. 2012-04-17 17:41 . 2010-01-08 21:41     10752   ----a-w-        c:\windows\system32\FUSServices.exe
  80. 2012-04-17 17:38 . 2012-04-17 17:57     --------        d-----w-        c:\programdata\Companion Suite Pro LL2
  81. 2012-04-17 17:35 . 2009-12-08 08:28     34816   ----a-w-        c:\windows\system32\CSPLL2P.dll
  82. 2012-04-17 17:34 . 2012-04-17 17:49     --------        d-----w-        c:\program files (x86)\Companion Suite Pro LL2
  83. 2012-04-17 13:26 . 2012-04-17 13:26     --------        d-----w-        c:\programdata\Protexis
  84. 2012-04-17 13:21 . 2012-04-17 13:26     --------        d-----w-        c:\programdata\Corel
  85. 2012-04-17 13:21 . 2012-04-17 13:21     --------        d-----w-        c:\program files (x86)\Common Files\Protexis
  86. 2012-04-17 13:08 . 2012-04-17 13:08     --------        d-----w-        c:\program files (x86)\Corel
  87. 2012-04-17 13:05 . 2007-06-20 18:49     409960  ----a-w-        c:\windows\system32\xactengine2_8.dll
  88. 2012-04-17 13:04 . 2006-12-08 10:02     251672  ----a-w-        c:\windows\SysWow64\xactengine2_5.dll
  89. 2012-04-17 13:01 . 2005-05-26 13:34     3767504 ----a-w-        c:\windows\system32\d3dx9_26.dll
  90. 2012-04-17 13:01 . 2005-05-26 13:34     2297552 ----a-w-        c:\windows\SysWow64\d3dx9_26.dll
  91. 2012-04-17 11:27 . 2012-04-18 07:55     --------        d-----w-        c:\programdata\CPA_VA
  92. 2012-04-17 11:15 . 2012-04-18 07:55     --------        d-----w-        c:\program files\COMODO
  93. 2012-04-17 11:15 . 2012-04-17 11:15     348160  ----a-w-        c:\windows\SysWow64\msvcr71.dll
  94. 2012-04-17 11:15 . 2012-04-17 11:15     1060864 ----a-w-        c:\windows\SysWow64\mfc71.dll
  95. 2012-04-17 11:15 . 2012-04-17 11:15     1700352 ----a-w-        c:\windows\SysWow64\gdiplus.dll
  96. 2012-04-17 11:10 . 2012-04-18 17:24     --------        d-----w-        c:\program files (x86)\Nokia
  97. 2012-04-17 11:09 . 2012-04-17 11:09     --------        d-----w-        c:\windows\Downloaded Installations
  98. 2012-04-17 10:55 . 2011-09-24 13:02     17216   ----a-w-        c:\windows\system32\nitrolocalui.dll
  99. 2012-04-17 10:55 . 2011-09-24 13:02     28992   ----a-w-        c:\windows\system32\nitrolocalmon.dll
  100. 2012-04-17 10:53 . 2012-04-17 10:53     --------        d-----w-        c:\programdata\Nitro PDF
  101. 2012-04-17 10:53 . 2012-04-17 10:53     --------        d-----w-        c:\program files\Common Files\Nitro PDF
  102. 2012-04-17 10:53 . 2012-04-17 10:53     --------        d-----w-        c:\program files (x86)\Nitro PDF
  103. 2012-04-17 10:53 . 2012-04-17 10:53     --------        d-----w-        c:\program files (x86)\Common Files\Nitro PDF
  104. 2012-04-17 10:44 . 2012-04-17 10:44     --------        d-----w-        c:\program files (x86)\uTorrent
  105. 2012-04-17 10:36 . 2012-04-17 10:38     --------        d-----w-        c:\programdata\WinZip
  106. 2012-04-17 10:31 . 2012-04-17 10:31     --------        d-----w-        C:\v2.07g_Firmware_Aficio_SP1100S_SP1100SF
  107. 2012-04-17 10:30 . 2012-04-17 10:46     --------        d-----w-        C:\temp
  108. 2012-04-16 21:00 . 2012-04-16 21:00     58584   ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
  109. 2012-04-16 20:54 . 2012-04-16 20:54     102616  ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
  110. 2012-04-16 20:54 . 2012-04-16 20:54     47320   ----a-w-        c:\windows\system32\drivers\GDBehave.sys
  111. 2012-04-16 20:54 . 2012-04-16 20:54     63704   ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys
  112. 2012-04-16 20:50 . 2012-04-17 07:42     --------        d-----w-        c:\programdata\G DATA
  113. 2012-04-16 20:50 . 2012-04-17 07:42     --------        d-----w-        c:\program files (x86)\Common Files\G Data
  114. 2012-04-16 17:50 . 2012-02-28 06:42     2382848 ----a-w-        c:\windows\system32\mshtml.tlb
  115. 2012-04-16 17:50 . 2012-02-28 01:03     2382848 ----a-w-        c:\windows\SysWow64\mshtml.tlb
  116. 2012-04-16 17:42 . 2012-04-16 17:42     --------        d-----w-        c:\windows\SysWow64\wbem\en-US
  117. 2012-04-16 17:42 . 2012-04-16 17:42     --------        d-----w-        c:\windows\system32\wbem\en-US
  118. 2012-04-16 17:42 . 2012-04-16 17:42     --------        d-----w-        c:\windows\SysWow64\Wat
  119. 2012-04-16 17:42 . 2012-04-16 17:42     --------        d-----w-        c:\windows\system32\Wat
  120. 2012-04-16 17:29 . 2012-03-06 06:53     5559152 ----a-w-        c:\windows\system32\ntoskrnl.exe
  121. 2012-04-16 17:29 . 2012-03-06 05:59     3968368 ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
  122. 2012-04-16 17:29 . 2012-03-06 05:59     3913072 ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
  123. 2012-04-16 17:26 . 2011-04-22 22:15     27520   ----a-w-        c:\windows\system32\drivers\Diskdump.sys
  124. 2012-04-16 17:23 . 2011-03-25 03:29     343040  ----a-w-        c:\windows\system32\drivers\usbhub.sys
  125. 2012-04-16 17:23 . 2011-03-25 03:29     98816   ----a-w-        c:\windows\system32\drivers\usbccgp.sys
  126. 2012-04-16 17:23 . 2011-03-25 03:29     325120  ----a-w-        c:\windows\system32\drivers\usbport.sys
  127. 2012-04-16 17:23 . 2011-03-25 03:29     52736   ----a-w-        c:\windows\system32\drivers\usbehci.sys
  128. 2012-04-16 17:23 . 2011-03-25 03:29     25600   ----a-w-        c:\windows\system32\drivers\usbohci.sys
  129. 2012-04-16 17:23 . 2011-03-25 03:29     30720   ----a-w-        c:\windows\system32\drivers\usbuhci.sys
  130. 2012-04-16 17:23 . 2011-03-25 03:28     7936    ----a-w-        c:\windows\system32\drivers\usbd.sys
  131. 2012-04-16 17:22 . 2011-03-11 06:33     2565632 ----a-w-        c:\windows\system32\esent.dll
  132. 2012-04-16 17:22 . 2011-03-11 06:41     27008   ----a-w-        c:\windows\system32\drivers\amdxata.sys
  133. 2012-04-16 17:22 . 2011-03-11 06:30     96768   ----a-w-        c:\windows\system32\fsutil.exe
  134. 2012-04-16 17:22 . 2011-03-11 05:33     1699328 ----a-w-        c:\windows\SysWow64\esent.dll
  135. 2012-04-16 17:22 . 2011-03-11 06:41     1659776 ----a-w-        c:\windows\system32\drivers\ntfs.sys
  136. 2012-04-16 17:22 . 2011-03-11 05:31     74240   ----a-w-        c:\windows\SysWow64\fsutil.exe
  137. 2012-04-16 17:22 . 2011-03-11 06:41     189824  ----a-w-        c:\windows\system32\drivers\storport.sys
  138. 2012-04-16 17:22 . 2011-03-11 06:41     166272  ----a-w-        c:\windows\system32\drivers\nvstor.sys
  139. 2012-04-16 17:22 . 2011-03-11 06:41     148352  ----a-w-        c:\windows\system32\drivers\nvraid.sys
  140. 2012-04-16 17:22 . 2011-03-11 06:41     410496  ----a-w-        c:\windows\system32\drivers\iaStorV.sys
  141. 2012-04-16 17:22 . 2011-03-11 06:41     107904  ----a-w-        c:\windows\system32\drivers\amdsata.sys
  142. 2012-04-16 17:21 . 2011-02-18 10:51     31232   ----a-w-        c:\windows\system32\prevhost.exe
  143. 2012-04-16 17:21 . 2011-02-18 05:39     31232   ----a-w-        c:\windows\SysWow64\prevhost.exe
  144. 2012-04-16 17:14 . 2011-04-28 03:55     552960  ----a-w-        c:\windows\system32\drivers\bthport.sys
  145. 2012-04-16 17:14 . 2011-04-28 03:54     80384   ----a-w-        c:\windows\system32\drivers\BTHUSB.SYS
  146. 2012-04-16 16:56 . 2012-03-01 06:46     23408   ----a-w-        c:\windows\system32\drivers\fs_rec.sys
  147. .
  148. .
  149. ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
  150. .
  151. 2012-04-13 14:05 . 2011-03-28 16:36     19352   ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  152. 2012-03-08 16:50 . 2012-03-08 16:50     49016   ----a-w-        c:\windows\SysWow64\sirenacm.dll
  153. 2012-02-23 08:18 . 2010-11-21 03:27     279656  ------w-        c:\windows\system32\MpSigStub.exe
  154. .
  155. .
  156. (((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
  157. .
  158. .
  159. *Nota* i valori vuoti & legittimi/default non sono visualizzati.
  160. REGEDIT4
  161. .
  162. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  163. "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
  164. "Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
  165. "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-02-01 1083264]
  166. "Allway Sync"="c:\program files (x86)\Allway Sync\Bin\syncappw.exe" [2010-05-31 102224]
  167. .
  168. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  169. "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
  170. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
  171. "MFFSum_Pro_LL2"="c:\program files (x86)\Companion Suite Pro LL2\MFFSUM.exe" [2010-01-08 24576]
  172. "MFPrintServer_Pro_LL2"="c:\program files (x86)\Companion Suite Pro LL2\MFPrintServer.exe" [2010-01-08 73728]
  173. "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
  174. "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-02-03 258512]
  175. "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]
  176. "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]
  177. .
  178. c:\users\siemens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  179. MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-4-20 576000]
  180. .
  181. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  182. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  183. "ConsentPromptBehaviorUser"= 3 (0x3)
  184. "EnableLUA"= 0 (0x0)
  185. "EnableUIADesktopToggle"= 0 (0x0)
  186. "PromptOnSecureDesktop"= 0 (0x0)
  187. .
  188. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  189. Security Packages       REG_MULTI_SZ    kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  190. .
  191. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  192. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  193. R2 FUSServices;Session Launcher Service;c:\windows\SysWOW64\FUSServices.exe [2010-01-08 10752]
  194. R2 gupdate;Servizio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 136176]
  195. R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
  196. R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
  197. R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-19 21712]
  198. R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 136176]
  199. R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-24 129976]
  200. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  201. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
  202. R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  203. R3 XMLDIUSB;XML USB Device Interface;c:\windows\system32\Drivers\XMLDIUSB.sys [x]
  204. S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
  205. S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
  206. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  207. S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
  208. S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
  209. S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2012-02-03 616400]
  210. S2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-02-03 342480]
  211. S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-02-03 86224]
  212. S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-02-03 463824]
  213. S2 i2p;I2P Service;c:\program files (x86)\i2p\I2Psvc.exe [2012-04-30 375576]
  214. S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
  215. S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
  216. S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
  217. S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-01 2314240]
  218. S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
  219. S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [x]
  220. S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
  221. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
  222. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  223. .
  224. .
  225. Contenuto della cartella 'Scheduled Tasks'
  226. .
  227. 2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
  228. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 08:51]
  229. .
  230. 2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  231. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 11:22]
  232. .
  233. 2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  234. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 11:22]
  235. .
  236. .
  237. --------- x86-64 -----------
  238. .
  239. .
  240. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  241. "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
  242. .
  243. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  244. "LoadAppInit_DLLs"=0x1
  245. "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
  246. .
  247. ------- Scansione supplementare -------
  248. .
  249. uLocal Page = c:\windows\system32\blank.htm
  250. mLocal Page = c:\windows\SysWOW64\blank.htm
  251. IE: Append to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  252. IE: Convert link target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  253. IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  254. IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  255. IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  256. LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
  257. TCP: DhcpNameServer = 176.31.229.24 176.31.229.25
  258. TCP: Interfaces\{6BAAAA30-A2AB-4BF1-A6AA-97C1369E4380}: NameServer = 176.31.229.24,176.31.229.25
  259. TCP: Interfaces\{6BAAAA30-A2AB-4BF1-A6AA-97C1369E4380}\4505D2C494E4B4F5646334334443: NameServer = 198.153.192.40,198.153.194.40
  260. TCP: Interfaces\{D782A5EF-0035-462C-A643-A7409EC87F7D}: NameServer = 176.31.229.24,176.31.229.25
  261. TCP: Interfaces\{DD1A41EA-2ABC-4623-B985-EA93EE27DCDE}: NameServer = 176.31.229.24,176.31.229.25
  262. FF - ProfilePath - c:\users\siemens\AppData\Roaming\Mozilla\Firefox\Profiles\dpozp29p.default\
  263. FF - prefs.js: browser.search.selectedEngine - FiRESHARiNG
  264. FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
  265. FF - prefs.js: network.proxy.http - 127.0.0.1
  266. FF - prefs.js: network.proxy.http_port - 4444
  267. FF - prefs.js: network.proxy.ssl - 127.0.0.1
  268. FF - prefs.js: network.proxy.ssl_port - 4445
  269. FF - prefs.js: network.proxy.type - 0
  270. .
  271. - - - - CHIAVI ORFANE RIMOSSE - - - -
  272. .
  273. HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
  274. .
  275. .
  276. .
  277. --------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
  278. .
  279. [HKEY_USERS\S-1-5-21-1425158487-3100198340-1535139052-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*¾Z>g¨yh]
  280. @Class="Shell"
  281. @Allowed: (Read) (RestrictedCode)
  282. .
  283. [HKEY_USERS\S-1-5-21-1425158487-3100198340-1535139052-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*E¥ªtE¥ªt¾Z‹c†*‹]
  284. @Class="Shell"
  285. @Allowed: (Read) (RestrictedCode)
  286. .
  287. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  288. @Denied: (A 2) (Everyone)
  289. @="FlashBroker"
  290. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
  291. .
  292. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  293. "Enabled"=dword:00000001
  294. .
  295. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  296. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
  297. .
  298. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  299. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  300. .
  301. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  302. @Denied: (A 2) (Everyone)
  303. @="Shockwave Flash Object"
  304. .
  305. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  306. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
  307. "ThreadingModel"="Apartment"
  308. .
  309. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  310. @="0"
  311. .
  312. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  313. @="ShockwaveFlash.ShockwaveFlash.11"
  314. .
  315. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  316. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
  317. .
  318. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  319. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  320. .
  321. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  322. @="1.0"
  323. .
  324. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  325. @="ShockwaveFlash.ShockwaveFlash"
  326. .
  327. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  328. @Denied: (A 2) (Everyone)
  329. @="Macromedia Flash Factory Object"
  330. .
  331. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  332. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
  333. "ThreadingModel"="Apartment"
  334. .
  335. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  336. @="FlashFactory.FlashFactory.1"
  337. .
  338. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  339. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
  340. .
  341. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  342. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  343. .
  344. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  345. @="1.0"
  346. .
  347. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  348. @="FlashFactory.FlashFactory"
  349. .
  350. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  351. @Denied: (A 2) (Everyone)
  352. @="IFlashBroker4"
  353. .
  354. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  355. @="{00020424-0000-0000-C000-000000000046}"
  356. .
  357. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  358. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  359. "Version"="1.0"
  360. .
  361. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  362. @Denied: (A) (Users)
  363. @Denied: (A) (Everyone)
  364. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  365. "BlindDial"=dword:00000000
  366. .
  367. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  368. @Denied: (Full) (Everyone)
  369. .
  370. Ora fine scansione: 2012-05-05  11:21:51
  371. ComboFix-quarantined-files.txt  2012-05-05 09:21
  372. .
  373. Pre-Run: 254.434.332.672 byte disponibili
  374. Post-Run: 254.372.892.672 byte disponibili
  375. .
  376. - - End Of File - - E4D9C009421407DD76E16504772768ED
create a new version of this paste RAW Paste Data