Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Salve, qualcuno mi può controllare combofix? Grazie

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Salve, qualcuno mi può controllare combofix? Grazie

Postdi mariaaa » 01/04/09 17:42

Ciao sono nuova ho conosciuto il portale tramite un amico, ho problemi con msn e dei rallentamenti nell' avvio e nella navigazione su internet tipo pagine che si aprono da sole e connesione che cade, allogo combofix:
ComboFix 09-03-31.04 - Administrator 2009-04-01 18:21:49.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1023.660 [GMT 2:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\abc.exe.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\repanad.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\repanad_nav.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\repanad_navps.dat
c:\programmi\MyWebSearch
c:\programmi\MyWebSearch\bar\Settings\s_pid.dat
c:\winnt\system32\ATHPRXY(2).DLL
c:\winnt\system32\ATHPRXY(3).DLL
c:\winnt\Web\default.htt

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_IAS


((((((((((((((((((((((((( Files Creati Da 2009-03-01 al 2009-04-01 )))))))))))))))))))))))))))))))))))
.

2009-04-01 00:51 . 2005-11-10 14:03 49,265 --a------ c:\winnt\system32\jpicpl32.cpl
2009-03-23 21:17 . 2009-03-23 21:17 <DIR> d-------- c:\programmi\Windows Live Safety Center
2009-03-23 18:23 . 2009-03-24 18:32 <DIR> d-------- c:\winnt\SxsCaPendDel
2009-03-23 18:22 . 2009-03-23 18:22 <DIR> d-------- c:\programmi\Windows Live SkyDrive
2009-03-16 01:51 . 2009-03-30 02:02 151 --a------ c:\winnt\PhotoSnapViewer.INI
2009-03-15 01:57 . 2009-03-15 02:29 101,287 --a------ c:\winnt\system32\drivers\klin.dat
2009-03-15 01:57 . 2009-03-15 02:29 89,601 --a------ c:\winnt\system32\drivers\klick.dat
2009-03-15 01:46 . 2009-03-15 01:46 <DIR> d-------- c:\programmi\Kaspersky Lab
2009-03-15 01:46 . 2009-04-01 18:25 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-03-15 01:46 . 2009-04-01 18:23 2,146,848 --ahs---- c:\winnt\system32\drivers\fidbox.dat
2009-03-15 01:46 . 2009-04-01 18:25 458,784 --ahs---- c:\winnt\system32\drivers\fidbox2.dat
2009-03-15 01:46 . 2009-04-01 18:23 18,900 --ahs---- c:\winnt\system32\drivers\fidbox.idx
2009-03-15 01:46 . 2009-04-01 18:24 3,696 --ahs---- c:\winnt\system32\drivers\fidbox2.idx
2009-03-15 01:40 . 2009-03-15 01:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-03-15 00:53 . 2009-04-01 00:40 <DIR> d-------- c:\programmi\Messenger Plus! Live
2009-03-15 00:53 . 2009-03-15 00:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Yahoo! Companion
2009-03-11 19:07 . 2009-03-15 00:52 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Yahoo! Companion(2)
2009-03-11 16:10 . 2009-04-01 01:05 <DIR> d-------- c:\documents and settings\Administrator\Tracing
2009-03-11 15:59 . 2009-03-11 15:59 <DIR> d-------- c:\programmi\Microsoft Silverlight
2009-03-11 15:55 . 2009-03-11 15:55 <DIR> d-------- c:\programmi\Microsoft Sync Framework
2009-03-11 15:53 . 2009-03-23 18:23 <DIR> d-------- c:\programmi\Microsoft
2009-03-08 22:51 . 2009-03-08 22:51 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-03-08 18:48 . 2009-03-15 01:18 <DIR> d-------- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-03-08 14:05 . 2008-10-16 15:06 268,648 --a------ c:\winnt\system32\mucltui.dll
2009-03-08 14:05 . 2008-10-16 15:06 208,744 --a------ c:\winnt\system32\muweb.dll
2009-03-08 14:05 . 2008-10-16 15:06 27,496 --a------ c:\winnt\system32\mucltui.dll.mui
2009-03-06 20:54 . 2009-03-06 20:54 <DIR> d-------- c:\documents and settings\Administrator\Dati applicazioni\Yahoo!
2009-03-06 19:59 . 2009-03-06 20:00 <DIR> d-------- C:\TEMP
2009-03-05 23:28 . 2005-08-28 21:51 766 --a------ c:\winnt\system32\Uninstall.ico
2009-03-04 23:14 . 2009-03-04 23:14 410,984 --a------ c:\winnt\system32\deploytk.dll
2009-03-03 21:37 . 2009-03-21 23:59 230,424 --a------ C:\img2-001.raw
2009-03-03 18:07 . 2009-03-03 23:04 <DIR> d-------- c:\documents and settings\Administrator\Dati applicazioni\CamTrack
2009-03-03 14:54 . 2009-03-03 14:54 <DIR> d-------- c:\programmi\DigitalPeers
2009-03-03 14:44 . 2009-03-03 14:44 <DIR> d-------- c:\programmi\File comuni\snp325
2009-03-03 14:44 . 2009-03-03 14:44 <DIR> d-------- c:\documents and settings\Administrator\Dati applicazioni\InstallShield
2009-03-03 14:44 . 2007-10-29 17:57 10,386,432 --a------ c:\winnt\system32\drivers\snp325.sys
2009-03-03 14:44 . 2007-05-10 14:18 835,584 --a------ c:\winnt\vsnp325.exe
2009-03-03 14:44 . 2007-04-21 10:36 270,336 --a------ c:\winnt\tsnp325.exe
2009-03-03 14:44 . 2006-04-12 13:11 147,456 --a------ c:\winnt\system32\rsnp325.dll
2009-03-03 14:44 . 2007-08-09 13:45 57,344 --a------ c:\winnt\system32\vsnp325.dll
2009-03-03 14:44 . 2007-07-11 17:09 20,480 --a------ c:\winnt\FixCamera.exe
2009-03-03 14:44 . 2004-02-27 18:36 15,498 --a------ c:\winnt\snp325.ini
2009-03-03 14:44 . 2004-02-27 18:36 13,023 --a------ c:\winnt\snp325.src
2009-03-03 14:36 . 2006-08-24 12:47 110,080 --a------ c:\winnt\system32\drivers\dptrackerd.sys
2009-03-03 14:36 . 2007-08-20 12:10 94,208 --a------ c:\winnt\amcap.exe
2009-03-03 14:36 . 2005-11-23 14:55 53,248 --a------ c:\winnt\system32\csnp325.dll
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(7)
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(6)
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(5)
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(4)
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(3)
2009-03-02 19:07 . 2009-03-02 19:07 <DIR> d-------- c:\programmi\Avanquest update(2)
2009-03-02 18:42 . 2009-03-30 12:27 <DIR> d-------- c:\programmi\foobar2000
2009-03-02 18:42 . 2009-03-02 18:42 <DIR> d-------- c:\documents and settings\Administrator\Dati applicazioni\foobar2000

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 12:28 18,104 -c--a-w c:\documents and settings\Administrator\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-03-31 22:52 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-03-31 22:45 --------- d-----w c:\documents and settings\Administrator\Dati applicazioni\skypePM
2009-03-23 23:25 --------- d-----w c:\programmi\Vodafone PC Assistant
2009-03-23 16:23 --------- d-----w c:\programmi\Windows Live
2009-03-15 00:29 33,808 ----a-w c:\winnt\system32\drivers\klbg.sys
2009-03-14 23:37 --------- d-----w c:\programmi\CCleaner
2009-03-11 17:07 --------- d-----w c:\programmi\Yahoo!
2009-03-04 21:13 --------- d-----w c:\programmi\Java
2009-03-03 12:33 --------- d-----w c:\programmi\Logitech
2009-03-02 20:53 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Skype
2009-02-15 07:39 13,873,585 ----a-w c:\winnt\Internet Logs\vsmon_on_demand_2009_02_15_08_38_38_full.dmp.zip
2009-02-09 14:04 1,846,784 -c--a-w c:\winnt\system32\win32k(2)(2).sys
2009-02-09 14:04 1,846,784 ----a-w c:\winnt\system32\win32k.sys
2009-02-09 08:47 --------- d-----w c:\programmi\File comuni\Windows Live
2009-02-06 17:52 49,504 ----a-w c:\winnt\system32\sirenacm.dll
2009-01-17 19:15 25,600 -c--a-w c:\documents and settings\Administrator\usbsermptxp.sys
2009-01-17 19:15 22,768 -c--a-w c:\documents and settings\Administrator\usbsermpt.sys
2008-12-17 12:46 271 -csh--w c:\programmi\desktop.ini
2008-12-17 12:46 22,075 -c-ha-w c:\programmi\folder.htt
2008-12-31 00:02 32,768 -csha-w c:\winnt\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008121520081222\index.dat
2008-12-31 00:02 32,768 -csha-w c:\winnt\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008123120090101\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\winnt\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"LDM"="c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-01-26 36864]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-25 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"FixCamera"="c:\winnt\FixCamera.exe" [2007-07-11 20480]
"tsnp325"="c:\winnt\tsnp325.exe" [2007-04-21 270336]
"snp325"="c:\winnt\vsnp325.exe" [2007-05-10 835584]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-03-15 201992]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"Synchronization Manager"="mobsync.exe" [2008-04-14 c:\winnt\system32\mobsync.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 c:\winnt\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [1999-12-23 c:\winnt\system32\internat.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="c:\programmi\Internet Explorer\Connection Wizard\icwconn1.exe" [2008-04-14 216576]
"tscuninstall"="c:\winnt\system32\tscupgrd.exe" [2004-08-19 44544]

c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\
CamTrack.lnk - c:\programmi\DigitalPeers\CamTrack\camtrack.exe [2009-03-03 376832]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Logitech Desktop Messenger.lnk - c:\programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-01-26 196608]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Windows Desktop Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2006-05-19 259872]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-05-19 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\winnt\system32\drivers\klbg.sys [2008-01-29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\winnt\system32\drivers\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\winnt\system32\drivers\klim5.sys [2008-03-25 24592]
R3 SNP325;USB PC Camera (SNPSTD325);c:\winnt\system32\drivers\snp325.sys [2009-03-03 10386432]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\winnt\system32\6.tmp --> c:\winnt\system32\6.tmp [?]
S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial;c:\winnt\system32\drivers\hmvmdm.sys [2009-01-21 88960]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\winnt\system32\DRIVERS\qcusbser.sys --> c:\winnt\system32\DRIVERS\qcusbser.sys [?]
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-28 c:\winnt\Tasks\OGADaily.job
- c:\winnt\system32\OGAVerify.exe []

2009-04-01 c:\winnt\Tasks\OGALogon.job
- c:\winnt\system32\OGAVerify.exe []

2008-12-18 c:\winnt\Tasks\XoftSpy.job
- c:\programmi\XoftSpy\XoftSpy.exe []
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)
SafeBoot-sglfb.sys
SafeBoot-tga.sys


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = about:blank
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-01 18:25:20
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\winnt\system32\6.tmp"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\winnt\system32\klogon.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Logitech\LVMVFM\LVPrcSrv.exe
c:\winnt\system32\scardsvr.exe
c:\winnt\system32\netdde.exe
c:\winnt\system32\sessmgr.exe
c:\winnt\system32\tlntsvr.exe
c:\winnt\system32\wdfmgr.exe
c:\winnt\system32\wbem\wmiapsrv.exe
c:\winnt\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-04-01 18:26:54 - Il pc è stato riavviato [Administrator]
ComboFix-quarantined-files.txt 2009-04-01 16:26:51

Pre-Run: 65,732,182,016 byte disponibili
Post-Run: 65,666,392,064 byte disponibili

210 --- E O F --- 2009-03-15 22:01:46
mariaaa
Newbie
 
Post: 2
Iscritto il: 01/04/09 17:34

Sponsor
 

Re: Salve, qualcuno mi può controllare combofix? Grazie

Postdi giacomodaniele » 01/04/09 18:11

riavviando che succede? :roll:
Tennessee Whiskey • 40% Alcohol by volume [80 proof] • Distilled and Bottled by Jack Daniel Distillery, Lem Motlow, Proprietor,
Route 1, Lynchburg [Pop.361], Tennessee 37352.

ASSISTENZA PC e MAC http://sharethefiles.altervista.org
giacomodaniele
Utente Junior
 
Post: 16
Iscritto il: 02/03/09 20:40


Torna a Sicurezza e Privacy


Topic correlati a "Salve, qualcuno mi può controllare combofix? Grazie":

grazie in anticipo
Autore: Tarek
Forum: Discussioni
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti