Condividi:        

Desktop Security 2010

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Desktop Security 2010

Postdi vorko61 » 04/05/10 00:00

Ciao, anzitutto mi presento, sono Giampietro e mi sono beccato il Desktop Security 2010.
Problemi a non finire, security center di WIN 7 ultimate 32 bit disattivato, pop up continui, audio disturbato.
Ecco cosa dice il log di Malwarebytes:
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Versione database: 4060

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

04/05/2010 00:43:53
mbam-log-2010-05-04 (00-43-53).txt

Tipo di scansione: Scansione completa (B:\|C:\|D:\|E:\|)
Elementi esaminati: 295730
Tempo trascorso: 2 ore, 14 minuti, 24 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 5
Valori di registro infetti: 1
Voci infette nei dati di registro: 0
Cartelle infette: 6
File infetti: 21

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71faeb41-e885-2e85-ff9d-6ee0bf6a8a84} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71faeb41-e885-2e85-ff9d-6ee0bf6a8a84} (Adware.AdRotator) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wlphmcusv7wu (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Roaming\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.

File infetti:
C:\Windows\System32\g9Xx9qlZ_.exe (Adware.EZula) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Roaming\Desktop Security 2010\mfc71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Temp\m.2275E.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Temp\test.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\0gzM8Pk3_0ECd.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

Adesso che dovrei fare secondo voi?
Ciao, e grazie...
Giampietro
vorko61
Newbie
 
Post: 4
Iscritto il: 03/05/10 23:49

Sponsor
 

Re: Desktop Security 2010

Postdi Luke57 » 04/05/10 12:27

Ciao, malwarebytes sembra chwe abbia eliminato l'infezione; hai sempre problemi?
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Desktop Security 2010

Postdi vorko61 » 09/05/10 20:57

Adesso funziona windows update, ma mi dice sempre che non posso riattivare il Firewall di win 7 e nemmeno il centro sicurezza pc windows.
Grazie,
Giampietro
vorko61
Newbie
 
Post: 4
Iscritto il: 03/05/10 23:49

Re: Desktop Security 2010

Postdi Luke57 » 10/05/10 12:47

Ciao, prova a utilizzare combofix da qui:
http://www.ilsoftware.it/querydl.asp?id=1151

qui un tutorial
http://www.ilsoftware.it/articoli.asp?id=4585&pag=1

Posta il report dello scan (C:\combofix.txt)
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Desktop Security 2010

Postdi vorko61 » 10/05/10 19:04

Sembrerebbe a posto...
Riavvio e ti dico, intanto copio e incollo il comboreport.
Ciao e grazie,
Giampietro

-----------------------------------------------------------------------------------------------------------------
ComboFix 10-05-09.08 - Administrator 10/05/2010 19:22:15.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.2046.1083 [GMT 2:00]
Eseguito da: c:\users\Administrator\Downloads\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt

.
((((((((((((((((((((((((( Files Creati Da 2010-04-10 al 2010-05-10 )))))))))))))))))))))))))))))))))))
.

2010-05-10 17:37 . 2010-05-10 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-10 17:37 . 2010-05-10 17:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-05-09 19:27 . 2010-05-09 19:27 -------- d-----w- c:\program files\MSXML 4.0
2010-05-09 18:19 . 2010-02-02 08:13 59664 --s---w- c:\windows\system32\drivers\TfSysMon.sys
2010-05-09 18:19 . 2010-02-02 08:13 33552 --s---w- c:\windows\system32\drivers\TfNetMon.sys
2010-05-09 18:19 . 2010-02-02 08:13 51984 --s---w- c:\windows\system32\drivers\TfFsMon.sys
2010-05-09 15:46 . 2010-05-09 15:46 -------- d-----w- c:\users\Administrator\AppData\Local\Threat Expert
2010-05-09 12:20 . 2010-05-09 12:20 -------- d-----w- c:\users\Administrator\AppData\Roaming\MAGIX
2010-05-09 12:10 . 2010-05-09 12:10 -------- d-----w- c:\users\Administrator\AppData\Local\Xara
2010-05-09 12:05 . 2010-05-09 12:10 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2010-05-09 12:05 . 2010-05-09 12:05 -------- d-----w- c:\program files\Common Files\xara
2010-05-09 11:55 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-05-09 11:50 . 2010-05-09 12:15 -------- d-----w- c:\program files\Common Files\MAGIX Services
2010-05-09 09:32 . 2010-05-09 09:32 63488 ----a-w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-05-09 09:32 . 2010-05-09 09:32 52224 ----a-w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-09 09:32 . 2010-05-09 09:32 117760 ----a-w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-09 09:31 . 2010-05-09 09:31 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-05-09 09:27 . 2010-05-09 09:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-05-09 09:27 . 2010-05-09 09:27 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2010-05-09 08:51 . 2010-01-21 23:21 767952 ----a-w- c:\windows\BDTSupport.dll
2010-05-09 08:51 . 2010-01-21 23:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-05-09 08:51 . 2010-01-21 23:21 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-05-09 08:51 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip
2010-05-09 08:51 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip
2010-05-09 08:51 . 2010-01-21 23:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-05-09 08:49 . 2010-02-05 07:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-05-09 08:49 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-05-09 08:49 . 2009-09-23 14:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-05-09 08:49 . 2009-10-06 14:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-05-09 08:48 . 2010-02-05 07:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-05-09 08:48 . 2010-05-10 17:32 -------- d-----w- c:\program files\Spyware Doctor
2010-05-09 08:48 . 2010-05-09 09:05 -------- d-----w- c:\programdata\PC Tools
2010-05-09 08:48 . 2010-05-09 08:52 -------- d-----w- c:\program files\Common Files\PC Tools
2010-05-09 08:48 . 2010-05-09 08:48 -------- d-----w- c:\users\Administrator\AppData\Roaming\PC Tools
2010-05-03 22:44 . 2010-05-03 22:44 323584 ---ha-w- C:\SZKGFS.dat
2010-05-03 10:29 . 2010-05-03 10:29 -------- d-----w- c:\programdata\SITEguard
2010-05-03 10:25 . 2010-05-03 10:25 -------- d-----w- c:\program files\STOPzilla!
2010-05-03 10:25 . 2010-05-03 10:25 -------- d-----w- c:\program files\Common Files\iS3
2010-05-03 10:25 . 2010-05-10 17:38 -------- d-----w- c:\programdata\STOPzilla!
2010-05-03 09:31 . 2010-05-03 09:31 110080 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{61D3AAE1-D521-4CD7-939B-37813DE8F955}\IconF7A21AF7.exe
2010-05-03 09:31 . 2010-05-03 09:31 110080 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{61D3AAE1-D521-4CD7-939B-37813DE8F955}\IconD7F16134.exe
2010-05-03 09:31 . 2010-05-03 09:31 -------- d-----w- C:\sh4ldr
2010-05-03 09:31 . 2010-05-03 09:31 -------- d-----w- c:\program files\Enigma Software Group
2010-05-03 09:15 . 2010-05-03 09:32 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
2010-05-03 09:15 . 2010-05-09 09:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-05-03 09:12 . 2010-05-03 09:12 -------- d-----w- c:\program files\NoVirusThanks
2010-05-03 08:27 . 2010-05-03 08:27 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2010-05-03 08:27 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-03 08:27 . 2010-05-03 08:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-03 08:27 . 2010-05-03 08:27 -------- d-----w- c:\programdata\Malwarebytes
2010-05-03 08:27 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-30 06:11 . 2010-04-30 06:12 -------- d-----w- c:\program files\Google
2010-04-28 06:18 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-28 06:18 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 06:18 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-22 16:19 . 2010-04-22 16:19 -------- d-----w- c:\program files\EasyPrediction
2010-04-21 17:38 . 2010-04-21 18:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\GSplit
2010-04-21 17:38 . 2010-04-21 17:38 -------- d-----w- c:\program files\GSplit
2010-04-20 18:12 . 2010-04-20 18:12 -------- d-----w- c:\program files\Toucan
2010-04-20 18:08 . 2010-04-20 18:08 -------- d-----w- c:\program files\Conduit
2010-04-20 18:08 . 2010-04-20 18:08 -------- d-----w- c:\program files\Softonic-IT
2010-04-20 18:08 . 2010-05-09 15:28 -------- d-----w- c:\users\Administrator\AppData\Roaming\TeraCopy
2010-04-20 18:08 . 2010-03-18 18:48 101376 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\m8kqc0fy.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
2010-04-20 18:08 . 2010-03-18 18:48 52224 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\m8kqc0fy.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
2010-04-20 18:08 . 2010-04-20 18:08 -------- d-----w- c:\program files\TeraCopy
2010-04-20 08:32 . 2010-04-20 08:32 -------- d-----w- c:\windows\Sun
2010-04-16 16:59 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-16 16:59 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-16 16:59 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-16 16:59 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-16 16:59 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-16 16:59 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-16 16:59 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-16 16:58 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-13 06:23 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-13 06:20 . 2010-05-03 10:45 -------- d-----w- c:\program files\DAEMON Tools Lite

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-10 17:36 . 2010-05-10 17:13 3456 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-05-10 17:22 . 2010-05-10 17:19 168 ----a-w- c:\windows\system32\drivers\kgpfr2.cfg
2010-05-10 17:11 . 2010-03-18 09:12 -------- d-----w- c:\users\Administrator\AppData\Roaming\Tor
2010-05-10 17:11 . 2010-03-18 09:12 -------- d-----w- c:\users\Administrator\AppData\Roaming\Vidalia
2010-05-09 19:20 . 2010-03-21 11:58 88464 ----a-w- c:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-09 15:23 . 2010-03-29 11:42 1 ----a-w- c:\users\Administrator\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-09 12:18 . 2010-05-09 12:04 -------- d-----w- c:\programdata\MAGIX
2010-05-09 11:56 . 2009-07-14 08:21 689234 ----a-w- c:\windows\system32\perfh010.dat
2010-05-09 11:56 . 2009-07-14 08:21 124420 ----a-w- c:\windows\system32\perfc010.dat
2010-05-09 09:00 . 2010-03-19 20:19 -------- d-----w- c:\program files\Steam
2010-05-06 20:59 . 2010-03-11 22:28 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2010-03-11 22:30 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2010-03-11 22:30 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2010-03-11 22:30 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:34 . 2010-03-11 22:30 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-06 20:33 . 2010-03-11 22:30 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-03 07:19 . 2010-03-18 13:20 -------- d-----w- c:\users\Administrator\AppData\Roaming\FileZilla
2010-04-22 13:06 . 2010-03-18 09:02 -------- d-----w- c:\program files\CCleaner
2010-04-14 16:47 . 2010-03-11 22:28 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-12 07:10 . 2010-03-18 13:20 -------- d-----w- c:\program files\FileZilla FTP Client
2010-04-02 11:00 . 2010-04-02 11:00 -------- d-----w- c:\programdata\FLEXnet
2010-04-02 10:49 . 2010-03-21 14:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-02 10:48 . 2010-04-02 10:48 -------- d-----w- c:\program files\Adobe Media Player
2010-04-02 10:46 . 2010-04-02 10:46 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-02 10:43 . 2010-04-02 10:43 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-04-01 23:04 . 2010-04-01 23:04 -------- d-----w- c:\users\Administrator\AppData\Roaming\Apple Computer
2010-04-01 09:26 . 2010-04-01 09:26 -------- d-----w- c:\program files\Sonic Foundry
2010-04-01 09:20 . 2010-04-01 09:20 -------- d-----w- c:\program files\QuickTime
2010-04-01 09:20 . 2010-04-01 09:20 -------- d-----w- c:\programdata\Apple Computer
2010-04-01 09:19 . 2010-04-01 09:19 -------- d-----w- c:\program files\Common Files\Apple
2010-04-01 09:19 . 2010-04-01 09:19 -------- d-----w- c:\program files\Apple Software Update
2010-04-01 09:19 . 2010-04-01 09:19 -------- d-----w- c:\programdata\Apple
2010-03-31 19:54 . 2010-03-11 23:00 -------- d-----w- c:\users\Administrator\AppData\Roaming\Sony
2010-03-31 19:45 . 2010-03-12 22:56 -------- d-----w- c:\programdata\Sony
2010-03-31 19:45 . 2010-03-12 22:55 -------- d-----w- c:\program files\Sony
2010-03-31 17:47 . 2010-03-14 01:04 -------- d-----w- c:\users\Administrator\AppData\Roaming\DAEMON Tools Lite
2010-03-31 15:56 . 2010-03-31 15:56 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-03-31 15:56 . 2010-03-31 15:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-03-31 15:56 . 2010-03-31 15:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-03-31 15:56 . 2010-03-31 15:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-03-31 15:56 . 2010-03-31 15:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-03-31 15:56 . 2010-03-31 15:56 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-03-31 15:56 . 2010-03-31 15:56 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-03-31 15:56 . 2010-03-31 15:56 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-03-31 15:56 . 2010-03-18 12:48 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-03-31 15:56 . 2010-03-18 12:46 -------- d-----w- c:\program files\Common Files\Real
2010-03-31 15:56 . 2010-03-18 12:46 -------- d-----w- c:\program files\Real
2010-03-31 15:55 . 2010-03-31 15:55 -------- d-----w- c:\program files\Common Files\xing shared
2010-03-31 09:07 . 2010-03-31 09:07 -------- d-----w- c:\program files\AVSMedia
2010-03-30 12:01 . 2010-03-30 12:01 443912 ----a-w- c:\users\Administrator\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-03-29 11:42 . 2010-03-29 11:42 -------- d-----w- c:\users\Administrator\AppData\Roaming\OpenOffice.org
2010-03-29 11:36 . 2010-03-29 11:36 -------- d-----w- c:\program files\JRE
2010-03-29 11:36 . 2010-03-29 11:36 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-29 11:36 . 2010-03-29 11:36 -------- d-----w- c:\program files\Common Files\Java
2010-03-29 11:35 . 2010-03-29 11:36 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-29 11:35 . 2010-03-29 11:35 -------- d-----w- c:\program files\Java
2010-03-28 22:07 . 2010-03-28 22:04 -------- d-----w- c:\program files\CA Yahoo! Anti-Spy
2010-03-28 22:04 . 2010-03-28 22:04 -------- d-----w- c:\program files\Common Files\Scanner
2010-03-27 00:56 . 2010-03-27 00:56 173742 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{A251CCAC-CCFF-4C1D-8C70-796BECC46682}\_E0D780136897F858934443.exe
2010-03-27 00:56 . 2010-03-27 00:56 173742 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{A251CCAC-CCFF-4C1D-8C70-796BECC46682}\_6FEFF9B68218417F98F549.exe
2010-03-27 00:56 . 2010-03-27 00:56 173742 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{A251CCAC-CCFF-4C1D-8C70-796BECC46682}\_33552B5ED9CFAA7E00AF65.exe
2010-03-27 00:56 . 2010-03-27 00:56 -------- d-----w- c:\program files\SameerSite.com
2010-03-26 14:58 . 2010-03-18 09:02 -------- d-----w- c:\programdata\Yahoo! Companion
2010-03-26 14:58 . 2010-03-26 14:58 -------- d-----w- c:\programdata\Yahoo!
2010-03-26 14:58 . 2010-03-18 09:02 -------- d-----w- c:\program files\Yahoo!
2010-03-19 20:57 . 2010-03-19 20:57 -------- d-----w- c:\programdata\Sports Interactive
2010-03-19 20:57 . 2010-03-19 20:57 -------- d-----w- c:\users\Administrator\AppData\Roaming\Sports Interactive
2010-03-19 20:20 . 2010-03-19 20:19 -------- d--h--w- c:\program files\Zero G Registry
2010-03-19 20:20 . 2010-03-19 20:20 -------- d-----w- c:\program files\Common Files\Steam
2010-03-19 20:19 . 2010-03-19 20:19 -------- d-----w- c:\program files\Sports Interactive
2010-03-18 22:49 . 2010-03-18 14:09 -------- d-----w- c:\program files\CDex
2010-03-18 12:46 . 2009-07-14 11:04 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-18 12:46 . 2009-07-14 11:04 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-18 12:25 . 2010-03-18 12:25 -------- d-----w- c:\programdata\eMule AdunanzA
2010-03-18 12:25 . 2010-03-18 12:24 -------- d-----w- c:\program files\eMule AdunanzA
2010-03-18 12:24 . 2010-03-18 12:24 -------- d-----w- c:\users\Administrator\AppData\Roaming\eMule AdunanzA
2010-03-18 09:12 . 2010-03-18 09:12 -------- d-----w- c:\program files\Vidalia Bundle
2010-03-18 09:07 . 2010-03-18 09:07 0 ----a-w- c:\windows\nsreg.dat
2010-03-18 09:02 . 2010-03-18 09:02 -------- d-----w- c:\users\Administrator\AppData\Roaming\Yahoo!
2010-03-14 01:04 . 2010-03-14 01:04 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-03-13 09:58 . 2010-03-13 09:23 -------- d-----w- c:\users\Administrator\AppData\Roaming\BitTorrent
2010-03-13 09:23 . 2010-03-13 09:23 -------- d-----w- c:\program files\BitTorrent
2010-03-12 22:49 . 2010-03-12 22:49 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-11 23:00 . 2010-03-11 23:00 -------- d-----w- c:\program files\VSTplugins
2010-03-11 23:00 . 2010-03-11 23:00 -------- d-----w- c:\users\Administrator\AppData\Roaming\Publish Providers
2010-03-11 22:53 . 2010-03-11 09:45 -------- d-----w- c:\program files\EASEUS
2010-03-11 22:46 . 2010-03-11 22:46 -------- d-----w- c:\program files\WizardRecovery
2010-03-11 22:28 . 2010-03-11 22:28 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2010-03-11 22:28 . 2010-03-11 22:28 -------- d-----w- c:\programdata\Alwil Software
2010-03-11 22:28 . 2010-03-11 22:28 -------- d-----w- c:\program files\Alwil Software
2010-03-11 08:59 . 2010-03-11 08:59 319488 ----a-w- c:\windows\HideWin.exe
2010-03-05 16:16 . 2010-03-05 16:16 17408 ----a-r- c:\windows\system32\SZIO5.dll
2010-03-05 16:14 . 2010-03-05 16:14 442368 ----a-r- c:\windows\system32\SZBase5.dll
2010-03-05 16:13 . 2010-03-05 16:13 540672 ----a-r- c:\windows\system32\SZComp5.dll
2010-02-24 13:06 . 2010-02-24 13:06 173328 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2010-02-24 08:16 . 2010-03-11 07:48 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 07:56 . 2010-04-01 08:10 977920 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\program files\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3393495-8103-46a0-8181-270273eddd60}]
2010-03-17 13:45 2355224 ----a-w- c:\program files\Softonic-IT\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\program files\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E3393495-8103-46A0-8181-270273EDDD60}"= "c:\program files\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Vidalia"="c:\program files\Vidalia Bundle\Vidalia\vidalia.exe" [2010-02-28 5344807]
"Google Update"="c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-05-06 2815192]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-01-18 1286608]
"TrayServer"="e:\program files\MAGIX\Video_deluxe_16_Plus_Download-Version\TrayServer.exe" [2008-08-18 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 13:21 246504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-05-06 15:04 2017280 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-31 15:55 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-07 61328]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-19 136176]
R3 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2009-12-02 15240]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2010-02-05 233136]
R4 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [2010-02-05 70408]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2009-12-02 27016]
S0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [2009-12-02 21896]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-09-23 207280]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-12-07 61328]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [2010-02-24 173328]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-06 68168]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-21 112592]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-05-06 1220608]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-12-09 365280]
S3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\DRIVERS\EuDisk.sys [2009-12-02 123784]

.
Contenuto della cartella 'Scheduled Tasks'

2010-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 21:54]

2010-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 21:54]

2010-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2860995443-3962458371-3971910800-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19 21:54]

2010-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2860995443-3962458371-3971910800-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19 21:54]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\m8kqc0fy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch ... ps&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage| ... oloxix.it/
FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch ... ps&search=
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\m8kqc0fy.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
FF - component: c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\m8kqc0fy.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Administrator\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-Locked - (no file)


.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,c0,f6,3d,c4,8e,96,45,92,f1,cc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,c0,f6,3d,c4,8e,96,45,92,f1,cc,\

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AVI"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="rtffile"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-2860995443-3962458371-3971910800-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2010-05-10 19:46:30
ComboFix-quarantined-files.txt 2010-05-10 17:46

Pre-Run: 26.876.682.240 byte disponibili
Post-Run: 26.485.850.112 byte disponibili

- - End Of File - - 4190C5985A2C56A87E10853568B381A1
vorko61
Newbie
 
Post: 4
Iscritto il: 03/05/10 23:49

Re: Desktop Security 2010

Postdi Luke57 » 10/05/10 23:21

Ciao, vai qui:
http://www.virustotal.com/it/

Fai analizzare questo file
C:\SZKGFS.dat

posta il report dell'analisi
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Desktop Security 2010

Postdi vorko61 » 11/05/10 19:12

File SZKGFS.dat ricevuto il 2010.05.11 18:08:19 (UTC)
Stato corrente: Carico ... in coda attesa scansione finito NON TROVATO INTERROTTO
Risultato: 0/41 (0%)
Carico informazioni server...
Il tuo file è in coda in posizione: 1.
Tempo stimato inizio tra 38 e 55 secondi.
Non chiudere la finestra fino al termine della scansione.
Lo scanner che stava processando il tuo file si è fermato in questo momento, stiamo aspettando alcuni secondi per tentare di recuperare i tuoi risultati.
Se stai aspettando da più di cinque minuti devi rimandare il tuo file.
VirusTotal sta controllando il tuo file in questo momento,
i risultati saranno visualizzati mentre vengono generati.
Formattato Formattato
Stampa risultati Stampa risultati
Il tuo file è scaduto o non esiste.
Il servizio è fermo in questo momento, il tuo file sta aspettando di essere controllato (posizione: ) da un tempo indefinito.

Puoi aspettare la risposta sul web (ricarico automatico) o digitare il tuo indirizzo email nel riquadro qui sotto e premere "richiesta" così il sistema ti invierà una notifica al termine della scansione.
Email:

Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.11.00 2010.05.10 -
AntiVir 8.2.1.236 2010.05.11 -
Antiy-AVL 2.0.3.7 2010.05.11 -
Authentium 5.2.0.5 2010.05.11 -
Avast 4.8.1351.0 2010.05.11 -
Avast5 5.0.332.0 2010.05.11 -
AVG 9.0.0.787 2010.05.11 -
BitDefender 7.2 2010.05.11 -
CAT-QuickHeal 10.00 2010.05.11 -
ClamAV 0.96.0.3-git 2010.05.11 -
Comodo 4824 2010.05.11 -
DrWeb 5.0.2.03300 2010.05.11 -
eSafe 7.0.17.0 2010.05.10 -
eTrust-Vet 35.2.7479 2010.05.11 -
F-Prot 4.5.1.85 2010.05.11 -
F-Secure 9.0.15370.0 2010.05.11 -
Fortinet 4.1.133.0 2010.05.11 -
GData 21 2010.05.11 -
Ikarus T3.1.1.84.0 2010.05.11 -
Jiangmin 13.0.900 2010.05.11 -
Kaspersky 7.0.0.125 2010.05.11 -
McAfee 5.400.0.1158 2010.05.11 -
McAfee-GW-Edition 2010.1 2010.05.11 -
Microsoft 1.5703 2010.05.11 -
NOD32 5106 2010.05.11 -
Norman 6.04.12 2010.05.11 -
nProtect 2010-05-11.01 2010.05.11 -
Panda 10.0.2.7 2010.05.11 -
PCTools 7.0.3.5 2010.05.11 -
Prevx 3.0 2010.05.11 -
Rising 22.47.01.04 2010.05.11 -
Sophos 4.53.0 2010.05.11 -
Sunbelt 6290 2010.05.11 -
Symantec 20101.1.0.89 2010.05.11 -
TheHacker 6.5.2.0.279 2010.05.11 -
TrendMicro 9.120.0.1004 2010.05.11 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.11 -
VBA32 3.12.12.4 2010.05.11 -
ViRobot 2010.5.11.2310 2010.05.11 -
VirusBuster 5.0.27.0 2010.05.11 -
Informazioni addizionali
File size: 323584 bytes
MD5...: f2cd63713556d1cac500acabf824cb48
SHA1..: 0ab292e3790ea7c4c05228a39eb394e6ee876b01
SHA256: 7e39d2ffd4f1f1ad0c4139e075ffd0537e5b3d16ea89f4587122c94af7921b2e
ssdeep: 1536:ccCKIg9rm2Ov89SZGraRgC7OxbckOTBIM5nNS+zF:cKr089SZGkGTOT68
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
vorko61
Newbie
 
Post: 4
Iscritto il: 03/05/10 23:49


Torna a Sicurezza e Privacy


Topic correlati a "Desktop Security 2010":


Chi c’è in linea

Visitano il forum: Nessuno e 27 ospiti