PROBLEMA Cos'è? xD

A z u r e · 5 Giugno 2012

http://www.cantilux.net/files7/2217250622.png
Potete aiutarmi a rimuovere quel programma lì? lol Non so cosa sia ed è abbastanza fastidioso, potrebbe essere un potenziale backdoor o virus?

Ecco qua i log di Hijackthis

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:39:35, on 05/06/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\update\Update.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Utente\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Utente\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Windows\SysWOW64\softLCP.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files (x86)\alaplaya\S4League\HGWC.exe
C:\Program Files (x86)\alaplaya\S4League\Xtrap\Xtrap.xt
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Utente\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-245917037-1495290580-4204517428-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-245917037-1495290580-4204517428-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @Keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: softOSD - EnTech Taiwan - C:\Program Files (x86)\softOSD\softOSD.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

-Glider- · 6 Giugno 2012

Il log è pulito...quella finestra ti compare anche se non avvii il gioco?? Potrebbe essersi installato insieme ad S4League...forse è Akamai / Hamachi???

Che nome ha la finestra/processo??

Prova a lanciare una scansione con Malwarebytes http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html

Ciao:ok:

A z u r e · 7 Giugno 2012

C'è anche quando il gioco non è aperto, sapessi dirti come si chiama lol

---------- Post added at 00:34 ---------- Previous post was at 00:23 ----------

ComboFix 12-06-06.02 - Utente 07/06/2012 0:28.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.16365.13288 [GMT 2:00]
Eseguito da: c:\users\Utente\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\TheBflix
c:\programdata\TheBflix\background.html
c:\programdata\TheBflix\bhoclass.dll
c:\programdata\TheBflix\content.js
c:\programdata\TheBflix\opnkkfjdnhgkjefnnohgfackfninikjo.crx
c:\programdata\TheBflix\settings.ini
c:\users\Utente\AppData\Roaming\Share
c:\users\Utente\AppData\Roaming\Share\apps\BFEF3C3350F6D83F52C6AF9E6B62A1F0C72EC025.btapp
c:\users\Utente\AppData\Roaming\Share\dht.dat
c:\users\Utente\AppData\Roaming\Share\dht.dat.old
c:\users\Utente\AppData\Roaming\Share\dht_feed.dat
c:\users\Utente\AppData\Roaming\Share\dht_feed.dat.old
c:\users\Utente\AppData\Roaming\Share\dlimagecache\10E6FBE4D921B475FA5FEC6E9A535A540D6FEED1
c:\users\Utente\AppData\Roaming\Share\ie\ie.1333216875.tmp
c:\users\Utente\AppData\Roaming\Share\ie\ie.1333216886.tmp
c:\users\Utente\AppData\Roaming\Share\ie\ie.1338391713.tmp
c:\users\Utente\AppData\Roaming\Share\resume.dat
c:\users\Utente\AppData\Roaming\Share\resume.dat.old
c:\users\Utente\AppData\Roaming\Share\resume_dir\global_resume.dat
c:\users\Utente\AppData\Roaming\Share\resume_dir\global_resume.dat.old
c:\users\Utente\AppData\Roaming\Share\rss.dat
c:\users\Utente\AppData\Roaming\Share\rss.dat.old
c:\users\Utente\AppData\Roaming\Share\settings.dat
c:\users\Utente\AppData\Roaming\Share\settings.dat.old
c:\users\Utente\AppData\Roaming\Share\share.lng
c:\windows\SysWow64\local.txt
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-06 al 2012-06-06 )))))))))))))))))))))))))))))))))))
.
.
2012-06-06 22:30 . 2012-06-06 22:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-06 22:30 . 2012-06-06 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-05 18:39 . 2012-06-05 18:39 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-05 08:00 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A6BAB75C-95B9-47DC-8C21-C032B04CF7C7}\mpengine.dll
2012-06-02 21:51 . 2012-06-02 22:03 -------- d-----w- c:\program files (x86)\The Elder Scrolls V Skyrim
2012-06-02 21:49 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2012-06-02 21:49 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2012-06-02 21:49 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2012-06-02 21:49 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-06-02 21:49 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2012-06-02 21:49 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2012-06-02 19:38 . 2012-06-02 19:38 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-02 19:38 . 2012-06-03 12:14 -------- d-----w- c:\users\Utente\AppData\Roaming\DAEMON Tools Lite
2012-06-02 19:38 . 2012-06-02 19:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-06-02 19:37 . 2012-06-02 21:46 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-06-02 19:09 . 2012-06-02 19:11 -------- d-----w- C:\cc35f78dec4aa4ac45d00e4ffa
2012-06-02 18:56 . 2012-06-02 18:56 -------- d-----w- c:\users\Utente\AppData\Local\Skyrim
2012-06-02 18:50 . 2012-06-02 19:01 -------- d-----w- c:\program files (x86)\skyrim
2012-05-31 20:55 . 2012-05-31 21:03 -------- d-----w- c:\users\Utente\AppData\Roaming\tor
2012-05-31 15:49 . 2012-05-31 15:49 -------- d-----w- c:\users\Utente\AppData\Roaming\Apple Computer
2012-05-30 18:26 . 2012-05-30 18:26 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-05-30 18:25 . 2012-05-30 18:25 -------- d-----w- c:\program files (x86)\Oracle
2012-05-30 18:25 . 2012-04-04 16:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-30 18:25 . 2012-05-30 18:25 -------- d-----w- c:\program files (x86)\Java
2012-05-30 16:35 . 2012-05-30 16:58 -------- d-----w- c:\users\Utente\AppData\Local\LooksBuilder
2012-05-30 16:34 . 2012-05-30 16:34 -------- d-----w- c:\users\Utente\AppData\Roaming\Red Giant Link
2012-05-30 16:34 . 2012-05-30 16:34 -------- d-----w- c:\program files (x86)\LooksBuilder
2012-05-30 16:34 . 2012-05-30 16:34 -------- d-----w- c:\program files (x86)\Red Giant Link
2012-05-30 16:33 . 2012-05-30 16:33 -------- d-----w- c:\programdata\RedGiant
2012-05-30 16:31 . 2012-05-30 16:31 -------- d-----w- c:\users\Utente\AppData\Local\Downloaded Installations
2012-05-30 16:12 . 2012-05-30 16:12 -------- d-----w- C:\adobeTemp
2012-05-30 15:29 . 2012-05-30 15:29 -------- d-----w- c:\users\Utente\AppData\Local\uTorrent
2012-05-29 20:29 . 2012-05-29 20:29 -------- d-----w- c:\windows\system32\appmgmt
2012-05-20 15:14 . 2012-05-20 15:24 -------- d-----w- c:\users\Utente\AppData\Roaming\TeamViewer
2012-05-20 15:09 . 2012-05-20 15:09 -------- d-----w- c:\program files (x86)\TeamViewer
2012-05-20 13:39 . 2012-05-20 13:39 -------- d-----w- c:\users\Utente\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-05-20 13:35 . 2012-05-30 16:13 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-05-20 13:33 . 2012-05-30 16:11 -------- d-----w- c:\program files\Common Files\Adobe
2012-05-20 13:31 . 2012-05-20 13:34 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-05-14 18:52 . 2012-05-14 18:52 -------- d-----w- c:\users\Utente\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-05-14 18:52 . 2012-05-14 18:52 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-05-14 18:52 . 2012-05-14 18:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-05-14 18:51 . 2012-05-21 04:14 -------- d-----w- c:\users\Utente\AppData\Local\Adobe
2012-05-14 18:47 . 2012-05-14 18:47 -------- d-----w- C:\update
2012-05-14 17:57 . 2012-06-03 17:21 -------- d-----w- C:\uwu
2012-05-13 19:12 . 2012-05-13 19:12 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 19:12 . 2012-05-13 19:12 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-13 10:10 . 2012-05-13 10:10 -------- d-----w- c:\users\Utente\AppData\Roaming\NVIDIA
2012-05-12 22:01 . 2012-05-12 22:01 -------- d-----w- c:\users\Public\Games
2012-05-11 22:15 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 22:15 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 22:15 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 22:15 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 22:15 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 22:15 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 22:14 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 22:14 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 20:49 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 20:49 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 20:49 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 20:49 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-11 20:49 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 13:39 . 2012-05-08 13:39 -------- d-----w- c:\program files\CPUID
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 11:11 . 2012-03-29 18:16 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 11:11 . 2012-03-29 18:16 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 11:11 . 2012-04-14 07:11 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-12 11:09 . 2012-04-12 11:09 4894208 ----a-w- c:\windows\system32\LS3Renderer_x64.dll
2012-04-04 16:47 . 2012-03-31 16:09 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-31 17:54 . 2011-03-28 16:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-30 16:20 . 2012-03-26 19:12 1111088 ----a-w- c:\windows\PE_Rom.dll
2012-03-29 14:35 . 2012-03-29 14:35 53248 ----a-r- c:\users\Utente\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-03-29 14:35 . 2012-03-29 14:35 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-03-26 15:32 . 2012-03-26 15:32 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-26 15:32 . 2012-03-26 15:32 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-26 15:32 . 2012-03-26 15:32 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-26 15:32 . 2012-03-26 15:32 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-26 15:32 . 2012-03-26 15:32 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-26 15:32 . 2012-03-26 15:32 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-26 15:32 . 2012-03-26 15:32 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-26 15:32 . 2012-03-26 15:32 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-26 15:32 . 2012-03-26 15:32 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-26 15:32 . 2012-03-26 15:32 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-26 15:32 . 2012-03-26 15:32 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-26 15:32 . 2012-03-26 15:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-26 15:32 . 2012-03-26 15:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-26 15:32 . 2012-03-26 15:32 448512 ----a-w- c:\windows\system32\html.iec
2012-03-26 15:32 . 2012-03-26 15:32 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-26 15:32 . 2012-03-26 15:32 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-26 15:32 . 2012-03-26 15:32 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-26 15:32 . 2012-03-26 15:32 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-26 15:32 . 2012-03-26 15:32 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-26 15:32 . 2012-03-26 15:32 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-26 15:32 . 2012-03-26 15:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-26 15:32 . 2012-03-26 15:32 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-26 15:32 . 2012-03-26 15:32 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-26 15:32 . 2012-03-26 15:32 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-26 15:32 . 2012-03-26 15:32 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-26 15:32 . 2012-03-26 15:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-26 15:32 . 2012-03-26 15:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-26 15:32 . 2012-03-26 15:32 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-26 15:32 . 2012-03-26 15:32 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-26 15:32 . 2012-03-26 15:32 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-26 15:32 . 2012-03-26 15:32 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-26 15:32 . 2012-03-26 15:32 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-26 15:32 . 2012-03-26 15:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-26 15:32 . 2012-03-26 15:32 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-14 16:23 . 2012-03-14 16:23 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-03-14 16:22 . 2012-03-14 16:22 166192 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-03-14 16:22 . 2012-03-30 16:38 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-03-14 16:22 . 2012-03-14 16:22 117040 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2012-03-14 16:22 . 2012-03-30 16:39 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-14 16:22 . 2012-03-14 16:22 320816 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-03-12 18:56 . 2012-03-12 18:56 947472 ----a-w- c:\windows\SysWow64\msjava.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"Akamai NetSession Interface"="c:\users\Utente\AppData\Local\Akamai\netsession_win.exe" [2012-05-07 3331872]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-03-29 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-05-20 36864]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\se64a.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servizio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-26 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-26 136176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 X6va006;X6va006;c:\users\Utente\AppData\Local\Temp\00681A6.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 se64a;EnTech softEngine;c:\windows\system32\Drivers\se64a.sys [2007-05-03 14032]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 softOSD;softOSD;c:\program files (x86)\softOSD\softOSD.exe [2010-12-18 291384]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9558eee-ace6-11e1-abd2-5404a69500d1}]
\shell\AutoRun\command - E:\INSTALL.EXE
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 11:11]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-26 18:37]
.
2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-26 18:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"update"="c:\update\update.exe" [2012-05-14 47104]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\Utente\AppData\Local\Temp\00681A6.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @DenieD: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\windows\SysWOW64\softLCP.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
c:\program files (x86)\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Ora fine scansione: 2012-06-07 00:33:00 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-06-06 22:33
.
Pre-Run: 25.742.635.008 byte disponibili
Post-Run: 25.556.500.480 byte disponibili
.
- - End Of File - - 7ADE8C883D77BD613B574FAF9F8E37F4

Fatta scansione con Combofix

intel9 · 7 Giugno 2012

Prova a istallare malwarebyte's e fai una scansione completa. Successivamente posta il log sul sito!

Ti lascio la destrizione tratta dal sito Tom's Hardware http://www.tomshw.it/forum/sicurezza/220749-ripulire-un-computer-infetto-leggere-prima-di-postare.html

Malwarebytes:
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
MalwareBytes è un potente software che vi permetterà di rimuovere in modo semplice eventuali infezioni presenti sul vostro pc.
Scaricarlo dal link e installarlo , quindi vi troverete qui:

● Effettuare l'aggiornamento dei database virali : fondamentali per l'individuazione dei virus che vengono creati giorno dopo giorno.
● Effettuare una scansione completa del sistema
● Lasciate lavorare il programma e al termine delle operazioni vi mostrerà eventuali infezioni:

● Assicurarsi che tutte le infezioni siano spuntate e cliccare in basso su Rimuovi gli elementi Selezionati.

A z u r e · 7 Giugno 2012

Ho risolto, non so come, ma ho risolto, ieri notte facevo la scansione dei malware, ed ho dovuto spegnere perché era tardi, oggi accendo il pc e il coso è sparito. Grazie :3

PROBLEMA Cos'è? xD

A z u r e

Utente Attivo

-Glider-

Utente Attivo

A z u r e

Utente Attivo

intel9

Utente Attivo

A z u r e

Utente Attivo