HELP VIRUS SOSPETTO

calamityjade · 31-05-2013, 02:07

Ciao a tutti, non sono nuova, sono la vecchia jadepunk, giuro erano da anni che non mi capitavano problemi con il pc, vi elenco i miei problemi e cosa penso sia (beagle)..poi mi direte voi 'esperti' meglio...

uso come browser predef. chrome ma da qualche settimana non riesco assolutamente a togliere l'estensione Qvo6 che mi appare come pagina iniziale.

anti virus AVG completamente bloccato, non si aggiorna non si disinstalla

apertura continua di finestre mentre navigo.

ho provato ad installare elibeagle ma nulla...

combofix nulla...non parte una cippa... che mi consigliate???

calamityjade · 31-05-2013, 10:51

rieccoci..

sono riuscita a far partire combofix non mi apriva nemmeno il download,

vi posto il log:

Quote:

ComboFix 13-05-30.02 - owner 31/05/2013 3:10.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1033.18.3935.2543 [GMT 2:00]
Eseguito da: c:\users\owner\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\program files (x86)\Common Files\337
c:\program files (x86)\Common Files\337\libcef\1.1364.1123\icudt.dll
c:\program files (x86)\Common Files\337\libcef\1.1364.1123\libcef.dll
c:\program files (x86)\Common Files\337\libcef\1.1364.1123\locales\en-US.pak
c:\program files (x86)\OfferBox
c:\program files (x86)\OfferBox\language.xml
c:\program files (x86)\OfferBox\OfferBox.exe
c:\program files (x86)\OfferBox\OfferBoxHTTPProxy.exe
c:\program files (x86)\OfferBox\uninstaller.exe
c:\program files (x86)\WinRAR\Leggimi.Txt
c:\program files (x86)\WinRAR\Leggimi_1a.Txt
c:\program files (x86)\WinRAR\Licenza.Txt
c:\program files (x86)\WinRAR\NoteTecniche.Txt
c:\program files (x86)\WinRAR\Ordin.htm
c:\program files (x86)\WinRAR\Ordina.htm
c:\program files (x86)\WinRAR\SorgUnRAR.Txt
c:\users\owner\AppData\Local\lollipop
c:\users\owner\AppData\Local\lollipop\logo.ico
c:\users\owner\AppData\Local\lollipop\lollipop_05281312.bat
c:\users\owner\AppData\Local\lollipop\lollipop_05281312.exe
c:\users\owner\AppData\Local\lollipop\lollipop_05281312.lpd
c:\users\owner\AppData\Local\lollipop\lollipop_05281312_cfg.lpd
c:\users\owner\AppData\Local\lollipop\lollipop_05281312_ps.lpd
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\chrome.manifest
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\funmoods.css
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\funmoods.xul
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\images\pref.jpg
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\arwDwn.gif
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ae.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\bg.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ch.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cn.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cz.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\de.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\eg.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\en.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\es.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\fr.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\gr.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\he.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\il.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\it.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ja.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\jp.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\nl.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\no.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pl.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pt.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ro.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ru.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sa.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\se.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sv.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\tr.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ua.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\us.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\help_16.gif
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\home.gif
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\logo.png
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\privecy_16_hot.gif
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\imgs\tellafriend.gif
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\loader.xul
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\mtstart.js
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\preferences.xul
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\content\tmplt.js
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\install.rdf
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf
c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com\META-INF\manifest.mf
c:\users\owner\AppData\Roaming\OfferBox
c:\users\owner\AppData\Roaming\OfferBox\config.dat
c:\users\owner\AppData\Roaming\OfferBox\config.xml
c:\users\owner\AppData\Roaming\OfferBox\sdch\1362601861
c:\users\owner\AppData\Roaming\OfferBox\temp.ico
.
.
((((((((((((((((((((((((( Files Creati Da 2013-04-28 al 2013-05-31 )))))))))))))))))))))))))))))))))))
.
.
2013-05-31 01:28 . 2013-05-31 01:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-31 00:48 . 2013-05-31 00:48 -------- d-----w- c:\programdata\Malwarebytes
2013-05-31 00:48 . 2013-05-31 00:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-18 14:49 . 2013-05-19 08:29 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-05-16 10:54 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 10:54 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 10:54 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 10:53 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-16 10:53 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-16 10:53 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-16 10:53 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-16 10:53 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-16 10:53 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-16 10:53 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-16 10:53 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-16 10:53 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-11 16:20 . 2013-05-11 16:20 -------- d-----w- c:\program files (x86)\MyPcCleaner
2013-05-11 16:19 . 2013-05-11 16:19 -------- d-----w- c:\users\owner\AppData\Local\Updater12765
2013-05-11 16:19 . 2013-05-11 16:19 -------- d-----w- c:\users\owner\AppData\Local\Savings Wave
2013-05-11 16:19 . 2013-05-11 16:19 -------- d-----w- c:\program files (x86)\Savings Wave
2013-05-11 16:18 . 2013-05-11 16:18 -------- d-----w- c:\program files (x86)\Nosibay
2013-05-11 15:22 . 2013-05-18 14:44 -------- d-----w- c:\users\owner\AppData\Roaming\Nosibay
2013-05-09 16:15 . 2013-05-09 16:15 -------- d-----w- c:\programdata\Softland
2013-05-09 16:14 . 2013-05-09 16:14 -------- d-----w- c:\users\owner\AppData\Roaming\Softland
2013-05-09 16:03 . 2013-05-30 22:25 -------- d-----w- c:\programdata\eSafe
2013-05-09 15:49 . 2013-05-29 10:25 -------- d-----w- c:\users\owner\AppData\Roaming\eIntaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-21 14:50 . 2012-10-04 11:00 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-05-16 12:47 . 2009-11-20 16:34 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-12 14:24 . 2012-07-17 06:27 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 01:24 . 2013-05-01 01:24 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-01 01:24 . 2013-05-01 01:24 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-01 01:24 . 2013-05-01 01:24 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-01 01:24 . 2013-05-01 01:24 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 01:24 . 2013-05-01 01:24 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 01:24 . 2013-05-01 01:24 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-01 01:24 . 2013-05-01 01:24 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-01 01:24 . 2013-05-01 01:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-01 01:24 . 2013-05-01 01:24 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-01 01:24 . 2013-05-01 01:24 441856 ----a-w- c:\windows\system32\html.iec
2013-05-01 01:24 . 2013-05-01 01:24 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-01 01:24 . 2013-05-01 01:24 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-01 01:24 . 2013-05-01 01:24 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-01 01:24 . 2013-05-01 01:24 235008 ----a-w- c:\windows\system32\url.dll
2013-05-01 01:24 . 2013-05-01 01:24 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-01 01:24 . 2013-05-01 01:24 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-01 01:24 . 2013-05-01 01:24 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-01 01:24 . 2013-05-01 01:24 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-01 01:24 . 2013-05-01 01:24 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-01 01:24 . 2013-05-01 01:24 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-01 01:24 . 2013-05-01 01:24 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-01 01:24 . 2013-05-01 01:24 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-01 01:24 . 2013-05-01 01:24 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-01 01:24 . 2013-05-01 01:24 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-01 01:24 . 2013-05-01 01:24 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-01 01:24 . 2013-05-01 01:24 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-01 01:24 . 2013-05-01 01:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 01:24 . 2013-05-01 01:24 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 01:24 . 2013-05-01 01:24 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-01 01:24 . 2013-05-01 01:24 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 01:24 . 2013-05-01 01:24 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-01 01:24 . 2013-05-01 01:24 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-01 01:24 . 2013-05-01 01:24 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-01 01:24 . 2013-05-01 01:24 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-01 01:24 . 2013-05-01 01:24 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-01 01:24 . 2013-05-01 01:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-01 01:24 . 2013-05-01 01:24 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-01 01:24 . 2013-05-01 01:24 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-01 01:24 . 2013-05-01 01:24 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 01:24 . 2013-05-01 01:24 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-01 01:24 . 2013-05-01 01:24 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-01 01:24 . 2013-05-01 01:24 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-01 01:24 . 2013-05-01 01:24 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-01 01:24 . 2013-05-01 01:24 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-01 01:24 . 2013-05-01 01:24 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-01 01:24 . 2013-05-01 01:24 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-01 01:24 . 2013-05-01 01:24 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-01 01:24 . 2013-05-01 01:24 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-01 01:24 . 2013-05-01 01:24 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-01 01:03 . 2013-05-01 01:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-01 01:03 . 2013-05-01 01:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-01 01:03 . 2013-05-01 01:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-01 01:03 . 2013-05-01 01:03 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-01 01:03 . 2013-05-01 01:03 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-01 01:03 . 2013-05-01 01:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-01 01:03 . 2013-05-01 01:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-01 01:03 . 2013-05-01 01:03 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-01 01:03 . 2013-05-01 01:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-01 01:03 . 2013-05-01 01:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-01 01:03 . 2013-05-01 01:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-01 01:03 . 2013-05-01 01:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-05-01 01:03 . 2013-05-01 01:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-01 01:03 . 2013-05-01 01:03 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-01 01:03 . 2013-05-01 01:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 01:03 . 2013-05-01 01:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-01 01:03 . 2013-05-01 01:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-01 01:03 . 2013-05-01 01:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-01 01:03 . 2013-05-01 01:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-05-01 01:03 . 2013-05-01 01:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-01 01:03 . 2013-05-01 01:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-01 01:03 . 2013-05-01 01:03 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-05-01 01:03 . 2013-05-01 01:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-01 01:03 . 2013-05-01 01:03 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-05-01 01:03 . 2013-05-01 01:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-05-01 01:03 . 2013-05-01 01:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-01 01:03 . 2013-05-01 01:03 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-05-01 01:03 . 2013-05-01 01:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-01 01:03 . 2013-05-01 01:03 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-05-01 01:03 . 2013-05-01 01:03 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-05-01 01:03 . 2013-05-01 01:03 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-05-01 01:03 . 2013-05-01 01:03 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-01 01:03 . 2013-05-01 01:03 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110111271165}]
2013-05-11 16:19 748424 ----a-w- c:\program files (x86)\Savings Wave\Savings Wave.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-05-21 14:50 1991344 ----a-w- c:\program files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-10-12 20:57 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll" [2013-05-21 1991344]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-03 39408]
"Facebook Update"="c:\users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Yontoo Desktop"="c:\users\owner\AppData\Roaming\Yontoo\YontooDesktop.exe" [2013-01-31 42784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RegistrationReminder"="c:\program files\Sony\First Experience\OOBEFcdRegistration.exe" [2009-07-14 268288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-08-27 79872]
"VAIOSurvey"="c:\program files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe" [2008-07-25 385024]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-05-21 1226928]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
.
c:\users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
lollipop_05281312.lnk - c:\users\owner\AppData\Local\Lollipop\lollipop_05281312.exe [N/A]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eSafeSvc;eSafe Service;c:\programdata\eSafe\eGdpSvc.exe [2013-05-29 360512]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 LiveUpSC;LiveUpSC;c:\users\owner\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [2013-01-25 161280]
R2 PowerOffer Service;Pos Service;c:\users\owner\AppData\Local\PosService\Pos.exe [2011-12-16 164352]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 ServUpdater;Serv Updater;c:\users\owner\AppData\Local\ServUpdater\ServiceUpd.exe [2011-12-16 156160]
R2 UDisk Monitor;UDisk Monitor;c:\program files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [2011-05-12 512000]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
R3 Generalusbserialser20675;USB Legacy Serial Communication 20675;c:\windows\system32\DRIVERS\CT_U_USBSER.sys [2011-08-24 122368]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-08-05 139264]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2008-09-29 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-18 110888]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-07-31 393216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 21:31 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-05-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1809713169-3373386328-4178850518-1000Core.job
- c:\users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-15 15:14]
.
2013-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1809713169-3373386328-4178850518-1000UA.job
- c:\users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-15 15:14]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-03 06:06]
.
2013-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-03 06:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.findeer.com
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BEVS-26VAT0_WD-WXF0E49KP108KP108&ts=1368115408
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BEVS-26VAT0_WD-WXF0E49KP108KP108&ts=1368115408
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0392DEE3-4F2A-4EED-8133-34D4E6248495}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{3FD7394E-F19E-457D-9FC6-ECD4FA231670}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
BHO-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Bubble Dock - c:\users\owner\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
Toolbar-10 - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-OfferBox - c:\program files (x86)\OfferBox\uninstaller.exe
AddRemove-{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} - c:\programdata\{05505732-706C-4AFB-8CB4-779D17872B48}\iMesh_V11_en_Setup.exe
AddRemove-lollipop_05281312 - c:\users\owner\appdata\local\lollipop\lollipop_05281312.bat
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1809713169-3373386328-4178850518-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1809713169-3373386328-4178850518-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2013-05-31 03:52:36
ComboFix-quarantined-files.txt 2013-05-31 01:52
.
Pre-Run: 241.686.945.792 bytes free
Post-Run: 243.197.341.696 bytes free
.
- - End Of File - - E996C87282AC6B15D3A26DDE1D1002DF

PERDONATEMI MA NON ME LO CARICAVA IN ALLEGATO.

comunque finito combofix stamane riapro il pc e cosa accade??? mi apre avg mi dice di aver rilevato una minaccia dal nome win32 e caratteri strani di poter eliminarla e riavviare il pc ...detto fatto, ho riavviato ...sono riuscita ad eseguire il suo aggiornamento ma continua a dirmi di riavviarlo... e questa homepage Qvo6 non riesco proprio a toglierla...dite che siano annesse le due cose???

calamityjade · 01-06-2013, 14:08

Quote:

Originariamente inviato da [Claudio]

Vedi questa pagina.
Ovviamente il riavvio non dipende da questo.

okkei ottimo qvo6 eliminato del tutto grazie mille...più che altro adesso provo a disinstallarlo..ma vedo che avg...fa molta fatica a partire ed aggiornarsi...mi sono sempre trovata molto bene..in passato usavo avast o panda...non parliamo di norton una tragedia...questi ultimi...-.-''

31-05-2013, 02:07	#1
calamityjade Junior Member Iscritto dal: May 2013 Messaggi: 21	HELP VIRUS SOSPETTO Ciao a tutti, non sono nuova, sono la vecchia jadepunk, giuro erano da anni che non mi capitavano problemi con il pc, vi elenco i miei problemi e cosa penso sia (beagle)..poi mi direte voi 'esperti' meglio... uso come browser predef. chrome ma da qualche settimana non riesco assolutamente a togliere l'estensione Qvo6 che mi appare come pagina iniziale. anti virus AVG completamente bloccato, non si aggiorna non si disinstalla apertura continua di finestre mentre navigo. ho provato ad installare elibeagle ma nulla... combofix nulla...non parte una cippa... che mi consigliate???

Strumenti
Mostra una versione stampabile Invia questa pagina per email