Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Logfile per uno strano problema sul pc di un amico.

Logfile per uno strano problema sul pc di un amico. Opzioni
Topic Precedente · Topic Sucessivo
simo95
Inviato: Thursday, June 03, 2010 7:37:42 PM

Rank: AiutAmico

Iscritto dal : 12/4/2008
Posts: 2,008
Oggi un mio amico mi ha portato il suo netbook con un curioso problema, i caratteri sullo schermo sono completamente illeggibili, un po' come visitare una pagina web in giapponese senza le lingue di supporto: si visualizzano solo tanti quadratini , tiangoli, pallini....Qualsiasi carattere viene rimpiazzato: la scritta sul memù start, nella barra del titolo e delle applicazioni e in qualsiasi altro programma o tool di Windows.

Aiutandomi col mio PC sono andato nelle impostazioni internazionali e della lingua ed ho ripristinato i valori di default, ma nulla è cambiato....

Mi è allora tornato in mente il primo pensiero che mi era passato per la testa: un malware.

Avira non rileva nulla. Combofix ha eliminato qualcosa, ed ho evidenziato in grassetto ciò che mi pare sospetto nel log, che posto assieme a quello di HJT:

ComboFix 10-06-02.04 - GIOVANNI 03/06/2010 18.49.11.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.420 [GMT 2:00]
Eseguito da: d:\pulizia\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00000002-0002-0000-7C25-9E7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\_000026_.tmp.dll

.
((((((((((((((((((((((((( Files Creati Da 2010-05-03 al 2010-06-03 )))))))))))))))))))))))))))))))))))
.

2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Temp
2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\SMART Technologies Inc
2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CyberLink
2010-06-03 14:28 . 2008-04-14 12:00 2560 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\USMT\iconlib.dll
2010-06-01 14:28 . 2010-06-01 14:28 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-30 10:47 . 2010-05-30 10:47 -------- d-----w- c:\programmi\TeamViewer
2010-05-30 10:42 . 2010-06-03 14:52 -------- d-----w- c:\programmi\Adobe(2)
2010-05-29 21:43 . 2010-05-29 21:43 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Mozilla
2010-05-29 15:50 . 2010-05-29 15:50 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Mozilla
2010-05-29 15:45 . 2010-06-03 14:52 -------- d-----w- c:\programmi\Mozilla Firefox(2)
2010-05-29 14:58 . 2010-05-29 14:58 -------- d-sh--w- c:\documents and settings\GIOVANNI\IECompatCache
2010-05-29 14:58 . 2010-06-03 14:52 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\vlc
2010-05-28 19:38 . 2010-05-28 19:38 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Apple Computer
2010-05-28 19:38 . 2010-05-28 19:38 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-28 16:09 . 2010-05-28 16:09 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-05-28 16:09 . 2010-06-03 13:19 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\skypePM
2010-05-28 16:07 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Skype
2010-05-28 16:06 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-05-28 15:04 . 2010-05-28 15:33 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-27 13:18 . 2010-05-27 13:18 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\SMART Technologies Inc
2010-05-27 13:17 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\CyberLink
2010-05-27 12:31 . 2010-05-28 15:37 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Apple Computer
2010-05-27 12:31 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-27 12:31 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-05-27 12:30 . 2010-05-27 12:30 -------- d-----w- c:\programmi\iPod
2010-05-27 12:30 . 2010-05-27 12:31 -------- d-----w- c:\programmi\iTunes
2010-05-27 12:30 . 2010-05-27 12:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-27 12:28 . 2010-05-27 12:29 -------- d-----w- c:\programmi\QuickTime
2010-05-27 12:28 . 2010-05-27 12:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-05-27 12:27 . 2010-05-27 12:27 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Apple
2010-05-27 12:27 . 2010-05-27 12:27 -------- d-----w- c:\programmi\Apple Software Update
2010-05-27 12:27 . 2010-04-16 06:33 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-05-27 12:27 . 2010-04-16 06:33 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-05-27 12:26 . 2010-05-27 12:26 -------- d-----w- c:\programmi\Bonjour
2010-05-27 12:25 . 2010-05-28 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2010-05-27 12:25 . 2010-05-27 12:30 -------- d-----w- c:\programmi\File comuni\Apple
2010-05-26 19:42 . 2010-05-26 19:42 503808 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\msvcp71.dll
2010-05-26 19:42 . 2010-05-26 19:42 348160 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\msvcr71.dll
2010-05-26 19:42 . 2010-05-26 19:42 61440 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-43bf3518-n\decora-sse.dll
2010-05-26 19:42 . 2010-05-26 19:42 499712 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\jmc.dll
2010-05-26 19:42 . 2010-05-26 19:42 12800 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-43bf3518-n\decora-d3d.dll
2010-05-26 19:41 . 2010-06-03 14:52 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Adobe
2010-05-26 19:27 . 2010-05-26 19:27 348160 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\msvcr71.dll
2010-05-26 19:27 . 2010-05-26 19:27 503808 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\msvcp71.dll
2010-05-26 19:27 . 2010-05-26 19:27 499712 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\jmc.dll
2010-05-26 19:27 . 2010-05-26 19:27 61440 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-58456881-n\decora-sse.dll
2010-05-26 19:27 . 2010-05-26 19:27 12800 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-58456881-n\decora-d3d.dll
2010-05-26 19:19 . 2010-05-27 12:31 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-26 19:03 . 2010-05-26 19:03 -------- d-sh--w- c:\documents and settings\GIOVANNI\PrivacIE
2010-05-26 19:03 . 2010-05-26 19:03 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Yahoo!
2010-05-26 18:38 . 2010-05-26 18:38 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\SMART Technologies
2010-05-26 18:38 . 2010-05-26 18:38 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\S2PC
2010-05-23 14:21 . 2010-05-23 14:21 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\eSobi
2010-05-23 14:04 . 2001-08-30 21:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-05-23 14:04 . 2008-04-13 17:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-05-23 14:04 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-05-23 14:04 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-05-22 09:29 . 2010-05-29 21:48 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-05-22 09:05 . 2010-05-22 09:05 0 ----a-w- c:\windows\nsreg.dat
2010-05-22 09:05 . 2010-05-22 09:29 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Thunderbird
2010-05-22 09:05 . 2010-05-22 09:05 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Thunderbird
2010-05-07 07:19 . 2010-05-07 07:19 -------- d-----w- C:\ADOBEPATH
2010-05-07 07:14 . 2003-02-14 17:14 110592 ----a-w- c:\windows\system32\tsccvid.dll
2010-05-07 07:13 . 2010-05-07 07:18 -------- d-----w- c:\programmi\SMART Technologies
2010-05-07 07:12 . 2010-05-07 07:12 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Downloaded Installations
2010-05-07 06:51 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-05-06 17:40 . 2010-05-06 17:40 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Identities
2010-05-06 17:35 . 2010-05-06 17:35 -------- d-----w- c:\programmi\Microsoft.NET
2010-05-06 17:32 . 2010-05-06 17:33 -------- d-----w- c:\windows\SHELLNEW
2010-05-06 17:31 . 2010-05-06 17:31 -------- d-----r- C:\MSOCache
2010-05-06 07:01 . 2010-06-03 14:27 -------- d-----w- c:\windows\SxsCaPendDel
2010-05-05 15:51 . 2010-05-05 15:51 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\S2PC
2010-05-05 15:51 . 2008-08-08 01:51 479232 ----a-w- c:\windows\ssndii.exe
2010-05-05 15:51 . 2007-08-13 05:59 21776 ----a-w- c:\windows\system32\msxml2a.dll
2010-05-05 15:51 . 2007-08-13 05:59 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-05-05 15:51 . 2010-05-05 15:51 -------- d-----w- c:\windows\Samsung
2010-05-05 15:51 . 2007-10-22 06:55 41984 ----a-w- c:\windows\system32\drivers\DgivEcp.sys
2010-05-05 15:48 . 2007-10-23 02:53 110592 ----a-r- c:\windows\Wiainst.exe
2010-05-05 15:47 . 2008-01-10 12:29 81920 ------w- c:\windows\system32\ssdevm.dll
2010-05-05 15:47 . 2007-08-13 08:22 49152 ----a-w- c:\windows\system32\Ssusbpn.dll
2010-05-05 15:47 . 2009-02-03 10:08 143872 ----a-w- c:\windows\system32\SaXPWIA.dll
2010-05-05 15:47 . 2009-02-03 10:08 138240 ----a-w- c:\windows\system32\SaXPUIEx.dll
2010-05-05 15:47 . 2009-02-03 10:08 87552 ----a-w- c:\windows\system32\SaXPSTI.dll
2010-05-05 15:47 . 2009-02-03 10:08 116736 ----a-w- c:\windows\system32\SaXPIPH.dll
2010-05-05 15:47 . 2009-02-03 10:08 139776 ----a-w- c:\windows\system32\SaXPEH.dll
2010-05-05 15:46 . 2007-08-14 01:01 22723 ----a-w- c:\windows\system32\sst1cl3.dll
2010-05-05 15:46 . 2007-08-14 01:00 19968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sst1cpc.dll
2010-05-05 15:46 . 2007-08-14 00:59 151552 ----a-w- c:\windows\system32\sst1cci.exe
2010-05-05 15:46 . 2007-08-14 00:59 65536 ----a-w- c:\windows\system32\sst1cci.dll
2010-05-05 15:46 . 2010-05-05 15:46 -------- d-----w- c:\programmi\Samsung

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-03 14:52 . 2010-04-16 16:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2010-06-03 14:52 . 2010-04-16 16:50 -------- d-----w- c:\programmi\Yahoo!
2010-06-03 14:52 . 2009-07-29 14:03 -------- d-----w- c:\programmi\File comuni\Adobe
2010-06-03 14:49 . 2009-07-29 13:23 -------- d-----w- c:\programmi\Acer GameZone
2010-05-30 13:36 . 2010-05-30 13:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_netaapl_01005.Wdf
2010-05-30 12:39 . 2009-09-23 14:58 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\Temp
2010-05-28 16:11 . 2009-07-29 12:59 -------- d-----w- c:\programmi\Google
2010-05-26 18:39 . 2010-05-26 18:37 69776 ----a-w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-23 14:21 . 2009-07-29 14:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\eSobi
2010-05-23 14:21 . 2010-04-16 15:49 69776 ----a-w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-23 12:35 . 2009-07-29 13:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-05-07 09:22 . 2010-04-26 12:36 1 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-07 07:15 . 2010-05-03 16:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SMART Technologies
2010-05-07 07:14 . 2010-05-02 14:27 -------- d-----w- c:\programmi\File comuni\SMART Technologies
2010-05-07 06:53 . 2009-07-29 13:15 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-05-06 18:36 . 2009-07-29 13:08 -------- d-----w- c:\programmi\Microsoft Works
2010-05-05 18:11 . 2009-07-29 12:55 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-05-05 16:32 . 2009-07-29 20:04 80008 ----a-w- c:\windows\system32\perfc010.dat
2010-05-05 16:32 . 2009-07-29 20:04 480058 ----a-w- c:\windows\system32\perfh010.dat
2010-05-05 15:49 . 2009-07-29 12:41 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-04 21:18 . 2010-04-16 16:50 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\vlc
2010-05-04 08:32 . 2010-05-03 16:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2010-05-04 08:31 . 2010-05-04 08:31 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\SMART Technologies
2010-05-02 14:27 . 2010-05-02 14:27 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\SMART Technologies Inc
2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-26 12:36 . 2010-04-26 12:36 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\OpenOffice.org
2010-04-23 17:43 . 2010-04-23 17:43 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\dvdcss
2010-04-16 21:37 . 2010-04-16 21:37 503808 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\msvcp71.dll
2010-04-16 21:37 . 2010-04-16 21:37 348160 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\msvcr71.dll
2010-04-16 21:37 . 2010-04-16 21:37 499712 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\jmc.dll
2010-04-16 21:37 . 2010-04-16 21:37 61440 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7ed9cd7a-n\decora-sse.dll
2010-04-16 21:37 . 2010-04-16 21:37 12800 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7ed9cd7a-n\decora-d3d.dll
2010-04-16 17:40 . 2010-04-16 17:40 -------- d-----w- c:\programmi\MSBuild
2010-04-16 17:40 . 2010-04-16 17:40 -------- d-----w- c:\programmi\Reference Assemblies
2010-04-16 17:09 . 2010-04-16 17:09 -------- d-----w- c:\programmi\JRE
2010-04-16 17:09 . 2010-04-16 17:09 -------- d-----w- c:\programmi\OpenOffice.org 3
2010-04-16 17:08 . 2010-04-16 17:08 -------- d-----w- c:\programmi\File comuni\Java
2010-04-16 17:08 . 2010-04-16 17:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-16 17:08 . 2010-04-16 17:08 -------- d-----w- c:\programmi\Java
2010-04-16 17:03 . 2010-04-16 17:03 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-16 16:51 . 2010-04-16 16:51 -------- d-----w- c:\programmi\Avira
2010-04-16 16:51 . 2010-04-16 16:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-04-16 16:50 . 2010-04-16 16:50 -------- d-----w- c:\programmi\CCleaner
2010-04-16 16:50 . 2010-04-16 16:50 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Yahoo!
2010-04-16 16:49 . 2010-04-16 16:49 -------- d-----w- c:\programmi\VideoLAN
2010-04-16 16:49 . 2010-04-16 16:49 16 ----a-w- c:\windows\popcinfo.dat
2010-04-16 16:15 . 2010-04-16 16:15 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SACore
2010-04-16 16:08 . 2009-07-29 10:28 76875 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-16 15:50 . 2009-07-29 14:05 -------- d-----w- c:\programmi\Acer
2010-04-16 12:12 . 2009-07-29 13:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-04-16 12:00 . 2010-04-16 12:00 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\SACore
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-10 06:15 . 2009-07-29 20:04 420352 ----a-w- c:\windows\system32\vbscript.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\programmi\Acer\WR_PopUp\ProductReg.exe" [2009-04-15 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\programmi\Launch Manager\LManager.exe" [2009-02-20 817672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"AzMixerSel"="c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]
"RemoteControl8"="c:\programmi\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-10-17 91432]
"PDVD8LanguageShortcut"="c:\programmi\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\Twain_32\Samsung\CLX3170\Scan2pc.exe" [2009-01-30 503808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Rosso1\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.2.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acer VCM.lnk - c:\programmi\Acer\Acer VCM\AcerVCM.exe [2009-7-29 565248]
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-20 607584]
SMART Board Tools.lnk - c:\programmi\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe [2009-7-23 10227712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44 65536 ----a-w- c:\windows\system32\igdlogin.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-05-28 14:33 30192 ----a-w- c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-04-28 13:06 142120 ----a-w- c:\programmi\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-14 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 13:21 246504 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-04-16 15:50 39408 ----a-w- c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Scan2Pc.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Sscan2io.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\UCGui.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\SMARTSNMPAgent.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\UCService.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\WebServer.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port

R2 RS_Service;Raw Socket Service;c:\programmi\Acer\Acer VCM\RS_Service.exe [29/07/2009 16.05.50 237568]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [29/07/2009 14.49.22 5096544]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [16/04/2010 18.17.51 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S2 TeamViewer5;TeamViewer 5;"c:\programmi\TeamViewer\Version5\TeamViewer_Service.exe" -service --> c:\programmi\TeamViewer\Version5\TeamViewer_Service.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/07/2009 14.55.41 1684736]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe [29/07/2009 14.59.06 30192]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys --> c:\windows\system32\DRIVERS\netaapl.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys --> c:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\programmi\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [23/07/2009 16.57.58 1048576]
S3 SMART Web Server;Server Web SMART;c:\programmi\SMART Technologies\SMART Board Drivers\WebServer.exe [23/07/2009 16.51.42 1245184]
.
Contenuto della cartella 'Scheduled Tasks'

2010-05-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-16 16:17]

2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-16 16:17]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=ao751h&r=0xph04108906l0393wuh5w87115714
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

MSConfigStartUp-Adobe ARM - c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
AddRemove-Mozilla Firefox (3.6.3) - c:\programmi\Mozilla Firefox\uninstall\helper.exe
AddRemove-TeamViewer 5 - c:\programmi\TeamViewer\Version5\uninstall.exe



**************************************************************************
scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(432)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
c:\windows\system32\wdfmgr.exe
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-03 19:01:40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-03 17:01

Pre-Run: 117.329.862.656 byte disponibili
Post-Run: 118.720.425.984 byte disponibili

- - End Of File - - 20E03924B22B10C7CB43478211F4FC8E


HJT


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.07.16, on 03/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Acer\Acer VCM\RS_Service.exe
C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Launch Manager\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\PersistenceThread.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe
C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\explorer.exe
D:\Pulizia\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=ao751h&r=0xph04108906l0393wuh5w87115714
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Programmi\SMART Technologies\SMART Notebook\NotebookPlugin.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl8] C:\Programmi\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] C:\Programmi\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [3170 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe"
O4 - HKCU\..\Run: [ProductReg] C:\Programmi\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1273168086640
O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Programmi\Acer\Acer VCM\RS_Service.exe
O23 - Service: SMART Board Service - SMART Technologies - C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
O23 - Service: SMART SNMP Agent Service - SMART Technologies ULC - C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
O23 - Service: Server Web SMART (SMART Web Server) - Unknown owner - C:\Programmi\SMART Technologies\SMART Board Drivers\WebServer.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - Unknown owner - C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe (file missing)

--
End of file - 8975 bytes


Grazie mille.


EDIT:

Ora sta facendo la scansione con MBAM, quando avrò a disposizione il PC (forse sabato), eseguirò le indicazioni.

Ciao!
Torna in alto
 
Sponsor
Inviato: Thursday, June 03, 2010 7:37:42 PM

 
Torna in alto
 
paolopa
Inviato: Thursday, June 03, 2010 8:19:49 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
ciao simo,fai una prova(io è la prima volta che sento na cosa cosi')fai il boot con una pendrive con linux,e vedi che succede,magari è un problema hw
Torna in alto
 
simo95
Inviato: Thursday, June 03, 2010 8:28:02 PM

Rank: AiutAmico

Iscritto dal : 12/4/2008
Posts: 2,008
Escludo: il pc è nuovo ed il problema è proprio un impostazione sballata di XP (questo lo deduco perchè in qualche raro messaggio dell OS od altre applicazioni, si legge perfettamente in italiano).

Anche io sono rimasto sconcertato appena l'ho visto; mai vista una cosa simile.

Ogni punto di ripristino è corrotto e Windows non riesce a terminare la procedura di ripristino...bah :(

Molto strana la cosa.

Attendo altri pareri Drool

Grazie e Ciao
Torna in alto
 
square
Inviato: Thursday, June 03, 2010 8:28:40 PM

Rank: AiutAmico

Iscritto dal : 10/10/2009
Posts: 1,670
paolopa ha scritto:
.............magari è un problema hw


Qui http://www.hwupgrade.it/forum/archive/index.php/t-1976236.html
sostengono la stessa cosa, se la situazione è simile (scusate l'intromissione). Ciao.
Torna in alto
 
simo95
Inviato: Thursday, June 03, 2010 8:32:30 PM

Rank: AiutAmico

Iscritto dal : 12/4/2008
Posts: 2,008
square ha scritto:
paolopa ha scritto:
.............magari è un problema hw


Qui http://www.hwupgrade.it/forum/archive/index.php/t-1976236.html
sostengono la stessa cosa, se la situazione è simile (scusate l'intromissione). Ciao.


Figurati!

Lo schermo fuziona, come anche la scheda grafica.

Comunque appena ho il pc sottomano, proverò sicuramente.
Lui ha detto che gli era successo anche su un secondo PC, quindi il problema è individuabile o in un software che installa solitamente e non è affidabile, oppure in una pendrive infetta.

Vediamo come andrà a finire.

Grazie e ciao
Torna in alto
 
r16
Inviato: Thursday, June 03, 2010 9:48:54 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao simo95
Questo lo puoi eliminare:
c:\windows\ssndii.exe

Questi sono legittimi:
c:\windows\system32\perfc010.dat
c:\windows\system32\perfh010.dat
c:\windows\system32\ezsidmv.dat

Piuttosto, non vorrei, che il problema non fosse per la mancanza di questo file:
O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
Torna in alto
 
simo95
Inviato: Friday, June 04, 2010 4:33:00 PM

Rank: AiutAmico

Iscritto dal : 12/4/2008
Posts: 2,008
r16 ha scritto:
Ciao simo95
Questo lo puoi eliminare:
c:\windows\ssndii.exe

Questi sono legittimi:
c:\windows\system32\perfc010.dat
c:\windows\system32\perfh010.dat
c:\windows\system32\ezsidmv.dat

Piuttosto, non vorrei, che il problema non fosse per la mancanza di questo file:
O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)



Grazie mille. L'ultimo file l'avevo notato tramite il controllo log online, ma facendo una ricerca in rete non ho trovato un granchè.

Comunque stamattina l'ha formattato, fine di tutti i problemi (si spera...).

Grazie mille a tutti, comunque!

Ciao
Torna in alto
 
enigmista63
Inviato: Friday, June 04, 2010 5:35:38 PM

Rank: AiutAmico

Iscritto dal : 4/28/2007
Posts: 1,976
Whistle Ciao consiglia al tuo amico di NON scaricare applicazioni per vedere la tv (programmi a pagameto ) sul pc,alcuni di questi hanno la caratteristica di cambiare la grafica ed i caratteri del pc.
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Logfile per uno strano problema sul pc di un amico.


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.