Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo Log, aiuto urgente

2 pages: [1] 2
Controllo Log, aiuto urgente Opzioni
Topic Precedente · Topic Sucessivo
superman91
Inviato: Thursday, February 04, 2010 2:10:18 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Salve a tutti da giorni il mio pc ha dei problemi, lasciandolo accesso 24h su 24 la mattina mi ritrovo con un avvertimento di NOD32 che mi informa di questo probabile virus:

A008770.exe
A008740.exe
A008720.exe ecc..

Mettendoli nella quarantena non si risolve nulla perchè ogni volta come potete vedere il nome cambia e non so per quale motivo:

Tutti si trovano in C:\System Volume Information\_restore{qui un numero lungo e cambia per ogni tipo di file}\qui anche numero a caso ad esempio RP12, RP24\nome del file.exe

Questo è il log di HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:44, on 04.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21183)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe

--
End of file - 8784 bytes



Help Plz!
Torna in alto
 
Sponsor
Inviato: Thursday, February 04, 2010 2:10:18 PM

 
Torna in alto
 
r16
Inviato: Thursday, February 04, 2010 2:15:14 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Riavvia il pc.
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.
Torna in alto
 
fdaccc
Inviato: Thursday, February 04, 2010 2:16:55 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
ciao,

disattiva il ripristino di sistema:

http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

tienilo disattivato fino alla soluzione del probelma.

disconnetti fisicamente il PC da Interet, apri HJT, do a system scan only e fixa queste voci:

R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')



Esegui questa scansione:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.
NON eliminare nulla.

Posta il log AGGIORNATO di HJT e quello di MBAM.
Torna in alto
 
fdaccc
Inviato: Thursday, February 04, 2010 2:17:25 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
scusa r16...=(
Torna in alto
 
superman91
Inviato: Thursday, February 04, 2010 3:32:44 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Ecco il log:

Malwarebytes' Anti-Malware 1.43
Versione del database: 3491
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

04.01.2010 13:51:43
mbam-log-2010-01-04 (13-51-43).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 251891
Tempo trascorso: 1 hour(s), 4 minute(s), 23 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\System Volume Information\_restore{E74DBC23-9AE9-4109-9096-5E1F6F46B735}\RP6\A0000379.exe (Trojan.Downloader) -> Quarantined and deleted successfully.



Nuovo log di HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:32:35, on 04.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21183)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe

--
End of file - 8488 bytes
Torna in alto
 
fdaccc
Inviato: Thursday, February 04, 2010 3:35:49 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
superman91
Inviato: Thursday, February 04, 2010 4:23:06 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
ComboFix 10-02-03.07 - Administrator 04.02.2010 15:53:49.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.702.204 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Dati applicazioni\Desktopicon
c:\documents and settings\Administrator\Dati applicazioni\Desktopicon\eBay.ico
c:\documents and settings\Administrator\Dati applicazioni\Desktopicon\uninst.exe
c:\documents and settings\All Users\Dati applicazioni\mazuki.dll
Z:\Autorun.inf
c:\windows\Fonts\Bilibin-Regular.ttf . . . . Eliminazione Fallita

.
((((((((((((((((((((((((( Files Creati Da 2010-01-04 al 2010-02-04 )))))))))))))))))))))))))))))))))))
.

2010-02-04 14:51 . 2010-02-04 15:14 -------- d-----w- \ComboFix
2010-02-04 14:46 . 2010-02-04 15:06 -------- d---a-w- \Qoobox
2010-02-02 15:20 . 2010-02-02 15:20 -------- d-----w- c:\programmi\File comuni\Java
2010-02-01 15:25 . 2010-02-01 15:25 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AccurateRip
2010-02-01 15:25 . 2010-02-01 15:25 -------- d-----w- c:\programmi\Exact Audio Copy
2010-01-31 23:42 . 2010-02-03 16:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\foobar2000
2010-01-31 23:40 . 2010-01-31 23:41 -------- d-----w- c:\programmi\foobar2000
2010-01-29 11:01 . 2010-01-29 20:15 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\dvdcss
2010-01-28 15:50 . 2010-01-28 20:21 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Corel
2010-01-28 15:46 . 2010-01-28 15:47 -------- d-----w- c:\programmi\SmartSound Software
2010-01-28 15:46 . 2010-01-28 15:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SmartSound Software Inc
2010-01-28 15:45 . 2010-01-28 15:45 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-28 14:50 . 2010-01-28 14:50 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Corel
2010-01-28 14:50 . 2010-01-28 14:50 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\NOS
2010-01-18 13:42 . 2010-01-18 13:44 -------- d-----w- c:\programmi\Duplicate File Cleaner
2010-01-18 13:30 . 2010-01-18 13:30 -------- d-----w- C:\Outerspace Software
2010-01-18 13:30 . 2010-01-18 13:30 -------- d-----w- \Outerspace Software
2010-01-14 15:28 . 2010-01-14 15:28 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AceBIT
2010-01-13 12:48 . 2010-01-13 12:53 -------- d-----w- C:\Dati_Temporanei
2010-01-13 12:48 . 2010-01-13 12:53 -------- d-----w- \Dati_Temporanei
2010-01-13 12:04 . 2010-01-17 20:30 -------- d-----w- c:\programmi\Simple Port Forwarding
2010-01-13 12:04 . 2010-01-13 12:04 -------- d-----w- c:\windows\Simple Port Forwarding
2010-01-13 11:49 . 2010-01-13 11:50 -------- d-----w- c:\windows\speech
2010-01-13 11:49 . 2010-01-13 11:52 -------- d-----w- c:\programmi\Speak Aloud
2010-01-11 13:05 . 2010-01-11 13:05 -------- d-----w- C:\Media
2010-01-11 13:05 . 2010-01-11 13:05 -------- d-----w- \Media
2010-01-11 13:02 . 2010-01-11 13:04 -------- d-----w- c:\programmi\TVLC
2010-01-09 23:56 . 2010-01-09 23:56 -------- d-----w- c:\programmi\Longtion
2010-01-09 22:37 . 2010-01-09 22:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\ImageBadger
2010-01-09 22:37 . 2010-01-10 00:09 -------- d-----w- c:\programmi\ImageBadger
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Kristanix Software
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\programmi\Xenocode
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\programmi\Button Shop 4
2010-01-07 14:53 . 2010-01-07 15:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FarmFrenzy3_America
2010-01-07 14:51 . 2010-01-07 15:08 -------- d-----w- c:\programmi\Farm Frenzy 3 American Pie
2010-01-06 16:50 . 2010-01-06 17:18 -------- d-----w- c:\programmi\Prevx
2010-01-06 16:50 . 2010-01-06 16:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PrevxCSI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-04 15:11 . 2009-10-12 17:38 -------- d-----w- c:\programmi\File comuni\Akamai
2010-02-03 23:54 . 2009-11-01 17:51 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\vlc
2010-02-03 23:08 . 2008-10-02 19:12 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TeraCopy
2010-02-03 22:34 . 2009-06-05 20:50 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2010-02-03 22:33 . 2009-06-05 20:50 -------- d-----w- c:\programmi\uTorrent
2010-02-03 20:50 . 2008-09-03 16:35 -------- d-----w- c:\programmi\eMule
2010-02-03 19:16 . 2008-09-05 10:46 -------- d-----w- c:\programmi\hp deskjet 990c series
2010-02-03 15:22 . 2008-09-04 01:02 -------- d-----w- c:\programmi\VS Revo Group
2010-02-02 15:17 . 2010-02-02 15:17 503808 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\msvcp71.dll
2010-02-02 15:17 . 2010-02-02 15:17 499712 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\jmc.dll
2010-02-02 15:17 . 2010-02-02 15:17 348160 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\msvcr71.dll
2010-02-02 15:17 . 2010-02-02 15:17 61440 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-71496b16-n\decora-sse.dll
2010-02-02 15:17 . 2010-02-02 15:17 12800 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-71496b16-n\decora-d3d.dll
2010-02-01 07:32 . 2008-09-06 09:45 -------- d-----w- c:\programmi\Orbitdownloader
2010-01-29 16:42 . 2008-09-03 14:21 3751160 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-29 12:32 . 2008-09-26 16:05 -------- d-----w- c:\programmi\Total Video Converter
2010-01-28 20:22 . 2009-04-30 16:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Ulead Systems
2010-01-28 20:16 . 2009-04-30 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2010-01-28 16:37 . 2010-01-28 15:50 5018 --sha-w- c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
2010-01-28 16:37 . 2010-01-28 15:50 5018 --sha-w- c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
2010-01-28 16:08 . 2010-01-28 15:50 88 --sh--r- c:\documents and settings\All Users\Dati applicazioni\7921A516DC.sys
2010-01-28 16:08 . 2010-01-28 15:50 88 --sh--r- c:\documents and settings\All Users\Dati applicazioni\7921A516DC.sys
2010-01-28 15:47 . 2008-09-03 23:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-21 17:43 . 2009-06-25 09:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\mIRC
2010-01-21 16:41 . 2009-06-25 12:32 -------- d-----w- c:\programmi\mIRC
2010-01-21 07:43 . 2009-05-17 12:01 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-21 07:43 . 2008-10-02 19:11 -------- d-----w- c:\programmi\TeraCopy
2010-01-17 18:52 . 2009-11-03 16:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MAGIX
2010-01-17 18:51 . 2009-11-03 16:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MAGIX
2010-01-17 18:49 . 2009-11-03 16:44 -------- d-----w- c:\programmi\MAGIX
2010-01-13 10:39 . 2008-09-03 14:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-01-10 01:33 . 2009-12-03 14:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SuperMP3Download
2010-01-09 22:59 . 2008-09-07 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-01-09 14:37 . 2009-05-13 20:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-01-09 14:37 . 2009-06-15 19:58 5115824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-06 14:30 . 2009-11-28 13:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Dream Aquarium
2010-01-04 08:22 . 2009-03-30 17:17 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-01-02 17:06 . 2010-01-02 17:06 -------- d-----w- c:\programmi\ASUS
2010-01-01 19:32 . 2010-01-01 19:29 -------- d-----w- c:\programmi\Driver Checker
2009-12-27 13:13 . 2009-12-27 13:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alawar Stargaze
2009-12-26 06:24 . 2008-10-17 10:17 -------- d-----w- c:\programmi\CodFree - Codice Fiscale
2009-12-26 06:24 . 2009-09-05 19:55 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\DNA
2009-12-26 04:52 . 2009-12-26 04:52 -------- d-----w- c:\programmi\Ace Translator
2009-12-24 19:49 . 2009-12-24 19:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Avnex
2009-12-23 16:24 . 2009-12-23 16:24 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2009-12-22 13:04 . 2009-12-22 13:04 -------- d-----w- c:\programmi\Victim.Destination.Here
2009-12-22 00:41 . 2009-12-22 00:41 345518 ----a-w- c:\windows\uninstall guyet.exe
2009-12-22 00:41 . 2009-12-22 00:41 1857427 ----a-w- c:\windows\guyet.scr
2009-12-22 00:33 . 2009-12-22 00:33 -------- d-----w- c:\programmi\Screensaver Factory 5 Enterprise
2009-12-22 00:33 . 2009-12-22 00:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Blumentals
2009-12-21 17:03 . 2009-12-21 16:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IndigoRose
2009-12-21 16:59 . 2009-12-21 16:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Autorun MAX! 2.0 (Home Edition)
2009-12-21 16:45 . 2009-12-21 16:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Autorun MAX! 2.0 (Home Edition) Trial
2009-12-21 15:58 . 2009-11-04 17:46 -------- d-----w- c:\programmi\AutoPlay Media Studio 7.0 Trial
2009-12-20 16:22 . 2009-11-03 18:51 -------- d-----w- c:\programmi\Photodex Presenter
2009-12-20 16:22 . 2009-12-20 16:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Photodex
2009-12-17 15:46 . 2009-12-17 15:46 -------- d-----w- c:\programmi\Koalagames
2009-12-17 14:33 . 2009-12-17 14:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\DivX
2009-12-17 14:25 . 2009-04-30 15:22 -------- d-----w- c:\programmi\Pinnacle
2009-12-17 14:20 . 2009-12-17 14:20 29926 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
2009-12-17 14:20 . 2009-12-17 14:20 -------- d-----w- c:\programmi\File comuni\Pinnacle
2009-12-17 14:18 . 2009-12-17 14:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate Collection
2009-12-17 14:17 . 2009-04-30 15:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\programmi\File comuni\Pegasus Imaging
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\programmi\File comuni\Yahoo!
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Studio 14
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Plus
2009-12-15 14:57 . 2009-06-24 13:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall
2009-12-14 17:35 . 2009-12-03 14:30 -------- d-----w- c:\programmi\SuperMp3Download
2009-12-11 19:50 . 2009-03-17 23:39 -------- d-----w- c:\programmi\Microsoft SQL Server
2009-12-09 22:10 . 2009-12-09 22:10 -------- d-----w- c:\programmi\Bit Che
2009-12-09 22:10 . 2009-12-09 22:10 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Convivea
2009-12-09 22:07 . 2008-09-06 09:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Orbit
2009-12-09 21:57 . 2009-12-09 21:57 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Nero
2009-12-09 21:19 . 2009-12-09 21:19 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Flock
2009-12-09 21:18 . 2009-12-09 21:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Easy CD-DA Extractor
2009-12-08 23:14 . 2009-12-08 23:14 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MoioSMS
2009-12-08 22:37 . 2009-12-08 22:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\picpick
2009-12-08 22:08 . 2008-09-04 11:14 -------- d-----w- c:\programmi\File comuni\Adobe
2009-12-08 22:07 . 2009-12-08 22:07 7680 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Youtube Music Downloader V2.3.7\400000500002i\df.exe
2009-12-08 22:07 . 2009-12-08 22:07 7680 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Youtube Music Downloader V2.3.7\400000600002i\orhan.exe
2009-12-06 21:12 . 2009-12-06 21:12 -------- d-----w- c:\programmi\FileHippo.com
2009-12-06 21:10 . 2009-05-20 12:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-12-06 20:55 . 2008-09-04 01:17 -------- d-----w- c:\programmi\Yahoo!
2009-12-06 20:51 . 2009-07-10 22:38 -------- d-----w- c:\programmi\Navilog1
2009-12-06 20:50 . 2008-09-04 15:08 -------- d-----w- c:\programmi\Java
2009-12-06 20:39 . 2009-12-06 20:35 -------- d-----w- c:\programmi\Batch Watermark Creator
2009-12-06 20:15 . 2009-12-06 20:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autodesk
2009-12-06 20:09 . 2009-12-06 20:05 -------- d-----w- c:\programmi\File comuni\Autodesk Shared
2009-12-06 20:09 . 2009-12-06 20:06 -------- d-----w- c:\programmi\AutoCAD LT 2008
2009-12-06 20:06 . 2009-12-06 20:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Autodesk
2009-12-06 20:05 . 2009-12-06 20:05 -------- d-----w- c:\programmi\Autodesk
2009-12-03 20:01 . 2009-12-23 16:24 2835416 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}\IconPackager.exe
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\4000005100002i\ErrorsAndUpdates.exe
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\400000e800002i\Dream_Aquarium.scr
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\4000008000002i\Splash Screen.exe
2009-11-22 00:49 . 2009-06-15 20:08 117760 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-20 00:10 . 2009-11-20 00:10 152576 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2008-09-04 00:19 . 2008-09-04 00:16 48 --sh--w- c:\windows\S92681E4D.tmp
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2007-12-20 77824]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-01 2054360]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-18 10:31 11952 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\is-6O6IH.lnk
backup=c:\windows\pss\is-6O6IH.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
c:\docume~1\ADMINI~1\IMPOST~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-10-13 10:16 165144 ----a-w- c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-10-13 10:22 960376 ----a-w- c:\programmi\Acronis\TrueImageHome\TimounterMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-09-05 19:55 318272 ----a-w- c:\programmi\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClamWin]
2009-04-14 10:52 86016 ----a-w- c:\programmi\ClamWin\bin\ClamTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverChecker.exe]
2009-12-31 15:36 13561856 ----a-w- c:\programmi\Driver Checker\DriverChecker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
2009-07-18 03:21 257440 ------w- c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-10-09 17:23 133104 ----atw- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
2009-09-02 04:30 687104 ----a-w- c:\windows\is-QOJPR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 15:07 1394000 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-01-07 15:07 429392 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ------w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCE Print Dispatcher]
2009-02-11 07:56 65536 ------w- c:\windows\system32\pcPDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE]
1998-07-03 10:51 25088 ------r- c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegisterDropHandler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-06-15 18:32 3055616 ----a-w- c:\programmi\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-10-13 10:00 4344472 ----a-w- c:\programmi\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
2007-07-23 11:55 341232 ------w- c:\programmi\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)
"AcrSch2Svc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Programmi\\filehippo.com\\UpdateChecker.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\Programmi\\FirefoxPortable\\App\\Firefox\\firefox.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Programmi\\Ace Translator\\AceTrans.exe"=
"c:\\Programmi\\TVLC\\Main\\App\\vlc\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [06.01.2010 17:50 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [06.01.2010 17:50 27656]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [12.06.2009 13:54 971232]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [24.04.2009 12:56 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [24.04.2009 12:56 53248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.09.2008 17:32 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.04.2009 18:08 108552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [01.10.2009 15:06 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [01.10.2009 15:07 96408]
R1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\drivers\05165413.sys [10.06.2009 09:26 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [26.05.2009 09:05 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [26.05.2009 09:05 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [15.06.2009 19:32 142592]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [14.04.2008 13:00 14336]
R2 ekrn;ESET Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [01.10.2009 15:06 735960]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [13.05.2009 21:11 236368]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [03.09.2008 14:10 45696]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.05.2009 21:11 19160]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [03.09.2008 14:10 56960]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [03.09.2008 14:10 601600]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [24.12.2009 20:47 17792]
S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [03.11.2009 17:47 1527900]
S3 gwiopm;gwiopm;\??\c:\programmi\My Drivers\gwiopm.sys --> c:\programmi\My Drivers\gwiopm.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [26.05.2009 09:05 7408]
S4 Seekeen Service;Seekeen Service;"c:\programmi\Seekeen\seekeen.exe" "c:\programmi\Seekeen\seekeen.dll" Service --> c:\programmi\Seekeen\seekeen.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://mystart.incredimail.com/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download Link Using Mega Manager... - c:\programmi\Megaupload\Mega Manager\mm_file.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\ln9e66g5.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Cerca
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search=
FF - plugin: c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Photodex Presenter\npPxPlay.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

MSConfigStartUp-PDF5 Registry Controller - c:\programmi\Nuance\PDF Professional 5\RegistryController.exe
MSConfigStartUp-PDFHook - c:\programmi\Nuance\PDF Professional 5\pdfpro5hook.exe
MSConfigStartUp-SunJavaUpdateSched - c:\programmi\Java\jre6\bin\jusched.exe
MSConfigStartUp-swg - c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe



**************************************************************************

disk not found C:\

please note that you need administrator rights to perform deep scan
scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{796AABBB-44F5-67F7-D78C-CC9582F172EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abhiakgcmeobheckhanlgmjddhjlibhjbf"=hex:70,61,66,69,6b,6d,6c,6c,62,61,64,6c,
68,68,6c,63,6f,67,70,6d,64,70,6d,67,70,6c,64,69,69,6a,64,6d,00,40
"magijjcmkiaccnlnjhemjpmonm"=hex:6f,61,68,67,67,63,6a,67,66,6c,61,70,64,68,6a,
65,69,69,67,66,68,65,61,68,6a,70,6a,69,66,6b,00,6d

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Dati applicazioni\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Programmi\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000410
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{AC0A97B5-991D-4761-B4E9-B6F9811B6A38}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.468.1"
"UniqueId"="0003DDCE4B12D900"
"ScannerBuild"=dword:0000167c
"ScannerVersionId"=dword:0000117a
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\System32\smss.exe
c:\windows\system32\csrss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\windows\System32\svchost.exe
c:\windows\system32\ASTSRV.EXE
c:\programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\crypserv.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Photodex\ProShowProducer\ScsiAccess.exe
c:\programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\svchost.exe
c:\windows\System32\alg.exe
c:\windows\system32\VTTimer.exe
c:\windows\System32\svchost.exe
.
**************************************************************************
.
Ora fine scansione: 2010-02-04 16:21:28 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-02-04 15:21

Pre-Run: 33'669'160'960 byte disponibili
Post-Run: 33'711'820'800 byte disponibili

- - End Of File - - DD42C6BBB9AE325FCB5ADB45080CE358
Torna in alto
 
fdaccc
Inviato: Thursday, February 04, 2010 8:29:48 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
per l'analisi del log di Combofix aspeta r16

a quanto vedo hai PIU' di un antivirus installato, hai dei rimasugli.
Torna in alto
 
superman91
Inviato: Thursday, February 04, 2010 8:46:01 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
fdaccc ha scritto:
per l'analisi del log di Combofix aspeta r16

a quanto vedo hai PIU' di un antivirus installato, hai dei rimasugli.


Come dovrei fare per eliminarli?
Torna in alto
 
fdaccc
Inviato: Thursday, February 04, 2010 8:57:43 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
Scarica AppRemover:
http://www.appremover.com/
Salvalo sul desktop.
Eseguilo.
Nella prima schermata clicca "Next"
Alla seconda ti compare l'elenco di software che devi eliminare.
Seleziona (sul quadrettino alla loro sinistra) quelli che hai già eliminato.
Un'altro click su "Next",
E poi Next ancora.
Riavvia il pc.
Controlla se sono stati eliminati.
(Vedi se li trovi ancora su AppRemover)
Torna in alto
 
r16
Inviato: Thursday, February 04, 2010 11:50:31 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Non inserire Chiavette o HD esterni durante la bonifica.
Poi:
Per prima cosa,Vai in Installazione Applicazioni, e rimuovi TUTTE le Toolbar che trovi.
Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Poi:
Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe e poi clicca Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript

Code:
File::
c:\windows\system32\GameMon.des -service
c:\programmi\Seekeen\seekeen.exe

Folder::
c:\programmi\Seekeen

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]

Driver::
Seekeen Service
npggsvc

RegNull::
[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{796AABBB-44F5-67F7-D78C-CC9582F172EC}*]


e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix

Consiglio di disistallare il NOD32:
Per disistallare il Nod32, la prima cosa da fare, è cessarne l'esecuzione dalla TrayBar. (vicino all'orologio di Windows).
Poi vai in Installazione Applicazioni, e lo rimuovi.
Infine fai girare questo tooll per eliminare eventuali rimasugli:
http://www.nod32.nl/download/tool/nod32removal.exe

Consiglio di installare questo antivirus:
Scarica Avira:
http://www.aiutamici.com/software?ID=10908

Lo configuri esattamente come in questa guida, in formato PDF:

http://www.zeusnews.it/zz_upload/PSV/Guida%20completa%20di%20%20AVIRA%20Antivir%209.pdf

Le voci indicate nella prima immagine a pagina 11 della Guida, spuntale tutte (nell'immagine non lo sono).
Fai una scansione completa e posta il log.
Torna in alto
 
superman91
Inviato: Friday, February 05, 2010 2:20:26 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
ComboFix 10-02-04.06 - Administrator 05.02.2010 13:51:26.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.702.359 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
"c:\programmi\Seekeen\seekeen.exe"
"c:\windows\system32\GameMon.des -service"
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Fonts\Bilibin-Regular.ttf . . . . Eliminazione Fallita

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SEEKEEN_SERVICE
-------\Service_Seekeen Service


((((((((((((((((((((((((( Files Creati Da 2010-01-05 al 2010-02-05 )))))))))))))))))))))))))))))))))))
.

2010-02-02 15:20 . 2010-02-02 15:20 -------- d-----w- c:\programmi\File comuni\Java
2010-02-02 15:17 . 2010-02-02 15:17 503808 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\msvcp71.dll
2010-02-02 15:17 . 2010-02-02 15:17 499712 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\jmc.dll
2010-02-02 15:17 . 2010-02-02 15:17 348160 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-741243cf-n\msvcr71.dll
2010-02-02 15:17 . 2010-02-02 15:17 61440 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-71496b16-n\decora-sse.dll
2010-02-02 15:17 . 2010-02-02 15:17 12800 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-71496b16-n\decora-d3d.dll
2010-02-01 15:25 . 2010-02-01 15:25 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AccurateRip
2010-02-01 15:25 . 2010-02-01 15:25 -------- d-----w- c:\programmi\Exact Audio Copy
2010-01-31 23:42 . 2010-02-04 20:43 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\foobar2000
2010-01-31 23:40 . 2010-01-31 23:41 -------- d-----w- c:\programmi\foobar2000
2010-01-29 11:01 . 2010-01-29 20:15 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\dvdcss
2010-01-28 15:50 . 2010-01-28 20:21 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Corel
2010-01-28 15:50 . 2010-01-28 16:08 88 --sh--r- c:\documents and settings\All Users\Dati applicazioni\7921A516DC.sys
2010-01-28 15:50 . 2010-01-28 16:37 5018 --sha-w- c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
2010-01-28 15:46 . 2010-01-28 15:47 -------- d-----w- c:\programmi\SmartSound Software
2010-01-28 15:46 . 2010-01-28 15:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SmartSound Software Inc
2010-01-28 15:45 . 2010-01-28 15:45 -------- d-----w- c:\windows\system32\windows media
2010-01-28 15:45 . 2010-01-28 15:45 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-28 14:50 . 2010-01-28 14:50 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Corel
2010-01-28 14:50 . 2010-01-28 14:50 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\NOS
2010-01-18 13:42 . 2010-01-18 13:44 -------- d-----w- c:\programmi\Duplicate File Cleaner
2010-01-18 13:30 . 2010-01-18 13:30 -------- d-----w- C:\Outerspace Software
2010-01-17 18:51 . 2009-03-19 08:10 29912 ----a-w- c:\documents and settings\All Users\Dati applicazioni\MAGIX\3D_Maker_Download-Version\Default\Validation.exe
2010-01-14 15:28 . 2010-01-14 15:28 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AceBIT
2010-01-13 12:48 . 2010-01-13 12:53 -------- d-----w- C:\Dati_Temporanei
2010-01-13 12:04 . 2010-01-17 20:30 -------- d-----w- c:\programmi\Simple Port Forwarding
2010-01-13 12:04 . 2010-01-13 12:04 -------- d-----w- c:\windows\Simple Port Forwarding
2010-01-13 11:49 . 2010-01-13 11:50 -------- d-----w- c:\windows\speech
2010-01-13 11:49 . 2010-01-13 11:52 -------- d-----w- c:\programmi\Speak Aloud
2010-01-11 13:05 . 2010-01-11 13:05 -------- d-----w- C:\Media
2010-01-11 13:02 . 2010-01-11 13:04 -------- d-----w- c:\programmi\TVLC
2010-01-09 23:57 . 2009-07-20 02:52 1242552 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-01-09 23:56 . 2010-01-09 23:56 -------- d-----w- c:\programmi\Longtion
2010-01-09 22:37 . 2010-01-09 22:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\ImageBadger
2010-01-09 22:37 . 2010-01-10 00:09 -------- d-----w- c:\programmi\ImageBadger
2010-01-09 21:23 . 2010-01-09 21:23 2 ----a-w- c:\windows\system32\krx240.dat
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Kristanix Software
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\programmi\Xenocode
2010-01-09 21:20 . 2010-01-09 21:20 -------- d-----w- c:\programmi\Button Shop 4
2010-01-07 14:53 . 2010-01-07 15:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FarmFrenzy3_America
2010-01-07 14:51 . 2010-01-07 15:08 -------- d-----w- c:\programmi\Farm Frenzy 3 American Pie
2010-01-06 16:50 . 2010-01-06 16:50 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2010-01-06 16:50 . 2010-01-06 16:50 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2010-01-06 16:50 . 2010-01-06 17:18 -------- d-----w- c:\programmi\Prevx
2010-01-06 16:50 . 2010-01-06 16:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PrevxCSI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-05 13:12 . 2009-12-09 06:24 5290 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2010-02-05 13:08 . 2009-10-12 17:38 -------- d-----w- c:\programmi\File comuni\Akamai
2010-02-05 13:04 . 2009-06-10 08:27 24652412 ----a-w- c:\windows\system32\drivers\fidbox.idx
2010-02-05 13:04 . 2009-06-10 08:27 2258419744 ----a-w- c:\windows\system32\drivers\fidbox.dat
2010-02-04 23:03 . 2008-09-03 16:35 -------- d-----w- c:\programmi\eMule
2010-02-04 22:45 . 2009-11-01 17:51 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\vlc
2010-02-04 22:18 . 2009-06-25 09:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\mIRC
2010-02-04 19:59 . 2009-06-25 12:32 -------- d-----w- c:\programmi\mIRC
2010-02-03 23:08 . 2008-10-02 19:12 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TeraCopy
2010-02-03 22:34 . 2009-06-05 20:50 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2010-02-03 22:33 . 2009-06-05 20:50 -------- d-----w- c:\programmi\uTorrent
2010-02-03 19:16 . 2008-09-05 10:46 -------- d-----w- c:\programmi\hp deskjet 990c series
2010-02-03 15:22 . 2008-09-04 01:02 -------- d-----w- c:\programmi\VS Revo Group
2010-02-02 15:16 . 2008-12-13 12:12 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-01 07:32 . 2008-09-06 09:45 -------- d-----w- c:\programmi\Orbitdownloader
2010-01-29 16:42 . 2008-09-03 14:21 3751160 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-29 12:32 . 2008-09-26 16:05 -------- d-----w- c:\programmi\Total Video Converter
2010-01-28 20:22 . 2009-04-30 16:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Ulead Systems
2010-01-28 20:16 . 2009-04-30 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2010-01-28 15:47 . 2008-09-03 23:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-21 07:43 . 2009-05-17 12:01 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-21 07:43 . 2008-10-02 19:11 -------- d-----w- c:\programmi\TeraCopy
2010-01-17 18:52 . 2009-11-03 16:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MAGIX
2010-01-17 18:51 . 2009-11-03 16:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MAGIX
2010-01-17 18:49 . 2009-11-03 16:44 -------- d-----w- c:\programmi\MAGIX
2010-01-13 10:39 . 2008-09-03 14:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-01-10 01:33 . 2009-12-03 14:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SuperMP3Download
2010-01-09 22:59 . 2008-09-07 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-01-09 14:37 . 2009-05-13 20:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-01-09 14:37 . 2009-06-15 19:58 5115824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2009-05-13 20:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-05-13 20:11 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 14:30 . 2009-11-28 13:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Dream Aquarium
2010-01-05 09:47 . 2007-12-07 01:40 841216 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:46 . 2007-12-12 09:48 78336 ------w- c:\windows\system32\ieencode.dll
2010-01-05 09:46 . 2007-12-12 09:48 17408 ------w- c:\windows\system32\corpol.dll
2010-01-04 15:04 . 2010-01-04 15:04 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-04 08:22 . 2009-03-30 17:17 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-01-02 17:06 . 2010-01-02 17:06 -------- d-----w- c:\programmi\ASUS
2010-01-02 16:55 . 2010-01-02 17:06 24576 ----a-w- c:\windows\system32\AsIO.dll
2010-01-02 16:55 . 2010-01-02 17:06 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys
2010-01-02 16:54 . 2010-01-02 16:54 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-01-02 16:54 . 2008-09-03 13:10 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2010-01-02 16:20 . 2009-04-24 11:57 331184 ------w- c:\windows\system32\difxapi.dll
2010-01-01 19:32 . 2010-01-01 19:29 -------- d-----w- c:\programmi\Driver Checker
2009-12-27 13:13 . 2009-12-27 13:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alawar Stargaze
2009-12-26 06:24 . 2008-10-17 10:17 -------- d-----w- c:\programmi\CodFree - Codice Fiscale
2009-12-26 06:24 . 2009-09-05 19:55 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\DNA
2009-12-26 04:52 . 2009-12-26 04:52 -------- d-----w- c:\programmi\Ace Translator
2009-12-24 19:49 . 2009-12-24 19:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Avnex
2009-12-23 16:24 . 2009-12-23 16:24 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2009-12-22 13:04 . 2009-12-22 13:04 -------- d-----w- c:\programmi\Victim.Destination.Here
2009-12-22 00:41 . 2009-12-22 00:41 345518 ----a-w- c:\windows\uninstall guyet.exe
2009-12-22 00:41 . 2009-12-22 00:41 1857427 ----a-w- c:\windows\guyet.scr
2009-12-22 00:33 . 2009-12-22 00:33 -------- d-----w- c:\programmi\Screensaver Factory 5 Enterprise
2009-12-22 00:33 . 2009-12-22 00:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Blumentals
2009-12-21 17:03 . 2009-12-21 16:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IndigoRose
2009-12-21 16:59 . 2009-12-21 16:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Autorun MAX! 2.0 (Home Edition)
2009-12-21 16:45 . 2009-12-21 16:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Autorun MAX! 2.0 (Home Edition) Trial
2009-12-21 15:58 . 2009-11-04 17:46 -------- d-----w- c:\programmi\AutoPlay Media Studio 7.0 Trial
2009-12-20 16:22 . 2009-11-03 18:51 -------- d-----w- c:\programmi\Photodex Presenter
2009-12-20 16:22 . 2009-12-20 16:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Photodex
2009-12-17 15:46 . 2009-12-17 15:46 -------- d-----w- c:\programmi\Koalagames
2009-12-17 14:33 . 2009-12-17 14:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\DivX
2009-12-17 14:25 . 2009-04-30 15:22 -------- d-----w- c:\programmi\Pinnacle
2009-12-17 14:20 . 2009-12-17 14:20 29926 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
2009-12-17 14:20 . 2009-12-17 14:20 -------- d-----w- c:\programmi\File comuni\Pinnacle
2009-12-17 14:18 . 2009-12-17 14:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate Collection
2009-12-17 14:17 . 2009-04-30 15:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\programmi\File comuni\Pegasus Imaging
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\programmi\File comuni\Yahoo!
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Studio 14
2009-12-17 14:11 . 2009-12-17 14:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Plus
2009-12-16 13:35 . 2008-04-14 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-15 14:57 . 2009-06-24 13:33 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall
2009-12-14 17:35 . 2009-12-03 14:30 -------- d-----w- c:\programmi\SuperMp3Download
2009-12-11 19:50 . 2009-03-17 23:39 -------- d-----w- c:\programmi\Microsoft SQL Server
2009-12-09 22:10 . 2009-12-09 22:10 -------- d-----w- c:\programmi\Bit Che
2009-12-09 22:10 . 2009-12-09 22:10 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Convivea
2009-12-09 22:07 . 2008-09-06 09:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Orbit
2009-12-09 21:57 . 2009-12-09 21:57 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Nero
2009-12-09 21:19 . 2009-12-09 21:19 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Flock
2009-12-09 21:18 . 2009-12-09 21:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Easy CD-DA Extractor
2009-12-08 23:14 . 2009-12-08 23:14 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MoioSMS
2009-12-08 22:37 . 2009-12-08 22:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\picpick
2009-12-08 22:08 . 2008-09-04 11:14 -------- d-----w- c:\programmi\File comuni\Adobe
2009-12-08 22:07 . 2009-12-08 22:07 7680 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Youtube Music Downloader V2.3.7\400000500002i\df.exe
2009-12-08 22:07 . 2009-12-08 22:07 7680 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Youtube Music Downloader V2.3.7\400000600002i\orhan.exe
2009-12-03 20:01 . 2009-12-23 16:24 2835416 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}\IconPackager.exe
2009-12-01 16:27 . 2009-12-01 16:27 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\4000005100002i\ErrorsAndUpdates.exe
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\400000e800002i\Dream_Aquarium.scr
2009-11-28 16:44 . 2009-11-28 16:44 13312 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\Dream Aquarium\4000008000002i\Splash Screen.exe
2009-11-22 00:49 . 2009-06-15 20:08 117760 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-21 15:54 . 2008-04-14 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 00:10 . 2009-11-20 00:10 152576 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-16 22:53 . 2009-11-16 22:54 398336 ------w- c:\windows\system32\CF9322.exe
2008-09-04 00:19 . 2008-09-04 00:16 48 --sh--w- c:\windows\S92681E4D.tmp
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2007-12-20 77824]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-01 2054360]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-18 10:31 11952 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\is-6O6IH.lnk
backup=c:\windows\pss\is-6O6IH.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
c:\docume~1\ADMINI~1\IMPOST~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-10-13 10:16 165144 ----a-w- c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-10-13 10:22 960376 ----a-w- c:\programmi\Acronis\TrueImageHome\TimounterMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-09-05 19:55 318272 ----a-w- c:\programmi\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClamWin]
2009-04-14 10:52 86016 ----a-w- c:\programmi\ClamWin\bin\ClamTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverChecker.exe]
2009-12-31 15:36 13561856 ----a-w- c:\programmi\Driver Checker\DriverChecker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
2009-07-18 03:21 257440 ------w- c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-10-09 17:23 133104 ----atw- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
2009-09-02 04:30 687104 ----a-w- c:\windows\is-QOJPR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 15:07 1394000 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-01-07 15:07 429392 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ------w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCE Print Dispatcher]
2009-02-11 07:56 65536 ------w- c:\windows\system32\pcPDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE]
1998-07-03 10:51 25088 ------r- c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegisterDropHandler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-06-15 18:32 3055616 ----a-w- c:\programmi\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-10-13 10:00 4344472 ----a-w- c:\programmi\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
2007-07-23 11:55 341232 ------w- c:\programmi\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)
"AcrSch2Svc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Programmi\\filehippo.com\\UpdateChecker.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\Programmi\\FirefoxPortable\\App\\Firefox\\firefox.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Programmi\\Ace Translator\\AceTrans.exe"=
"c:\\Programmi\\TVLC\\Main\\App\\vlc\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [06.01.2010 17:50 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [06.01.2010 17:50 27656]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [12.06.2009 13:54 971232]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [24.04.2009 12:56 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [24.04.2009 12:56 53248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.09.2008 17:32 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.04.2009 18:08 108552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [01.10.2009 15:06 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [01.10.2009 15:07 96408]
R1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\drivers\05165413.sys [10.06.2009 09:26 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [26.05.2009 09:05 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [26.05.2009 09:05 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [15.06.2009 19:32 142592]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [14.04.2008 13:00 14336]
R2 ekrn;ESET Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [01.10.2009 15:06 735960]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [13.05.2009 21:11 236368]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [03.09.2008 14:10 45696]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.05.2009 21:11 19160]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [03.09.2008 14:10 56960]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [03.09.2008 14:10 601600]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [24.12.2009 20:47 17792]
S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [03.11.2009 17:47 1527900]
S3 gwiopm;gwiopm;\??\c:\programmi\My Drivers\gwiopm.sys --> c:\programmi\My Drivers\gwiopm.sys [?]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [26.05.2009 09:05 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenuto della cartella 'Scheduled Tasks'

2009-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-842925246-1177238915-500.job
- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-10-09 17:23]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://mystart.incredimail.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download Link Using Mega Manager... - c:\programmi\Megaupload\Mega Manager\mm_file.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\ln9e66g5.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Cerca
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search=
.

**************************************************************************

disk not found C:\

please note that you need administrator rights to perform deep scan
scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Dati applicazioni\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Programmi\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000410
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{AC0A97B5-991D-4761-B4E9-B6F9811B6A38}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.468.1"
"UniqueId"="0003DDCE4B12D900"
"ScannerBuild"=dword:0000167c
"ScannerVersionId"=dword:0000117a
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(1056)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\wpdshserviceobj.dll
c:\programmi\Stardock\Object Desktop\IconPackager\iprepair.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\ASTSRV.EXE
c:\programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\crypserv.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Photodex\ProShowProducer\ScsiAccess.exe
c:\programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\VTTimer.exe
.
**************************************************************************
.
Ora fine scansione: 2010-02-05 14:17:46 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-02-05 13:17
ComboFix2.txt 2010-02-04 15:21

Pre-Run: 26'599'194'624 byte disponibili
Post-Run: 26'411'868'160 byte disponibili

- - End Of File - - 8665DE7BB20846014E00BAF6BBA16A7E



E' obbligatorio disinstallare NOD32? Perchè ho comprato la licenza per l'antivirus e non vorrei disinstallarlo :(


Inoltre con AppRemover non visualizzo nessun file legato ad AVG, nonostante Combofix mi segnala due antivirus presenti sul PC, Nod32 e AVG.
Torna in alto
 
fdaccc
Inviato: Friday, February 05, 2010 2:42:20 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
se hai comprato NOD lascialo, se vuoi...
fai pulizia con ccleaner:
http://www.aiutamici.com/software?ID=11223
Torna in alto
 
superman91
Inviato: Friday, February 05, 2010 2:53:25 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
fdaccc ha scritto:
se hai comprato NOD lascialo, se vuoi...
fai pulizia con ccleaner:
http://www.aiutamici.com/software?ID=11223


Fatto.
Torna in alto
 
fdaccc
Inviato: Friday, February 05, 2010 3:18:07 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
Scarica ATF Cleaner:
http://www.atribune.org/ccount/click.php?id=1

Avvia ATF Cleaner con un doppio click

1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)

Riavvia il pc.
Torna in alto
 
a.roselli
Inviato: Friday, February 05, 2010 3:31:50 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,044
fdaccc ha scritto:
Scarica ATF Cleaner:
http://www.atribune.org/ccount/click.php?id=1

Avvia ATF Cleaner con un doppio click

1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)

Riavvia il pc.


fdaccc, allora non ci siamo capiti, ti ho detto che non ti devi intromettere nell'assistenza Sicurezza

smettila di dare aiuti in modo definitivo in questa sezione.


alfonso_aiutamici@hotmail.it
Torna in alto
 
fdaccc
Inviato: Friday, February 05, 2010 3:41:22 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
dimmi stavolta dove ho sbagliato, forse gli ho suggerito male?
Torna in alto
 
r16
Inviato: Friday, February 05, 2010 3:42:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
@superman91 :
Riscontri problemi?
Posta un log di HijackThis.
Torna in alto
 
a.roselli
Inviato: Friday, February 05, 2010 3:43:29 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,044
fdaccc ha scritto:
dimmi stavolta dove ho sbagliato, forse gli ho suggerito male?

Non devi più fornire assistena per risolvere problemi di sicurezza, lascia fare a R16

Se continui mi trovo costretto a bloccarti l'account.

alfonso_aiutamici@hotmail.it
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo Log, aiuto urgente


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.