Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » in win 7 rallentamenti

2 pages: [1] 2
in win 7 rallentamenti Opzioni
Topic Precedente · Topic Sucessivo
zorobabele
Inviato: Saturday, January 15, 2011 12:51:04 AM

Rank: AiutAmico

Iscritto dal : 2/11/2010
Posts: 174
Buona Sera un "tutti" ho postato il log di Malwarebytes hjiakthis e se qualcuno me li puo gentilmente controllare.grazie seMalwarebytes 'Anti-Malware 1.50.1.1100
www.malwarebytes.org

Versione database: 5.521

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15/01/2011 00:13:42
mbam-log-2011-01-15 (00-13-42). txt

Tipo di scansione: Scansione completa (C: \ | D: \ |)
Elementi esaminati: 281.447
Tempo trascorso: 26 Minuti, 34 Secondi

Processi in memoria infetti: 0
Moduli di memoria infetti: 0
Chiavi di Registro infette: 0
Valori di infetti Registro: 0
Voci infette nda Dati di Registro: 0
Cartelle infette: 0
File infetti: 0

infetti Processi in memoria:
(Non SONO statisti rilevati Elementi nocivi)

Moduli di memoria infetti:
(Non SONO statisti rilevati Elementi nocivi)

Chiavi di Registro infette:
(Non SONO statisti rilevati Elementi nocivi)

Valori di Registro infetti:
(Non SONO statisti rilevati Elementi nocivi)

Voci infette nda Dati di Registro:
(Non SONO statisti rilevati Elementi nocivi)

Cartelle infette:
(Non SONO statisti rilevati Elementi nocivi)

File infetti:
(Non SONO statisti rilevati Elementi nocivi)
Logfile di Trend Micro HijackThis v2.0.4
Scan salvato in 0:50:17, su 15/01/2011
Piattaforma: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Modalità di avvio: Normale

I processi in esecuzione:
C: Programmi \ (x86) \ Common Files \ Service ArcSoft \ connessione \ Bin \ ACService.exe
C: \ Windows \ SysWOW64 \ ezSharedSvcHost.exe
Programmi \ File (x86) \ Hewlett-Packard \ Shared \ HPDrvMntSvc.exe: C
Programmi \ File (x86) \ File comuni \ LightScribe \ LSSrvc.exe: c
C: Programmi \ (x86) \ PC Tools Firewall Plus \ FWService.exe
C: \ Program Files (x86) \ Enhancement Microsoft \ Search Pack \ Seaport \ SeaPort.exe
C: \ Program Files (x86) \ Microsoft Application Virtualization Client \ sftvsa.exe
Programmi \ File (x86) \ TomTom HOME 2 \ TomTomHOMEService.exe: C
C: \ Program Files (x86) \ Microsoft Application Virtualization Client \ sftlist.exe
C: \ Program Files \ (x86) Spybot - Search & Destroy \ SDWinSec.exe
C: \ Program Files (x86) \ Uniblue \ RegistryBooster \ rbmonitor.exe
C: \ Program Files (x86) \ Hewlett-Packard \ HP Contachilometri \ hpsysdrv.exe
Programmi \ File (x86) \ File comuni \ LightScribe \ LightScribeControlPanel.exe: C
Programmi \ File (x86) \ TomTom HOME 2 \ TomTomHOMERunner.exe: C
Programmi \ File (x86) \ Common Shared \ Virtualization Files \ Microsoft Handler \ CVHSVC.EXE: C
C: \ Program Files (x86) \ HP \ HP Software Update \ hpwuschd2.exe
C: Programmi \ (x86) \ PC Tools Firewall Plus \ FirewallGUI.exe
Programmi \ File (x86) \ Software Epson \ Event Manager \ EEventManager.exe: C
C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe
C: \ Program Files (x86) \ Mozilla Firefox \ firefox.exe
C: \ Program Files (x86) \ Mozilla Firefox \ plugin-container.exe
C: Programmi \ (x86) \ Trend Micro \ HiJackThis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://g.uk.msn.com/CQCON/6
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCxdm924YYIT&ptb=P8DG.mNP1EJifUmQxFjPMw
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://g.uk.msn.com/CQCON/6
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://g.uk.msn.com/CQCON/6
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = C: \ Windows \ SysWOW64 \ blank.htm
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
F2 - REG: system.ini: UserInit = userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C: Programmi \ (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Spybot-S & D di protezione di IE - {53.707.962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 2 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: Helper ricerca - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C: \ Program Files (x86) \ Enhancement Microsoft \ Search Pack \ Helper Search \ SEPsearchhelperie.dll
O2 - BHO: Guida per l'acces un Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4.806-AB1F-1455CBEFF289} - C: \ Program Files (x86) \ Windows Live \ Companion \ companioncore.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.2.4204.1700 \ swg.dll
O2 - BHO: IE BHO Helper - {b879dc47-7f5a-4973-A570-1e03a60c7c02} - C: \ Program Files (x86) \ WebPornoTV \ adxloader.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O4 - HKLM \ .. \ Run: [StartCCC] "c: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun
Programmi \ File (x86) \ Software HP \ HP Update \ HPWuSchd2.exe: [HP Software Update] C: HKLM \ .. \ Run - O4
O4 - HKLM \ .. \ Run: [EasyBits Recupero] C: \ Program Files (x86) \ EasyBits For Kids \ EzRecover.exe
O4 - HKLM \ .. \ Run: [00PCTFW] "C: \ Program Files (x86) \ PC Tools Firewall Plus \ FirewallGUI.exe"-s
O4 - HKLM \ .. \ Run: [EEventManager] C: \ PROGRA ~ 2 \ EPSONS ~ 1 \ EVENTM ~ 1 \ EEventManager.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files (x86) \ Adobe \ Reader 10.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [ARM Adobe] "C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe"
O4 - HKCU \ .. \ Run: [LightScribe Control Panel] C: \ Program Files (x86) \ Common Files \ LightScribe \ LightScribeControlPanel.exe-nascosto
O4 - HKCU \ .. \ Run: [EPSON Stylus D92 Series] C: \ Windows \ system32 \ spool \ DRIVERS \ x64 \ 3 \ E_FATIBZE.EXE / FU "C: \ Windows \ TEMP \ E_S8D23.tmp" / EF " HKCU "
O4 - HKCU \ .. \ Run: [EPSON Stylus D92 Series (Copia 1)] C: \ Windows \ system32 \ spool \ DRIVERS \ x64 \ 3 \ E_FATIBZE.EXE / FU "C: \ Windows \ TEMP \ E_SABE9.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [TomTomHOME.exe] "C: \ Program Files (x86) \ TomTom HOME 2 \ TomTomHOMERunner.exe"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / autorun (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / autorun (User 'SERVIZIO DI RETE')
O4 - HKUS \ S-1-5-20 \ .. \ RunOnce: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User 'SERVIZIO DI RETE')
O8 - Extra voce di menu contestuale: Add to Google Foto Screensa & ver - res: / / C: \ Windows \ system32 \ GPhotos.scr/200
O9 - Extra button: @ C: \ Program Files (x86) \ Windows Live \ Companion \ companionlang.dll, -600 - {0000036B-C524-4050-81A0-243669A86B9F} - C: \ Program Files (x86) \ Windows Live \ Companion \ companioncore.dll
O9 - Extra button: @ C: \ Program Files (x86) \ Windows Live \ Writer \ WindowsLiveWriterShortcuts.dll, -1.004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @ C: \ Program Files (x86) \ Windows Live \ Writer \ WindowsLiveWriterShortcuts.dll, -1.003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 2 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 2 \ Spybot ~ 1 \ SDHelper.dll
O10 - Unknown file in Winsock LSP: c: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ wlidnsp.dll
O10 - Unknown file in Winsock LSP: c: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ wlidnsp.dll
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ {9B7A7F8F-14D6-42B4-A371-65E8F51EC128}: NameServer = 80.88.171.16,80.88.161.2
Service - O23: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C: \ Program Files (x86) \ Common Files \ Service ArcSoft \ connessione \ Bin \ ACService.exe
O23 - Service: AcerSyncServiceWinServizio - ALWIL Software - C: \ Program Files \ Acer \ AcerSync \ AcerSyncService.exe
O23 - Service: @% SystemRoot% \ system32 \ alg.exe, -112 (ALG) - ALWIL Software - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: AMD esterno Utility Eventi - ALWIL Software - C: \ Windows \ system32 \ atiesrxx.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ efssvc.dll, -100 (EFS) - ALWIL Software - C: \ Windows \ System32 \ lsass.exe (file missing)
O23 - Service: Servizi EasyBits per Windows (ezSharedSvc) - EasyBits Software AS - C: \ Windows \ System32 \ ezSharedSvcHost.exe
O23 - Service: @% systemroot% \ system32 \ fxsresm.dll, -118 (Fax) - ALWIL Software - C: \ Windows \ system32 \ fxssvc.exe (file missing)
GameConsoleService - WildTangent, Inc. - C:: Service - O23 \ Program Files (x86) \ HP Games \ HP Game Console \ GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C: \ Program Files (x86) \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
Service - O23: HP Service sincronizzazione rapida (HPDrvMntSvc.exe) - Hewlett-Packard Company - C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ HPDrvMntSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - ALWIL Software - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: Direct Disc Labeling LightScribeService Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files (x86) \ File comuni \ LightScribe \ LSSrvc.exe
O23 - Service: @ comres.dll, -2.797 (MSDTC) - ALWIL Software - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - ALWIL Software - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - ALWIL Software - C: \ Program Files (x86) \ PC Tools Firewall Plus \ FWService.exe
O23 - Service: @% systemroot% \ system32 \ Psbase.dll, -300 (ProtectedStorage) - ALWIL Software - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: Macrium Reflect Image montaggio Service (ReflectService) - ALWIL Software - C: \ Program Files \ Macrium \ Reflect \ ReflectService.exe
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - ALWIL Software - C: \ Windows \ system32 \ Locator.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Samsrv.dll, -1 (SamSs) - ALWIL Software - C: \ Windows \ system32 \ lsass.exe (file missing)
Service - O23: SBSD Security Service Center (SBSDWSCService) - Safer Networking Ltd. - C: \ Program Files (x86) \ Spybot - Search & Destroy \ SDWinSec.exe
O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - ALWIL Software - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (spooler) - ALWIL Software - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ sppsvc.exe, -101 (sppsvc) - ALWIL Software - C: \ Windows \ system32 \ sppsvc.exe (file missing)
Programmi \ File (x86) \ TomTom HOME 2 \ TomTomHOMEService.exe: O23 - Service: C - TomTomHOMEService - TomTom
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - ALWIL Software - C: \ Windows \ system32 \ UI0Detect.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vaultsvc.dll, -1.003 (VaultSvc) - ALWIL Software - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (VDS) - ALWIL Software - C: \ Windows \ System32 \ vds.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - ALWIL Software - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Wat \ WatUX.exe, -601 (WatAdminSvc) - ALWIL Software - C: \ Windows \ system32 \ Wat \ WatAdminSvc.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ wbengine.exe, -104 (wbengine) - ALWIL Software - C: \ Windows \ system32 \ wbengine.exe (file missing)
O23 - Service:% systemroot% @ \ system32 \ WBEM \ wmiapsrv.exe, -110 (wmiApSrv) - ALWIL Software - C: \ Windows \ system32 \ WBEM \ wmiapsrv.exe (file missing)
O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk.exe, -101 (WMPNetworkSvc) - ALWIL Software - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)

-
Fine del file - 11.494 bytes
Torna in alto
 
Sponsor
Inviato: Saturday, January 15, 2011 12:51:04 AM

 
Torna in alto
 
r16
Inviato: Saturday, January 15, 2011 2:49:35 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Il log non presenta infezioni visibili.
Prova questa scansione:
Scarica ed installa HitmanPro: (scegli la versione adatta al tuo S.O. - 32Bit o 64 Bit)
Nel tuo caso, scegli la versione a 64 bit. (Hitman Pro 3.5 (64-bit) )

http://www.surfright.nl/en/downloads

Una volta lanciato, nella schermata principale clicca su Impostazioni.
Clicca su Licenza ed attiva la licenza;
Lancia la scansione. (lascia le impostazioni di default);
Al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato .
Postalo qui.
Torna in alto
 
zorobabele
Inviato: Saturday, January 15, 2011 8:39:47 PM

Rank: AiutAmico

Iscritto dal : 2/11/2010
Posts: 174
non riesco postare il log ne con copia-incolla,ne con la cattura perciò scrivo le tre voci sospette risultanti dalla scansione :catalyst_1.0.0.424.exe c:\ProgramData.exe prodinfo_cradleofrome_1.0.0.2048.exe installerui_1.0.0.193.exe il percorso è uguale x tutte e tre c:\ProgramData\WildTangent\WTDownloader\cradieofrome\Dowload\ sotto tutte e trè la dcitura: ci sono sospetti che questo file sia un pericolo.Ma potrebbe esser valido.La firma digitale non è valida.Questo è scritto nel log
Torna in alto
 
r16
Inviato: Sunday, January 16, 2011 1:28:09 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Vediamo con Combofix:
Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/protected/1e7ffb647d2c0fb94d653a0508d6a7ed/4d31b6e1/ComboFix.exe

Salvalo sul desktop. (è obligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.
Torna in alto
 
himaco
Inviato: Sunday, January 16, 2011 2:52:22 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
Diamine. Il mago r16 riesce a far funzionare ComboFix anche su Sistemi a 64 bit. Sei davvero un genio. Drool
Torna in alto
 
r16
Inviato: Sunday, January 16, 2011 3:35:16 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
himaco ha scritto:
Diamine. Il mago r16 riesce a far funzionare ComboFix anche su Sistemi a 64 bit. Sei davvero un genio. Drool


Guarda himaco, (o qualunque altro nick tu usi) invece di sparare cazzate, oppure, di dimostrare che sei un perfetto "ignorante"........ informati!

Ti "regalo" una novità:

Testuale da " sUBs" (lo conosci? Think )

Commenta:
Combofix è, finalmente, utilizzabile su alcuni sistemi a 64bit.
Nello specifico, è possibile utilizzarlo sulle seguenti versioni:

Windows XP (32-bit only)

Windows 2000 (32-bit only)

Windows Vista (32-bit/64-bit)

Windows 7 (32-bit/64-bit)

Inoltre, sUBs ha aggiunto la cancellazione di diversi files temporanei prima dell'avvio della scansione:

Cestino
Files temporanei di Internet
Files temporanei di Windows


Ciao "apprendista stregone" (da quattro soldi) e cerca di evitare certe figure da c..Anxious
Torna in alto
 
himaco
Inviato: Sunday, January 16, 2011 3:55:06 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
Dai, di' la verità, r1: ti sei intromesso, con F8, nel team di sUBs, per rendere ComboFix compatibile con SO a 64 bit.
Sei stato veramente bravo. E' davvero difficile trovare persone come te Drool

P.S. sparare cazzate, e ignorante, potevi evitarli, bello di mamma.
Torna in alto
 
himaco
Inviato: Sunday, January 16, 2011 4:03:56 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
Ho guardato sul sito di Combofix, ma pare non vi siano le notizie che riporti. Me le passi, sottobanco? (tradotto= link?? )
Torna in alto
 
r16
Inviato: Sunday, January 16, 2011 4:06:02 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
himaco ha scritto:

P.S. sparare cazzate, e ignorante, potevi evitarli, bello di mamma.

Non trovavo parole migliori, cocco.
E d'altronte, con personaggi come te, è difficile trovare di meglio, per esprimersi civilmente.

Leggi bene: (se per te non è un'impresa impossibile)
http://www.bleepingcomputer.com/combofix/it/come-usare-combofix
Torna in alto
 
himaco
Inviato: Sunday, January 16, 2011 4:11:27 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
Mi hai sfatato un mito: grazie, e alla prossima!
Torna in alto
 
r16
Inviato: Sunday, January 16, 2011 5:14:58 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
himaco ha scritto:
e alla prossima!

Spero proprio di no.Sick
Di te, ne ho le scatole piene.
Torna in alto
 
himaco
Inviato: Sunday, January 16, 2011 5:30:28 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
E dai, maestro Yoda. Guarda che poi fai una brutta fine Drool
Torna in alto
 
zorobabele
Inviato: Sunday, January 16, 2011 6:54:14 PM

Rank: AiutAmico

Iscritto dal : 2/11/2010
Posts: 174
ComboFix 11-01-15.01 - giancarlo 16/01/2011 18:44:34.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.3839.2725 [GMT 1:00]
Eseguito da: c:\users\giancarlo\Downloads\ComboFix.exe
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Creati Da 2010-12-16 al 2011-01-16 )))))))))))))))))))))))))))))))))))
.

2011-01-16 17:48 . 2011-01-16 17:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-16 17:10 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-01-16 17:01 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0033FFB-5C85-47AB-8D36-39D6A2D9E71A}\mpengine.dll
2011-01-15 15:25 . 2011-01-15 19:19 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-01-15 15:25 . 2011-01-15 15:25 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-01-15 15:22 . 2011-01-15 15:23 -------- d-----w- c:\programdata\Hitman Pro
2011-01-14 22:42 . 2011-01-14 22:42 388096 ----a-r- c:\users\giancarlo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-14 22:42 . 2011-01-14 22:42 -------- d-----w- c:\program files (x86)\Trend Micro
2011-01-12 08:02 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 08:02 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 08:02 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 08:02 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 08:02 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 08:02 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-12 08:02 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-12 08:02 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-12 08:02 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-12 08:02 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-11 07:44 . 2010-12-03 19:54 25048 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll
2011-01-11 07:44 . 2010-12-03 19:54 140248 ----a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll
2011-01-09 20:48 . 2011-01-09 20:48 -------- d-----w- c:\programdata\TreeCardGames
2011-01-09 20:48 . 2011-01-09 20:48 -------- d-----w- c:\program files (x86)\123 Free Solitaire
2011-01-09 20:01 . 2011-01-09 20:07 -------- d-----w- c:\program files (x86)\Plobb
2011-01-08 09:42 . 2011-01-08 09:42 -------- d-----w- c:\users\giancarlo\AppData\Local\Adobe
2011-01-08 09:36 . 2011-01-08 09:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-08 08:55 . 2011-01-08 08:55 -------- d-----w- c:\programdata\McAfee
2011-01-06 23:01 . 2011-01-06 23:25 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
2011-01-03 21:13 . 2011-01-03 21:13 -------- d-----w- c:\users\giancarlo\dwhelper
2010-12-28 20:27 . 2010-12-28 20:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-28 20:26 . 2010-12-28 20:26 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-28 20:26 . 2010-12-28 20:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-28 20:26 . 2010-12-28 20:26 -------- d-----w- c:\program files (x86)\Java
2010-12-27 10:07 . 2010-12-27 10:07 -------- d-----w- c:\users\giancarlo\AppData\Roaming\Uniblue
2010-12-27 10:07 . 2010-12-27 10:07 -------- d-----w- c:\program files (x86)\Uniblue
2010-12-27 10:06 . 2010-12-27 10:06 -------- d-----w- c:\users\giancarlo\AppData\Local\PackageAware
2010-12-24 18:45 . 2010-12-24 18:45 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-20 13:44 . 2010-12-20 13:44 -------- d-----w- c:\programdata\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\users\giancarlo\AppData\Roaming\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\users\giancarlo\AppData\Local\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\program files (x86)\TomTom International B.V
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2010-12-18 19:35 . 2010-12-18 19:35 -------- d-----w- c:\programdata\Acer
2010-12-18 19:35 . 2010-12-18 19:36 -------- d-----w- c:\users\giancarlo\AppData\Local\Acer
2010-12-18 19:35 . 2010-12-18 19:35 -------- d-----w- c:\users\giancarlo\AppData\Local\ADDP
2010-12-18 19:22 . 2010-06-26 05:31 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
2010-12-18 19:22 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2010-12-18 19:19 . 2010-12-18 19:19 -------- d-----w- c:\program files (x86)\Feedback Tool
2010-12-18 19:08 . 2010-12-18 19:08 -------- d-----w- c:\windows\WindowsMobile
2010-12-18 17:26 . 2010-12-18 19:08 -------- d-----w- c:\program files\Acer
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\DIFX
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-18 17:25 . 2010-12-18 17:25 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-12-18 17:25 . 2010-12-18 17:25 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-12-18 17:25 . 2009-08-14 16:09 120960 ----a-w- c:\windows\system32\drivers\qcusbser.sys
2010-12-18 15:02 . 2011-01-09 20:48 -------- d-----w- c:\users\giancarlo\AppData\Roaming\TreeCardGames
2010-12-17 20:58 . 2010-12-17 20:58 -------- d-----w- c:\programdata\{23D58E70-3B83-4B83-A227-68770F84F5EC}
2010-12-17 20:57 . 2010-12-17 21:02 -------- d-----w- c:\users\giancarlo\AppData\Roaming\hpqLog
2010-12-17 20:57 . 2010-12-17 20:57 -------- d-----w- c:\users\giancarlo\AppData\Roaming\WinBatch

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-25 18:54 . 2010-12-08 14:29 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-24 18:46 . 2010-12-15 20:44 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-20 17:09 . 2010-12-04 13:15 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-12-04 13:15 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-08 14:29 . 2010-12-08 14:29 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
2010-11-25 09:42 . 2010-12-02 23:54 179464 ----a-w- c:\windows\system32\drivers\pctplfw64.sys
2010-11-24 08:18 . 2010-12-02 23:54 119688 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
2010-11-17 09:20 . 2010-12-02 23:55 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2010-11-17 09:20 . 2010-12-02 23:55 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2010-11-04 06:35 . 2010-12-15 22:00 1194496 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 06:31 . 2010-12-15 22:00 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 05:52 . 2010-12-15 22:00 978944 ----a-w- c:\windows\SysWow64\wininet.dll
2010-11-04 05:48 . 2010-12-15 22:00 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16 . 2010-12-15 22:00 482816 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:41 . 2010-12-15 22:00 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-11-04 04:35 . 2010-12-15 22:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-04 04:08 . 2010-12-15 22:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18 . 2010-12-15 21:50 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 05:17 . 2010-12-15 21:50 473600 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 05:17 . 2010-12-15 21:50 1169408 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 05:16 . 2010-12-15 21:50 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-15 21:50 464384 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 05:10 . 2010-12-15 21:50 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:40 . 2010-12-15 21:50 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-11-02 04:40 . 2010-12-15 21:50 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34 . 2010-12-15 21:50 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-11-02 04:34 . 2010-12-15 21:50 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-27 12:28 . 2010-12-17 21:02 11320 ----a-w- c:\windows\help\OEM\Scripts\HPSARedirectorLauncher.exe
2010-10-27 05:06 . 2010-12-15 22:00 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-27 04:32 . 2010-12-15 22:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-10-20 05:20 . 2010-12-15 21:50 46080 ----a-w- c:\windows\system32\atmlib.dll
2010-10-20 04:54 . 2010-12-15 21:50 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2010-10-20 03:09 . 2010-12-15 21:49 3124224 ----a-w- c:\windows\system32\win32k.sys
2010-10-20 03:05 . 2010-12-15 21:50 367104 ----a-w- c:\windows\system32\atmfd.dll
2010-10-20 02:58 . 2010-12-15 21:50 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2010-10-19 09:41 . 2010-12-02 20:24 270720 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((( SnapShot@2011-01-16_16.56.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-01-16 17:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 17:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 17:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 19:25 . 2011-01-16 17:13 47194 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-01-16 16:09 41768 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-16 17:13 41768 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-01 19:25 . 2011-01-16 17:13 10390 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2698347344-3509447176-1861105731-1001_UserData.bin
+ 2010-09-03 09:41 . 2011-01-16 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-03 09:41 . 2011-01-13 02:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-03 09:41 . 2011-01-13 02:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-03 09:41 . 2011-01-16 17:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-13 02:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:09 . 2011-01-16 17:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-01-16 17:14 78512 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-01 18:09 . 2011-01-16 17:13 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-01 18:09 . 2011-01-16 17:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:12 . 2011-01-16 17:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:12 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:12 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:12 . 2011-01-16 17:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-16 17:11 . 2011-01-16 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-16 16:07 . 2011-01-16 16:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-16 17:11 . 2011-01-16 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-16 16:07 . 2011-01-16 16:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-03 10:17 . 2011-01-16 17:43 698776 c:\windows\system32\perfh010.dat
- 2010-09-03 10:17 . 2011-01-16 16:14 698776 c:\windows\system32\perfh010.dat
- 2009-07-14 02:36 . 2011-01-16 16:14 616254 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-01-16 17:43 616254 c:\windows\system32\perfh009.dat
+ 2010-09-03 10:17 . 2011-01-16 17:43 127744 c:\windows\system32\perfc010.dat
- 2010-09-03 10:17 . 2011-01-16 16:14 127744 c:\windows\system32\perfc010.dat
- 2009-07-14 02:36 . 2011-01-16 16:14 106376 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-01-16 17:43 106376 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-01-16 16:07 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-01-16 17:10 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-01-13 07:04 3798245 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-01-16 17:13 3798245 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 02:34 . 2011-01-16 16:33 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-16 17:36 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b879dc47-7f5a-4973-a570-1e03a60c7c02}]
2010-02-25 10:04 466944 ----a-w- c:\program files (x86)\WebPornoTV\adxloader.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-12-10 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-10-23 46592]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
R3 qcusbser;ACER USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-08-14 120960]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-04-08 243744]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2010-11-17 331368]
S2 AcerSyncServiceWinService;AcerSyncServiceWinService;c:\program files\Acer\AcerSync\AcerSyncService.exe [2010-04-14 205856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-01 202752]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2010-09-28 301024]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-01 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-01 186880]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2010-11-24 119688]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2010-11-25 179464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-21 38456]


--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MPNWMON
*NewlyCreated* - NISDRV
*Deregistered* - MpNWMon
*Deregistered* - NisDrv
*Deregistered* - pctESPInject
.
Contenuto della cartella 'Scheduled Tasks'

2010-12-27 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2010-12-03 09:47]

2011-01-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-12-15 22:36]

2011-01-16 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 23:02]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b879dc47-7f5a-4973-a570-1e03a60c7c02}]
2009-11-25 11:47 444752 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
.
------- Scansione supplementare -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCxdm924YYIT&ptb=P8DG.mNP1EJifUmQxFjPMw
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: {9B7A7F8F-14D6-42B4-A371-65E8F51EC128} = 80.88.171.16,80.88.161.2
FF - ProfilePath - c:\users\giancarlo\AppData\Roaming\Mozilla\Firefox\Profiles\57mqs1hi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857573&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Elf 1.13 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2857573&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=it&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%]
@Class="Shell"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%\OpenWithList]
@Class="Shell"
"a"="WORDPAD.EXE"
"MRUList"="a"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%\OpenWithProgids]
"=¯-_auto_file"=hex(0):

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001_Classes\.* ¯*i%]
@Allowed: (Read) (RestrictedCode)
@="=¯-_auto_file"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001_Classes\ ¯*i%_*a*u*t*o*_*f*i*l*e*\shell\open\command]
@=expand:"\"%ProgramFiles%\\Windows NT\\Accessories\\WORDPAD.EXE\" \"%1\""
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-01-16 18:50:03
ComboFix-quarantined-files.txt 2011-01-16 17:50
ComboFix2.txt 2011-01-16 16:58

Pre-Run: 236.872.970.240 byte disponibili
Post-Run: 236.688.220.160 byte disponibili

- - End Of File - - C573090984F0B474084D6D911A349D5C
Torna in alto
 
r16
Inviato: Sunday, January 16, 2011 9:39:20 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Apri un file di testo con il Block Note sul Desktop
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Code:
KillAll::
File::
c:\windows\Tasks\RegistryBooster.job
Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b879dc47-7f5a-4973-a570-1e03a60c7c02}]



e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix
Torna in alto
 
zorobabele
Inviato: Monday, January 17, 2011 12:35:57 AM

Rank: AiutAmico

Iscritto dal : 2/11/2010
Posts: 174
ComboFix 11-01-15.01 - giancarlo 17/01/2011 0:21.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.3839.2968 [GMT 1:00]
Eseguito da: c:\users\giancarlo\Downloads\ComboFix.exe
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Creati Da 2010-12-16 al 2011-01-16 )))))))))))))))))))))))))))))))))))
.

2011-01-16 23:25 . 2011-01-16 23:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-16 17:10 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-01-16 17:01 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0033FFB-5C85-47AB-8D36-39D6A2D9E71A}\mpengine.dll
2011-01-15 15:25 . 2011-01-15 19:19 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-01-15 15:25 . 2011-01-15 15:25 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-01-15 15:22 . 2011-01-15 15:23 -------- d-----w- c:\programdata\Hitman Pro
2011-01-14 22:42 . 2011-01-14 22:42 388096 ----a-r- c:\users\giancarlo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-14 22:42 . 2011-01-14 22:42 -------- d-----w- c:\program files (x86)\Trend Micro
2011-01-12 08:02 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 08:02 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 08:02 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 08:02 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 08:02 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 08:02 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-12 08:02 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-12 08:02 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-12 08:02 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-12 08:02 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-11 07:44 . 2010-12-03 19:54 25048 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll
2011-01-11 07:44 . 2010-12-03 19:54 140248 ----a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll
2011-01-09 20:48 . 2011-01-09 20:48 -------- d-----w- c:\programdata\TreeCardGames
2011-01-09 20:48 . 2011-01-09 20:48 -------- d-----w- c:\program files (x86)\123 Free Solitaire
2011-01-09 20:01 . 2011-01-09 20:07 -------- d-----w- c:\program files (x86)\Plobb
2011-01-08 09:42 . 2011-01-08 09:42 -------- d-----w- c:\users\giancarlo\AppData\Local\Adobe
2011-01-08 09:36 . 2011-01-08 09:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-08 08:55 . 2011-01-08 08:55 -------- d-----w- c:\programdata\McAfee
2011-01-06 23:01 . 2011-01-06 23:25 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
2011-01-03 21:13 . 2011-01-03 21:13 -------- d-----w- c:\users\giancarlo\dwhelper
2010-12-28 20:27 . 2010-12-28 20:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-28 20:26 . 2010-12-28 20:26 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-28 20:26 . 2010-12-28 20:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-28 20:26 . 2010-12-28 20:26 -------- d-----w- c:\program files (x86)\Java
2010-12-27 10:07 . 2010-12-27 10:07 -------- d-----w- c:\users\giancarlo\AppData\Roaming\Uniblue
2010-12-27 10:07 . 2010-12-27 10:07 -------- d-----w- c:\program files (x86)\Uniblue
2010-12-27 10:06 . 2010-12-27 10:06 -------- d-----w- c:\users\giancarlo\AppData\Local\PackageAware
2010-12-24 18:45 . 2010-12-24 18:45 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-20 13:44 . 2010-12-20 13:44 -------- d-----w- c:\programdata\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\users\giancarlo\AppData\Roaming\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\users\giancarlo\AppData\Local\TomTom
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\program files (x86)\TomTom International B.V
2010-12-20 13:43 . 2010-12-20 13:43 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2010-12-18 19:35 . 2010-12-18 19:35 -------- d-----w- c:\programdata\Acer
2010-12-18 19:35 . 2010-12-18 19:36 -------- d-----w- c:\users\giancarlo\AppData\Local\Acer
2010-12-18 19:35 . 2010-12-18 19:35 -------- d-----w- c:\users\giancarlo\AppData\Local\ADDP
2010-12-18 19:22 . 2010-06-26 05:31 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
2010-12-18 19:22 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2010-12-18 19:19 . 2010-12-18 19:19 -------- d-----w- c:\program files (x86)\Feedback Tool
2010-12-18 19:08 . 2010-12-18 19:08 -------- d-----w- c:\windows\WindowsMobile
2010-12-18 17:26 . 2010-12-18 19:08 -------- d-----w- c:\program files\Acer
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\DIFX
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-12-18 17:26 . 2010-12-18 17:26 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-18 17:25 . 2010-12-18 17:25 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-12-18 17:25 . 2010-12-18 17:25 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-12-18 17:25 . 2009-08-14 16:09 120960 ----a-w- c:\windows\system32\drivers\qcusbser.sys
2010-12-18 15:02 . 2011-01-09 20:48 -------- d-----w- c:\users\giancarlo\AppData\Roaming\TreeCardGames

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-25 18:54 . 2010-12-08 14:29 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-24 18:46 . 2010-12-15 20:44 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-20 17:09 . 2010-12-04 13:15 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-12-04 13:15 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-08 14:29 . 2010-12-08 14:29 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
2010-11-25 09:42 . 2010-12-02 23:54 179464 ----a-w- c:\windows\system32\drivers\pctplfw64.sys
2010-11-24 08:18 . 2010-12-02 23:54 119688 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
2010-11-17 09:20 . 2010-12-02 23:55 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2010-11-17 09:20 . 2010-12-02 23:55 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2010-11-04 06:35 . 2010-12-15 22:00 1194496 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 06:31 . 2010-12-15 22:00 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 05:52 . 2010-12-15 22:00 978944 ----a-w- c:\windows\SysWow64\wininet.dll
2010-11-04 05:48 . 2010-12-15 22:00 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16 . 2010-12-15 22:00 482816 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:41 . 2010-12-15 22:00 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-11-04 04:35 . 2010-12-15 22:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-04 04:08 . 2010-12-15 22:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18 . 2010-12-15 21:50 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 05:17 . 2010-12-15 21:50 473600 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 05:17 . 2010-12-15 21:50 1169408 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 05:16 . 2010-12-15 21:50 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-15 21:50 464384 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 05:10 . 2010-12-15 21:50 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:40 . 2010-12-15 21:50 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-11-02 04:40 . 2010-12-15 21:50 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34 . 2010-12-15 21:50 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-11-02 04:34 . 2010-12-15 21:50 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-27 12:28 . 2010-12-17 21:02 11320 ----a-w- c:\windows\help\OEM\Scripts\HPSARedirectorLauncher.exe
2010-10-27 05:06 . 2010-12-15 22:00 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-27 04:32 . 2010-12-15 22:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-10-20 05:20 . 2010-12-15 21:50 46080 ----a-w- c:\windows\system32\atmlib.dll
2010-10-20 04:54 . 2010-12-15 21:50 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2010-10-20 03:09 . 2010-12-15 21:49 3124224 ----a-w- c:\windows\system32\win32k.sys
2010-10-20 03:05 . 2010-12-15 21:50 367104 ----a-w- c:\windows\system32\atmfd.dll
2010-10-20 02:58 . 2010-12-15 21:50 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2010-10-19 09:41 . 2010-12-02 20:24 270720 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((( SnapShot@2011-01-16_16.56.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-01-16 22:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 22:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 22:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-16 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 19:25 . 2011-01-16 20:06 47542 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-16 20:06 42146 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-01 19:25 . 2011-01-16 20:06 10618 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2698347344-3509447176-1861105731-1001_UserData.bin
- 2010-09-03 09:41 . 2011-01-13 02:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-03 09:41 . 2011-01-16 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-03 09:41 . 2011-01-13 02:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-03 09:41 . 2011-01-16 17:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-13 02:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:09 . 2011-01-16 20:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:46 . 2011-01-14 06:47 80672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2011-01-16 18:19 80672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-01 18:09 . 2011-01-16 20:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-01 18:09 . 2011-01-16 20:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-01 18:09 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:12 . 2011-01-16 20:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:12 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-01 18:12 . 2011-01-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-01 18:12 . 2011-01-16 20:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-16 20:04 . 2011-01-16 20:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-16 16:07 . 2011-01-16 16:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-16 16:07 . 2011-01-16 16:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-16 20:04 . 2011-01-16 20:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-01 22:25 . 2011-01-16 23:14 341672 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2010-09-03 10:17 . 2011-01-16 16:14 698776 c:\windows\system32\perfh010.dat
+ 2010-09-03 10:17 . 2011-01-16 23:19 698776 c:\windows\system32\perfh010.dat
- 2009-07-14 02:36 . 2011-01-16 16:14 616254 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-01-16 23:19 616254 c:\windows\system32\perfh009.dat
+ 2010-09-03 10:17 . 2011-01-16 23:19 127744 c:\windows\system32\perfc010.dat
- 2010-09-03 10:17 . 2011-01-16 16:14 127744 c:\windows\system32\perfc010.dat
+ 2009-07-14 02:36 . 2011-01-16 23:19 106376 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-01-16 16:14 106376 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2011-01-16 20:04 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-01-16 16:07 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-01-13 07:04 3798245 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-01-16 17:13 3798245 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 02:34 . 2011-01-16 16:33 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-16 23:24 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b879dc47-7f5a-4973-a570-1e03a60c7c02}]
2010-02-25 10:04 466944 ----a-w- c:\program files (x86)\WebPornoTV\adxloader.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-12-10 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-10-23 46592]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
R3 qcusbser;ACER USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-08-14 120960]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-04-08 243744]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2010-11-17 331368]
S2 AcerSyncServiceWinService;AcerSyncServiceWinService;c:\program files\Acer\AcerSync\AcerSyncService.exe [2010-04-14 205856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-01 202752]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2010-09-28 301024]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-01 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-01 186880]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2010-11-24 119688]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2010-11-25 179464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-21 38456]


--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MPNWMON
*NewlyCreated* - NISDRV
*Deregistered* - MpNWMon
*Deregistered* - NisDrv
*Deregistered* - pctESPInject
.
Contenuto della cartella 'Scheduled Tasks'

2010-12-27 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2010-12-03 09:47]

2011-01-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-12-15 22:36]

2011-01-16 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 23:02]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b879dc47-7f5a-4973-a570-1e03a60c7c02}]
2009-11-25 11:47 444752 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
.
------- Scansione supplementare -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCxdm924YYIT&ptb=P8DG.mNP1EJifUmQxFjPMw
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: {9B7A7F8F-14D6-42B4-A371-65E8F51EC128} = 80.88.171.16,80.88.161.2
FF - ProfilePath - c:\users\giancarlo\AppData\Roaming\Mozilla\Firefox\Profiles\57mqs1hi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857573&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Elf 1.13 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://it.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:it:official
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=it&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%]
@Class="Shell"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%\OpenWithList]
@Class="Shell"
"a"="WORDPAD.EXE"
"MRUList"="a"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ¯*i%\OpenWithProgids]
"=¯-_auto_file"=hex(0):

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001_Classes\.* ¯*i%]
@Allowed: (Read) (RestrictedCode)
@="=¯-_auto_file"

[HKEY_USERS\S-1-5-21-2698347344-3509447176-1861105731-1001_Classes\ ¯*i%_*a*u*t*o*_*f*i*l*e*\shell\open\command]
@=expand:"\"%ProgramFiles%\\Windows NT\\Accessories\\WORDPAD.EXE\" \"%1\""
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-01-17 00:26:56
ComboFix-quarantined-files.txt 2011-01-16 23:26
ComboFix2.txt 2011-01-16 17:50
ComboFix3.txt 2011-01-16 16:58

Pre-Run: 234.202.587.136 byte disponibili
Post-Run: 234.155.257.856 byte disponibili

- - End Of File - - 86085CADF0E1AFA2738042F4B99AD32C
Torna in alto
 
himaco
Inviato: Monday, January 17, 2011 1:38:47 PM
Rank: AiutAmico

Iscritto dal : 12/7/2010
Posts: 269
CIao r16. Lo Script, deve essere eseguito con ComboFix dal Desktop. Procedi pure, di conseguenza.
Speak to the hand
Torna in alto
 
thepiratebay
Inviato: Monday, January 17, 2011 1:44:40 PM
Rank: AiutAmico

Iscritto dal : 12/27/2008
Posts: 2,018
conplimenti "himaco" noto che sei passato "guru"Pray
Torna in alto
 
r16
Inviato: Monday, January 17, 2011 6:42:27 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
himaco ha scritto:
CIao r16. Lo Script, deve essere eseguito con ComboFix dal Desktop. Procedi pure, di conseguenza.
Speak to the hand

Non c'è niente da fare.....Eh?
Continui a provocarmi, ben sapendo che non voglio averti fra i piedi, per nessun motivo.
Inoltre, continui a ignorare, le indicazioni del WebMaster, in cui, continua a ripeterti, di non scrivere in questa sezione......
Ma cosa bisogna fare con te......Think
A me, sinceramente, mi passano dei brutti pensieri per la testa, nei tuoi confronti.Shhh
Spero che lo pensi, anche chi di dovere.

@zorobabele :
Prendi l'icona di Combofix, (quella a forma di testa di un leone) e trascinala con il mouse sul desktop.
Poi rifai l'operazione dello script.
Come funziona il pc?
Torna in alto
 
zorobabele
Inviato: Monday, January 17, 2011 9:39:21 PM

Rank: AiutAmico

Iscritto dal : 2/11/2010
Posts: 174
ho l'icona del collegamento combofix sul desktop e ho fatto esattamente quello che mi hai suggerito. ora riprovo
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » in win 7 rallentamenti


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.