Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Programmi che non si aprono dopo un certo tempo - PC AZIENDALE!!!

4 pages: 1 [2] 3 4
Programmi che non si aprono dopo un certo tempo - PC AZIENDALE!!! Opzioni
Topic Precedente · Topic Sucessivo
vale1976
Inviato: Friday, July 22, 2011 3:17:53 PM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
No Davix, spyware terminator l'ho installato solo ieri per vedere di togliere quello che pensavo fosse un malware ma il rpblema ce l'ho da ben prima!
Torna in alto
 
davix
Inviato: Friday, July 22, 2011 3:19:23 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
Sabbb, io ho corretto il discorso che avevo iniziato.



E se leggi tutto l'intervento troverai in fondo.

davix ha scritto:

Ora, non so dirti se sia sufficiente "disabilitare" la sola funzione "real time" o sia meglio disinstallare Spyware Terminator.

Cmq, dovresti attenderi pareri, perchè, ti ripeto ci altre cose da chiarire!

Speak to the hand



Torna in alto
 
davix
Inviato: Friday, July 22, 2011 3:23:49 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
vale1976 ha scritto:
No Davix, spyware terminator l'ho installato solo ieri per vedere di togliere quello che pensavo fosse un malware ma il rpblema ce l'ho da ben prima!




Da prima "quando"? Non dirci le cose una alla volta, facendoci andare a tentoni!

Cmq, aspetta. Io non vado oltre.
Torna in alto
 
davix
Inviato: Friday, July 22, 2011 3:25:04 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
fdaccc ha scritto:
Ma perchè risponderti mi chiedo io?
Continuiamo in privato, che è meglio.
Ciao, troll da 4 soldi! Drool


sparisci
Torna in alto
 
vale1976
Inviato: Friday, July 22, 2011 3:26:37 PM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
Io attendo i pareri ma non dovete litigare. E magari rispondere alle mie domande, stupide o meno che siano.

Io credo che in tutti i forum capitino persone NON esperte come me, perchè è lo scopo dei forum è aiutare proprio quelle persone, no?

Quelli bravi le cose se le risolvono da soli, penso.

Io continuo comunque a ringraziarvi e vi prego di farci caso.
Torna in alto
 
vale1976
Inviato: Friday, July 22, 2011 3:29:55 PM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
PER DARIX: purtroppo il mio problema non è iniziato in un momento ben preciso dopo o prima aver fatto una determinata cosa altrimenti sarebbe stato facile anche per me. E' iniziato all'improvviso un paio di settimane fa. Cosa ti posso dire di più?
Torna in alto
 
davix
Inviato: Friday, July 22, 2011 3:32:05 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
vale1976 ha scritto:
Io attendo i pareri ma non dovete litigare.



Vale, sono intervenuto in questa discussione UNICAMENTE nel tuo interesse, onde evitarti magheggiamenti inoppurtuni!

Sei tu che lo dovresti spedire a Mago Merlino!


vale1976 ha scritto:

E magari rispondere alle mie domande, stupide o meno che siano.

Io credo che in tutti i forum capitino persone NON esperte come me, perchè è lo scopo dei forum è aiutare proprio quelle persone, no?

Quelli bravi le cose se le risolvono da soli, penso.

Io continuo comunque a ringraziarvi e vi prego di farci caso.
Torna in alto
 
davix
Inviato: Friday, July 22, 2011 3:33:57 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
vale1976 ha scritto:
PER DARIX: purtroppo il mio problema non è iniziato in un momento ben preciso dopo o prima aver fatto una determinata cosa altrimenti sarebbe stato facile anche per me. E' iniziato all'improvviso un paio di settimane fa. Cosa ti posso dire di più?



Ascolta, aspetta qualcuno dei responsabili indicati nella lista.

Ciao Speak to the hand
Torna in alto
 
vale1976
Inviato: Friday, July 22, 2011 3:38:46 PM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
Mago Merlino? Che vuol dire? Spedire cosa? Non capisco la tua ironia, perdonami...Darix, perchè ti ho offeso? Sto continuando a postare proprio per evitare questo!!!!!! Ho chiesto se quel programma Combofix poteva già avermi fatto dei danni, immagino possa essere una domanda stupida per te ma per me non lo è, tutto qui. Se aver fatto una domanda come la mia crea tutte queste discussioni smetto subito ma mi sembra di non aver davvero offeso nessuno anzi.
Mi sono rivolta qui perchè so che è gestito da persone molto in gamba che in passato mi sono state d'aiuto in maniera egregia. E lo credo ancora.
Torna in alto
 
r16
Inviato: Friday, July 22, 2011 7:17:46 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
@vale1976:

Ripartiamo dall'inizio.

1)Disistalla Spyware Terminator.

2)Vedi se riesci a fare questa scansione:
Scarica TDSSKiller.zip sul desktop:
http://support.kaspersky.com/viruses/solutions?qid=208280684
Estrai i dati in una cartella e fai doppio clik su TDSSKiller.exe
clicca su "Start Scan"
Se trova qualche infezione di default avrai l'opzione "Cure" per cui, clicca su "Continue".
Se un file sospetto viene trovato,l'azione di default sarà skip,clicca su "Continue".
Se è richiesto il riavvio,(Reboot) acconsenti. (per eliminare l'infezione è necessario riavviare il pc)
Se nessun riavvio è richiesto clicca su report e salva il contenuto in un file di testo.
Il log lo trovi in C:\
Postalo qui.

3)Poi fai questa scansione:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Elimina gli eventuali file infetti trovati.
Posta il log.
Torna in alto
 
davix
Inviato: Friday, July 22, 2011 9:38:40 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
Salve R16,

come hai visto, mi sono intromesso in questa discussione per la piega Silenced che stava prendendo.

Dalle prime parziali informazioni che Vale ci dava sembrava esserci un conflitto software, anche perchè come si vede da immagine veniva coinvolto msmpeng.exe :


[/URL]"/>


Poi, analizzato meglio il log HJT e ricevute altre info da Valentina ho capito che la situazione è più... complicata, e mi son fermato.

Buon lavoro Speak to the hand
Torna in alto
 
vale1976
Inviato: Monday, July 25, 2011 9:37:24 AM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
OK R16 faccio il tutto, posto quello che hai chiesto e attendo. Grazie.
Torna in alto
 
vale1976
Inviato: Monday, July 25, 2011 2:13:46 PM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
@r16: fatte le scansioni che mi hai chiesto, i due programmi non hanno trovato nulla, ti posto i log:

TDSKILLER

2011/07/25 10:02:13.0515 0364 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/25 10:02:14.0015 0364 ================================================================================
2011/07/25 10:02:14.0015 0364 SystemInfo:
2011/07/25 10:02:14.0015 0364
2011/07/25 10:02:14.0015 0364 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/25 10:02:14.0015 0364 Product type: Workstation
2011/07/25 10:02:14.0015 0364 ComputerName: PINO
2011/07/25 10:02:14.0015 0364 UserName: Valentina
2011/07/25 10:02:14.0031 0364 Windows directory: C:\WINDOWS
2011/07/25 10:02:14.0031 0364 System windows directory: C:\WINDOWS
2011/07/25 10:02:14.0031 0364 Processor architecture: Intel x86
2011/07/25 10:02:14.0031 0364 Number of processors: 1
2011/07/25 10:02:14.0031 0364 Page size: 0x1000
2011/07/25 10:02:14.0031 0364 Boot type: Normal boot
2011/07/25 10:02:14.0031 0364 ================================================================================
2011/07/25 10:02:15.0484 0364 Initialize success
2011/07/25 10:02:38.0953 3424 ================================================================================
2011/07/25 10:02:38.0953 3424 Scan started
2011/07/25 10:02:38.0953 3424 Mode: Manual;
2011/07/25 10:02:38.0953 3424 ================================================================================
2011/07/25 10:02:39.0859 3424 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/25 10:02:40.0140 3424 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/25 10:02:40.0609 3424 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/25 10:02:40.0843 3424 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/25 10:02:41.0140 3424 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/07/25 10:02:43.0281 3424 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/25 10:02:43.0765 3424 atapi (95b858761a00e1d4f81f79a0da019aca) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/25 10:02:44.0234 3424 ati2mtag (26fa97bba8105f5ce7ece5111216a22e) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/07/25 10:02:44.0484 3424 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/25 10:02:44.0718 3424 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\WINDOWS\system32\drivers\ATMhelpr.sys
2011/07/25 10:02:44.0968 3424 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/25 10:02:45.0218 3424 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/25 10:02:45.0593 3424 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/25 10:02:46.0031 3424 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/25 10:02:46.0265 3424 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/25 10:02:46.0515 3424 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/25 10:02:47.0328 3424 cmuda (184e5a39186191b355d930029d30cd44) C:\WINDOWS\system32\drivers\cmuda.sys
2011/07/25 10:02:48.0250 3424 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/25 10:02:48.0531 3424 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/25 10:02:49.0000 3424 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/25 10:02:49.0234 3424 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/25 10:02:49.0468 3424 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/25 10:02:49.0953 3424 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/25 10:02:50.0234 3424 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/25 10:02:50.0484 3424 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/25 10:02:50.0734 3424 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/25 10:02:50.0968 3424 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/25 10:02:51.0218 3424 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/25 10:02:51.0468 3424 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/25 10:02:51.0718 3424 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/25 10:02:51.0953 3424 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/07/25 10:02:52.0187 3424 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/25 10:02:52.0468 3424 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/25 10:02:52.0937 3424 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/25 10:02:53.0609 3424 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/25 10:02:53.0890 3424 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/25 10:02:54.0609 3424 intelppm (ebd830a0970c438047006a49c23e287f) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/25 10:02:54.0843 3424 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/25 10:02:55.0078 3424 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/25 10:02:55.0312 3424 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/25 10:02:55.0546 3424 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/25 10:02:55.0781 3424 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/25 10:02:56.0015 3424 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/25 10:02:56.0265 3424 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/25 10:02:56.0500 3424 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/25 10:02:56.0750 3424 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/25 10:02:57.0000 3424 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/25 10:02:57.0468 3424 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\WINDOWS\system32\DRIVERS\lgbtport.sys
2011/07/25 10:02:57.0718 3424 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
2011/07/25 10:02:57.0953 3424 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
2011/07/25 10:02:58.0265 3424 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/25 10:02:58.0500 3424 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/25 10:02:58.0750 3424 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/25 10:02:58.0984 3424 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/25 10:02:59.0203 3424 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/25 10:02:59.0500 3424 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/07/25 10:02:59.0640 3424 MpKsl33f26afa (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{CFB56B4C-7D55-4CD8-8A97-17E703AA1E6E}\MpKsl33f26afa.sys
2011/07/25 10:03:00.0328 3424 MQAC (eee50bf24caeedb515a8f3b22756d3bb) C:\WINDOWS\system32\drivers\mqac.sys
2011/07/25 10:03:00.0750 3424 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/25 10:03:01.0000 3424 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/25 10:03:01.0406 3424 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/25 10:03:01.0625 3424 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/25 10:03:02.0359 3424 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/25 10:03:02.0781 3424 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/25 10:03:03.0468 3424 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/25 10:03:04.0140 3424 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
2011/07/25 10:03:05.0031 3424 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/25 10:03:05.0625 3424 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/25 10:03:06.0187 3424 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/25 10:03:06.0703 3424 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/25 10:03:07.0375 3424 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/25 10:03:08.0296 3424 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/25 10:03:09.0375 3424 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/25 10:03:10.0171 3424 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/25 10:03:11.0031 3424 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/25 10:03:11.0750 3424 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/25 10:03:12.0984 3424 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/25 10:03:13.0515 3424 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/25 10:03:14.0062 3424 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/25 10:03:14.0671 3424 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/25 10:03:15.0281 3424 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/25 10:03:16.0000 3424 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/25 10:03:16.0625 3424 PCANDIS5 (d0084a9ade989fe703e4f22171f4e4dc) C:\WINDOWS\system32\PCANDIS5.SYS
2011/07/25 10:03:17.0156 3424 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/25 10:03:18.0265 3424 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/25 10:03:19.0031 3424 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/25 10:03:20.0609 3424 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/25 10:03:20.0828 3424 Processor (b479f50e883b2297a5f7f212aaee6f6c) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/25 10:03:21.0078 3424 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/25 10:03:21.0296 3424 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/25 10:03:21.0531 3424 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/25 10:03:22.0750 3424 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/25 10:03:22.0968 3424 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/25 10:03:23.0187 3424 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/25 10:03:23.0406 3424 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/25 10:03:23.0640 3424 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/25 10:03:23.0875 3424 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/25 10:03:24.0109 3424 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/25 10:03:24.0343 3424 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/25 10:03:24.0593 3424 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/25 10:03:24.0859 3424 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
2011/07/25 10:03:25.0109 3424 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/25 10:03:25.0390 3424 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/25 10:03:25.0625 3424 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/25 10:03:25.0859 3424 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/25 10:03:26.0140 3424 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/25 10:03:26.0875 3424 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/25 10:03:27.0109 3424 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/25 10:03:27.0343 3424 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/25 10:03:27.0609 3424 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/25 10:03:27.0812 3424 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/25 10:03:28.0453 3424 SYMDNS (1f0a3f93fecba6e873e75ac34538708b) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
2011/07/25 10:03:28.0687 3424 SymEvent (9351e17b2c6055cb0df442e54e5c1961) C:\WINDOWS\system32\drivers\SymEvent.sys
2011/07/25 10:03:28.0921 3424 SYMFW (ca212638c07f7a1736667319589f416e) C:\WINDOWS\System32\Drivers\SYMFW.SYS
2011/07/25 10:03:29.0140 3424 SYMIDS (83a0415ab669afe9f2b7fccc52f23153) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
2011/07/25 10:03:29.0562 3424 SYMNDIS (2a8ebb694d702d91d8046b31c3da2220) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
2011/07/25 10:03:29.0765 3424 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2011/07/25 10:03:29.0984 3424 SYMTDI (b4562798891dca27ed67ca07acbadbd9) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2011/07/25 10:03:30.0625 3424 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/25 10:03:30.0875 3424 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/25 10:03:31.0156 3424 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/25 10:03:31.0390 3424 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/25 10:03:31.0625 3424 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/25 10:03:32.0109 3424 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/25 10:03:32.0562 3424 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/25 10:03:32.0968 3424 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/07/25 10:03:33.0187 3424 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/07/25 10:03:33.0421 3424 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/25 10:03:33.0640 3424 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/25 10:03:33.0859 3424 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/07/25 10:03:34.0078 3424 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/25 10:03:34.0296 3424 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/25 10:03:34.0515 3424 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/25 10:03:34.0718 3424 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/25 10:03:35.0062 3424 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/25 10:03:35.0546 3424 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/25 10:03:35.0781 3424 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/25 10:03:36.0218 3424 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/25 10:03:36.0500 3424 wlags51b (e1b61c5df1df48d77867b94ce298f513) C:\WINDOWS\system32\DRIVERS\wlags51b.sys
2011/07/25 10:03:36.0718 3424 WLAN FVNETusb(R) (185f3f0ecb4e65b774f9d54880f88c8e) C:\WINDOWS\system32\DRIVERS\vnetusbr.sys
2011/07/25 10:03:37.0140 3424 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/25 10:03:37.0875 3424 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/07/25 10:03:38.0609 3424 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/25 10:03:38.0828 3424 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/25 10:03:39.0078 3424 xmasbus (ddd8286b88fe764ad2a8bd171e7b569a) C:\WINDOWS\system32\DRIVERS\xmasbus.sys
2011/07/25 10:03:39.0296 3424 xmasscsi (4059ad5e639fa47e334304cbe82e9572) C:\WINDOWS\system32\Drivers\xmasscsi.sys
2011/07/25 10:03:39.0359 3424 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
2011/07/25 10:03:39.0546 3424 Boot (0x1200) (7c0d0e2ecb7a6080e276249827254ea8) \Device\Harddisk0\DR0\Partition0
2011/07/25 10:03:39.0562 3424 ================================================================================
2011/07/25 10:03:39.0562 3424 Scan finished
2011/07/25 10:03:39.0562 3424 ================================================================================
2011/07/25 10:03:39.0593 3252 Detected object count: 0
2011/07/25 10:03:39.0593 3252 Actual detected object count: 0
2011/07/25 10:07:28.0875 2680 Deinitialize success



MALWAREBYTES' ANTI-MALWARE

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Versione database: 7270

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25/07/2011 14.00.10
mbam-log-2011-07-25 (14-00-10).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 323468
Tempo impiegato: 3 ore, 44 minuti, 58 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)


ATTENDO TUE ISTRUZIONI. GRAZIE DELLA PAZIENZA.

VALE

P.S. DA STAMANI MI HA RIFATTO LO SCHERZETTO DI NON APRIRMI I PROGRAMMI GIA' TRE VOLTE, DOPO LE SCANSIONI HO DOVUTO SEMPRE RIAVVIARE, NON MI APRIVA I LOG.
Torna in alto
 
davix
Inviato: Monday, July 25, 2011 3:09:37 PM

Rank: AiutAmico

Iscritto dal : 2/4/2011
Posts: 4,135
r16 ha scritto:
@vale1976:

Ripartiamo dall'inizio.

1)Disistalla Spyware Terminator.





Non hai detto nulla in proposito Think
Torna in alto
 
ventodelnord
Inviato: Monday, July 25, 2011 3:24:05 PM

Rank: AiutAmico

Iscritto dal : 7/20/2011
Posts: 51
vale1976 ha scritto:
Io attendo i pareri ma non dovete litigare. E magari rispondere alle mie domande, stupide o meno che siano.

Io credo che in tutti i forum capitino persone NON esperte come me, perchè è lo scopo dei forum è aiutare proprio quelle persone, no?

Quelli bravi le cose se le risolvono da soli, penso.

Io continuo comunque a ringraziarvi e vi prego di farci caso.


Il problema non sei tu. Purtroppo sei capitata nelle mani di incapaci litigiosi che hanno solo la sfrontatezza di mettersi in evidenza a tutti i costi a spese altrui.
Torna in alto
 
r16
Inviato: Monday, July 25, 2011 7:04:28 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
@vale1976

Segui senza paura queste indicazioni per scaricare Combofix:
Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Se il pc non si riavvia da solo, riavvialo tu.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.
Torna in alto
 
vale1976
Inviato: Tuesday, July 26, 2011 8:32:23 AM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
@r16: come si disabilita Microsoft Security Essentials? Ho provato anche dal Task Manager ma si riattiva da solo!!!!
Torna in alto
 
ventodelnord
Inviato: Tuesday, July 26, 2011 8:37:22 AM

Rank: AiutAmico

Iscritto dal : 7/20/2011
Posts: 51
vale1976 ha scritto:
@r16: come si disabilita Microsoft Security Essentials? Ho provato anche dal Task Manager ma si riattiva da solo!!!!


Lo apri , Impostazioni > protezione in tempo reale.
Togli la spunta e salva le modifiche.
Ciao
Torna in alto
 
vale1976
Inviato: Tuesday, July 26, 2011 10:09:12 AM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
@ventodelnord: GRAZIE MILLE! ;-))

@R16: FATTO. ECCO IL LOG DI COMBOFIX:

ComboFix 11-07-26.01 - Valentina 26/07/2011 9.33.48.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1791.1289 [GMT 2:00]
Eseguito da: c:\documents and settings\Valentina\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0410.exe
c:\windows\system32\_003964_.tmp.dll
c:\windows\system32\_003970_.tmp.dll
c:\windows\system32\_003971_.tmp.dll
c:\windows\system32\_003972_.tmp.dll
c:\windows\system32\_003973_.tmp.dll
c:\windows\system32\_003980_.tmp.dll
c:\windows\system32\_003981_.tmp.dll
c:\windows\system32\_003982_.tmp.dll
c:\windows\system32\_003984_.tmp.dll
c:\windows\system32\_003985_.tmp.dll
c:\windows\system32\_003988_.tmp.dll
c:\windows\system32\_003989_.tmp.dll
c:\windows\system32\_003991_.tmp.dll
c:\windows\system32\_003992_.tmp.dll
c:\windows\system32\_003993_.tmp.dll
c:\windows\system32\_003995_.tmp.dll
c:\windows\system32\_003998_.tmp.dll
c:\windows\system32\_003999_.tmp.dll
c:\windows\system32\_004001_.tmp.dll
c:\windows\system32\_004002_.tmp.dll
c:\windows\system32\_004003_.tmp.dll
c:\windows\system32\_004004_.tmp.dll
c:\windows\system32\_004005_.tmp.dll
c:\windows\system32\_004006_.tmp.dll
c:\windows\system32\_004007_.tmp.dll
c:\windows\system32\_004008_.tmp.dll
c:\windows\system32\_004009_.tmp.dll
c:\windows\system32\_004012_.tmp.dll
c:\windows\system32\_004013_.tmp.dll
c:\windows\system32\_004014_.tmp.dll
c:\windows\system32\_004015_.tmp.dll
c:\windows\system32\_004018_.tmp.dll
c:\windows\system32\_004019_.tmp.dll
c:\windows\system32\_004020_.tmp.dll
c:\windows\system32\_004021_.tmp.dll
c:\windows\system32\_004022_.tmp.dll
c:\windows\system32\_004025_.tmp.dll
c:\windows\system32\_004026_.tmp.dll
c:\windows\system32\_004027_.tmp.dll
c:\windows\system32\_004028_.tmp.dll
c:\windows\system32\_004030_.tmp.dll
c:\windows\system32\_004031_.tmp.dll
c:\windows\system32\_004034_.tmp.dll
c:\windows\system32\_004035_.tmp.dll
c:\windows\system32\_004037_.tmp.dll
c:\windows\system32\_004038_.tmp.dll
c:\windows\system32\_004039_.tmp.dll
c:\windows\system32\_004041_.tmp.dll
c:\windows\system32\_004042_.tmp.dll
c:\windows\system32\_004043_.tmp.dll
c:\windows\system32\_004044_.tmp.dll
c:\windows\system32\_004045_.tmp.dll
c:\windows\system32\_004049_.tmp.dll
c:\windows\system32\_004050_.tmp.dll
c:\windows\system32\_004052_.tmp.dll
c:\windows\system32\_004054_.tmp.dll
c:\windows\system32\_004055_.tmp.dll
c:\windows\system32\_004058_.tmp.dll
c:\windows\system32\_004059_.tmp.dll
c:\windows\system32\_004060_.tmp.dll
c:\windows\system32\_004061_.tmp.dll
c:\windows\system32\_004064_.tmp.dll
c:\windows\system32\_004065_.tmp.dll
c:\windows\system32\_004066_.tmp.dll
c:\windows\system32\_004067_.tmp.dll
c:\windows\system32\_004068_.tmp.dll
c:\windows\system32\_004073_.tmp.dll
c:\windows\system32\_004140_.tmp.dll
c:\windows\system32\_004141_.tmp.dll
c:\windows\system32\_004142_.tmp.dll
c:\windows\system32\_004143_.tmp.dll
c:\windows\system32\_004150_.tmp.dll
c:\windows\system32\_004151_.tmp.dll
c:\windows\system32\_004152_.tmp.dll
c:\windows\system32\_004154_.tmp.dll
c:\windows\system32\_004155_.tmp.dll
c:\windows\system32\_004158_.tmp.dll
c:\windows\system32\_004159_.tmp.dll
c:\windows\system32\_004160_.tmp.dll
c:\windows\system32\_004161_.tmp.dll
c:\windows\system32\_004162_.tmp.dll
c:\windows\system32\_004163_.tmp.dll
c:\windows\system32\_004164_.tmp.dll
c:\windows\system32\_004165_.tmp.dll
c:\windows\system32\_004166_.tmp.dll
c:\windows\system32\_004167_.tmp.dll
c:\windows\system32\_004168_.tmp.dll
c:\windows\system32\_004169_.tmp.dll
c:\windows\system32\_004170_.tmp.dll
c:\windows\system32\_004173_.tmp.dll
c:\windows\system32\_004174_.tmp.dll
c:\windows\system32\_004176_.tmp.dll
c:\windows\system32\_004178_.tmp.dll
c:\windows\system32\_004179_.tmp.dll
c:\windows\system32\_004180_.tmp.dll
c:\windows\system32\_004181_.tmp.dll
c:\windows\system32\_004182_.tmp.dll
c:\windows\system32\_004183_.tmp.dll
c:\windows\system32\_004184_.tmp.dll
c:\windows\system32\_004185_.tmp.dll
c:\windows\system32\_004186_.tmp.dll
c:\windows\system32\_004187_.tmp.dll
c:\windows\system32\_004188_.tmp.dll
c:\windows\system32\_004189_.tmp.dll
c:\windows\system32\_004190_.tmp.dll
c:\windows\system32\_004191_.tmp.dll
c:\windows\system32\_004192_.tmp.dll
c:\windows\system32\_004193_.tmp.dll
c:\windows\system32\_004194_.tmp.dll
c:\windows\system32\_004195_.tmp.dll
c:\windows\system32\_004196_.tmp.dll
c:\windows\system32\_004197_.tmp.dll
c:\windows\system32\_004199_.tmp.dll
c:\windows\system32\_004200_.tmp.dll
c:\windows\system32\_004201_.tmp.dll
c:\windows\system32\_004203_.tmp.dll
c:\windows\system32\_004204_.tmp.dll
c:\windows\system32\_004205_.tmp.dll
c:\windows\system32\_004207_.tmp.dll
c:\windows\system32\_004208_.tmp.dll
c:\windows\system32\_004209_.tmp.dll
c:\windows\system32\_004210_.tmp.dll
c:\windows\system32\_004211_.tmp.dll
c:\windows\system32\_004215_.tmp.dll
c:\windows\system32\_004216_.tmp.dll
c:\windows\system32\_004217_.tmp.dll
c:\windows\system32\_004218_.tmp.dll
c:\windows\system32\_004219_.tmp.dll
c:\windows\system32\_004220_.tmp.dll
c:\windows\system32\_004221_.tmp.dll
c:\windows\system32\_004222_.tmp.dll
c:\windows\system32\_004224_.tmp.dll
c:\windows\system32\_004225_.tmp.dll
c:\windows\system32\_004226_.tmp.dll
c:\windows\system32\_004227_.tmp.dll
c:\windows\system32\_004228_.tmp.dll
c:\windows\system32\_004230_.tmp.dll
c:\windows\system32\_004231_.tmp.dll
c:\windows\system32\_004232_.tmp.dll
c:\windows\system32\_004233_.tmp.dll
c:\windows\system32\_004234_.tmp.dll
c:\windows\system32\_004236_.tmp.dll
c:\windows\system32\_004237_.tmp.dll
c:\windows\system32\_004239_.tmp.dll
c:\windows\system32\_004240_.tmp.dll
c:\windows\system32\_004241_.tmp.dll
c:\windows\system32\_004242_.tmp.dll
c:\windows\system32\_004243_.tmp.dll
c:\windows\system32\_004244_.tmp.dll
c:\windows\system32\_004245_.tmp.dll
c:\windows\system32\_004246_.tmp.dll
c:\windows\system32\_004247_.tmp.dll
c:\windows\system32\_004248_.tmp.dll
c:\windows\system32\_004249_.tmp.dll
c:\windows\system32\_004250_.tmp.dll
c:\windows\system32\_004251_.tmp.dll
c:\windows\system32\_004252_.tmp.dll
c:\windows\system32\_004253_.tmp.dll
c:\windows\system32\_004254_.tmp.dll
c:\windows\system32\_004255_.tmp.dll
c:\windows\system32\_004256_.tmp.dll
c:\windows\system32\_004257_.tmp.dll
c:\windows\system32\_004258_.tmp.dll
c:\windows\system32\_004260_.tmp.dll
c:\windows\system32\_004261_.tmp.dll
c:\windows\system32\_004262_.tmp.dll
c:\windows\system32\_004263_.tmp.dll
c:\windows\system32\_004264_.tmp.dll
c:\windows\system32\_004265_.tmp.dll
c:\windows\system32\_004266_.tmp.dll
c:\windows\system32\_004267_.tmp.dll
c:\windows\system32\_004268_.tmp.dll
c:\windows\system32\_004270_.tmp.dll
c:\windows\system32\_004271_.tmp.dll
c:\windows\system32\_004272_.tmp.dll
c:\windows\system32\_004273_.tmp.dll
c:\windows\system32\_004274_.tmp.dll
c:\windows\system32\_004275_.tmp.dll
c:\windows\system32\_004276_.tmp.dll
c:\windows\system32\_004277_.tmp.dll
c:\windows\system32\_004278_.tmp.dll
c:\windows\system32\_004279_.tmp.dll
c:\windows\system32\_004280_.tmp.dll
c:\windows\system32\_004281_.tmp.dll
c:\windows\system32\_004282_.tmp.dll
c:\windows\system32\_004283_.tmp.dll
c:\windows\system32\_004284_.tmp.dll
c:\windows\system32\_004285_.tmp.dll
c:\windows\system32\_004286_.tmp.dll
c:\windows\system32\_004287_.tmp.dll
c:\windows\system32\_004288_.tmp.dll
c:\windows\system32\_004289_.tmp.dll
c:\windows\system32\_004290_.tmp.dll
c:\windows\system32\_004291_.tmp.dll
c:\windows\system32\_004293_.tmp.dll
c:\windows\system32\_004294_.tmp.dll
c:\windows\system32\_004296_.tmp.dll
c:\windows\system32\_004297_.tmp.dll
c:\windows\system32\_004298_.tmp.dll
c:\windows\system32\_004299_.tmp.dll
c:\windows\system32\_004301_.tmp.dll
c:\windows\system32\_004302_.tmp.dll
c:\windows\system32\_004303_.tmp.dll
c:\windows\system32\_004304_.tmp.dll
c:\windows\system32\_004305_.tmp.dll
c:\windows\system32\_004306_.tmp.dll
c:\windows\system32\_004308_.tmp.dll
c:\windows\system32\_004309_.tmp.dll
c:\windows\system32\_004310_.tmp.dll
c:\windows\system32\_004311_.tmp.dll
c:\windows\system32\_004312_.tmp.dll
c:\windows\system32\_004313_.tmp.dll
c:\windows\system32\_004314_.tmp.dll
c:\windows\system32\_004315_.tmp.dll
c:\windows\system32\_004316_.tmp.dll
c:\windows\system32\_004318_.tmp.dll
c:\windows\system32\_004319_.tmp.dll
c:\windows\system32\_004320_.tmp.dll
c:\windows\system32\_004321_.tmp.dll
c:\windows\system32\_004323_.tmp.dll
c:\windows\system32\_004324_.tmp.dll
c:\windows\system32\_004325_.tmp.dll
c:\windows\system32\_004326_.tmp.dll
c:\windows\system32\_004327_.tmp.dll
c:\windows\system32\_004328_.tmp.dll
c:\windows\system32\_004329_.tmp.dll
c:\windows\system32\_004330_.tmp.dll
c:\windows\system32\_004331_.tmp.dll
c:\windows\system32\_004333_.tmp.dll
c:\windows\system32\_004335_.tmp.dll
c:\windows\system32\_004336_.tmp.dll
c:\windows\system32\_004337_.tmp.dll
c:\windows\system32\_004338_.tmp.dll
c:\windows\system32\_004339_.tmp.dll
c:\windows\system32\_004344_.tmp.dll
c:\windows\system32\_004346_.tmp.dll
c:\windows\system32\_006102_.tmp.dll
c:\windows\system32\_006103_.tmp.dll
c:\windows\system32\_006104_.tmp.dll
c:\windows\system32\_006105_.tmp.dll
c:\windows\system32\_006112_.tmp.dll
c:\windows\system32\_006113_.tmp.dll
c:\windows\system32\_006114_.tmp.dll
c:\windows\system32\_006115_.tmp.dll
c:\windows\system32\_006117_.tmp.dll
c:\windows\system32\_006118_.tmp.dll
c:\windows\system32\_006121_.tmp.dll
c:\windows\system32\_006122_.tmp.dll
c:\windows\system32\_006124_.tmp.dll
c:\windows\system32\_006125_.tmp.dll
c:\windows\system32\_006126_.tmp.dll
c:\windows\system32\_006128_.tmp.dll
c:\windows\system32\_006129_.tmp.dll
c:\windows\system32\_006131_.tmp.dll
c:\windows\system32\_006132_.tmp.dll
c:\windows\system32\_006136_.tmp.dll
c:\windows\system32\_006137_.tmp.dll
c:\windows\system32\_006139_.tmp.dll
c:\windows\system32\_006141_.tmp.dll
c:\windows\system32\_006142_.tmp.dll
c:\windows\system32\_006145_.tmp.dll
c:\windows\system32\_006146_.tmp.dll
c:\windows\system32\_006147_.tmp.dll
c:\windows\system32\_006148_.tmp.dll
c:\windows\system32\_006149_.tmp.dll
c:\windows\system32\_006152_.tmp.dll
c:\windows\system32\_006153_.tmp.dll
c:\windows\system32\_006154_.tmp.dll
c:\windows\system32\_006155_.tmp.dll
c:\windows\system32\_006156_.tmp.dll
c:\windows\system32\_006161_.tmp.dll
c:\windows\system32\_007618_.tmp.dll
c:\windows\system32\_007785_.tmp.dll
c:\windows\system32\_007786_.tmp.dll
c:\windows\system32\_007787_.tmp.dll
c:\windows\system32\_007788_.tmp.dll
c:\windows\system32\_007795_.tmp.dll
c:\windows\system32\_007796_.tmp.dll
c:\windows\system32\_007797_.tmp.dll
c:\windows\system32\_007799_.tmp.dll
c:\windows\system32\_007800_.tmp.dll
c:\windows\system32\_007803_.tmp.dll
c:\windows\system32\_007804_.tmp.dll
c:\windows\system32\_007806_.tmp.dll
c:\windows\system32\_007807_.tmp.dll
c:\windows\system32\_007808_.tmp.dll
c:\windows\system32\_007810_.tmp.dll
c:\windows\system32\_007812_.tmp.dll
c:\windows\system32\_007813_.tmp.dll
c:\windows\system32\_007814_.tmp.dll
c:\windows\system32\_007818_.tmp.dll
c:\windows\system32\_007819_.tmp.dll
c:\windows\system32\_007821_.tmp.dll
c:\windows\system32\_007823_.tmp.dll
c:\windows\system32\_007824_.tmp.dll
c:\windows\system32\_007827_.tmp.dll
c:\windows\system32\_007829_.tmp.dll
c:\windows\system32\_007830_.tmp.dll
c:\windows\system32\_007833_.tmp.dll
c:\windows\system32\_007834_.tmp.dll
c:\windows\system32\_007835_.tmp.dll
c:\windows\system32\_007836_.tmp.dll
c:\windows\system32\_007837_.tmp.dll
c:\windows\system32\_007842_.tmp.dll
c:\windows\system32\_007844_.tmp.dll
c:\windows\system32\ctfmon(2).exe
c:\windows\unin0410.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-06-26 al 2011-07-26 )))))))))))))))))))))))))))))))))))
.
.
2011-07-26 06:42 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{ADBE4ABF-6157-45C8-AA29-6EC75B9E147F}\mpengine.dll
2011-07-25 08:13 . 2011-07-25 08:13 -------- d-----w- c:\documents and settings\Valentina\Dati applicazioni\Malwarebytes
2011-07-25 08:13 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 08:13 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-25 08:13 . 2011-07-25 08:13 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-07-22 12:44 . 2011-07-22 12:44 388096 ----a-r- c:\documents and settings\Valentina\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-22 12:43 . 2011-07-22 12:43 -------- d-----w- c:\programmi\Trend Micro
2011-07-20 09:52 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-07-20 09:52 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-07-20 09:44 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-07-20 09:41 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-07-20 09:28 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-07-18 13:44 . 2008-04-13 17:13 10752 ----a-w- c:\windows\system32\SET1130.tmp
2011-07-18 13:44 . 2008-04-13 17:13 9728 ----a-w- c:\windows\system32\SET1132.tmp
2011-07-18 13:44 . 2008-04-13 17:13 229376 ----a-w- c:\windows\system32\SET1118.tmp
2011-07-18 13:44 . 2008-04-13 17:13 201728 ----a-w- c:\windows\system32\SET1116.tmp
2011-07-18 13:44 . 2008-04-13 17:13 870784 ----a-w- c:\windows\system32\SET1115.tmp
2011-07-18 13:43 . 2008-04-13 17:13 16896 ----a-w- c:\windows\system32\SET10EA.tmp
2011-07-18 13:43 . 2008-04-13 17:12 177152 ----a-w- c:\windows\system32\SET10C0.tmp
2011-07-18 13:43 . 2008-04-13 17:13 539136 ----a-w- c:\windows\system32\SET10BE.tmp
2011-07-18 13:43 . 2008-04-13 09:40 449024 ----a-w- c:\windows\system32\SET10B4.tmp
2011-07-18 13:43 . 2008-04-13 09:37 2962432 ----a-w- c:\windows\system32\SET1097.tmp
2011-07-18 13:43 . 2008-04-13 17:13 354304 ----a-w- c:\windows\system32\SET1088.tmp
2011-07-18 13:43 . 2008-04-13 17:13 6656 ----a-w- c:\windows\system32\SET1080.tmp
2011-07-18 13:35 . 2008-04-13 17:13 472064 ----a-w- c:\windows\system32\wbem\SET76B.tmp
2011-07-18 13:34 . 2008-04-13 17:13 523776 ----a-w- c:\windows\system32\SET6A1.tmp
2011-07-18 13:33 . 2008-04-13 17:13 14336 ----a-w- c:\windows\system32\SET547.tmp
2011-07-18 13:32 . 2008-04-13 17:13 210944 ----a-w- c:\windows\system32\SET306.tmp
2011-07-18 13:28 . 2006-12-28 10:01 19569 ----a-w- c:\windows\003657_.tmp
2011-07-18 13:24 . 2009-02-09 10:51 683520 ----a-w- c:\windows\system32\advapi32.dll
2011-07-18 10:28 . 2011-07-18 10:28 -------- d-----w- c:\programmi\Defraggler
2011-07-18 09:24 . 2011-07-18 09:25 -------- d-----w- c:\programmi\CCleaner
2011-07-15 13:36 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-15 12:38 . 2008-04-13 17:13 10752 ----a-w- c:\windows\system32\SET1062.tmp
2011-07-15 12:38 . 2008-04-13 17:13 9728 ----a-w- c:\windows\system32\SET1064.tmp
2011-07-15 12:38 . 2008-04-13 17:13 229376 ----a-w- c:\windows\system32\SET104A.tmp
2011-07-15 12:38 . 2008-04-13 17:13 870784 ----a-w- c:\windows\system32\SET1047.tmp
2011-07-15 12:38 . 2008-04-13 17:13 201728 ----a-w- c:\windows\system32\SET1048.tmp
2011-07-15 12:37 . 2008-04-13 17:13 16896 ----a-w- c:\windows\system32\SET101B.tmp
2011-07-15 12:37 . 2008-04-13 17:12 177152 ----a-w- c:\windows\system32\SETFED.tmp
2011-07-15 12:37 . 2008-04-13 17:13 539136 ----a-w- c:\windows\system32\SETFEA.tmp
2011-07-15 12:37 . 2008-04-13 09:40 449024 ----a-w- c:\windows\system32\SETFDF.tmp
2011-07-15 12:37 . 2008-04-13 09:35 195072 ----a-w- c:\windows\system32\SETFC1.tmp
2011-07-15 12:37 . 2008-04-13 09:37 2962432 ----a-w- c:\windows\system32\SETFC0.tmp
2011-07-15 12:37 . 2008-04-13 17:13 354304 ----a-w- c:\windows\system32\SETFB3.tmp
2011-07-15 12:37 . 2008-04-13 17:13 6656 ----a-w- c:\windows\system32\SETFAB.tmp
2011-07-15 12:29 . 2008-04-13 17:13 43520 ----a-w- c:\windows\system32\SET79F.tmp
2011-07-15 12:29 . 2008-04-13 17:13 14336 ----a-w- c:\windows\system32\SET793.tmp
2011-07-15 12:29 . 2008-04-13 17:13 65024 ----a-w- c:\windows\system32\SET78B.tmp
2011-07-15 12:29 . 2008-04-13 17:13 133632 ----a-w- c:\windows\system32\SET78A.tmp
2011-07-15 12:29 . 2008-04-13 17:13 13312 ----a-w- c:\windows\system32\SET789.tmp
2011-07-15 12:29 . 2008-04-13 17:13 89088 ----a-w- c:\windows\system32\SET787.tmp
2011-07-15 12:29 . 2008-04-13 17:13 8192 ----a-w- c:\windows\system32\SET77F.tmp
2011-07-15 12:27 . 2008-04-13 17:14 44544 ----a-w- c:\windows\system32\SET61D.tmp
2011-07-15 12:26 . 2008-04-13 17:13 451584 ----a-w- c:\windows\system32\SET512.tmp
2011-07-15 12:25 . 2008-04-13 17:13 161792 ----a-w- c:\windows\system32\SET3CA.tmp
2011-07-15 12:24 . 2008-04-13 17:13 56320 ----a-w- c:\windows\system32\SET287.tmp
2011-07-15 12:20 . 2006-12-28 10:01 19569 ----a-w- c:\windows\003650_.tmp
2011-07-15 12:16 . 2004-08-04 06:00 71040 ----a-w- c:\windows\system32\drivers\_004156_.tmp.dll
2011-07-14 17:02 . 2011-07-15 11:31 323000872 ----a-w- C:\WindowsXP-KB936929-SP3-x86-ITA.exe
2011-07-14 16:10 . 2011-07-14 16:10 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2011-07-14 15:00 . 2004-08-04 06:00 71040 ----a-w- c:\windows\system32\drivers\_004136_.tmp.dll
2011-07-14 14:25 . 2011-07-14 14:25 -------- d-sh--w- c:\documents and settings\Angelo\PrivacIE
2011-07-14 12:47 . 2004-08-04 06:00 71040 ----a-w- c:\windows\system32\drivers\_004117_.tmp.dll
2011-07-14 12:01 . 2011-07-14 12:17 -------- d-----w- c:\documents and settings\Valentina\Dati applicazioni\FreeFileSync
2011-07-14 12:00 . 2011-07-14 12:00 -------- d-----w- c:\programmi\FreeFileSync
2011-07-14 11:40 . 2011-07-14 11:40 -------- d-----w- c:\documents and settings\Alessandro2\Impostazioni locali\Dati applicazioni\Temp
2011-07-14 11:40 . 2011-07-14 11:40 -------- d-sh--w- c:\documents and settings\Alessandro2\PrivacIE
2011-07-14 11:09 . 2011-07-14 11:09 -------- d-sh--w- c:\documents and settings\Alessandro2\IETldCache
2011-07-14 10:43 . 2011-07-14 10:44 -------- d-----w- c:\programmi\Microsoft Security Client
2011-07-12 12:03 . 2011-07-12 12:03 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-06-27 12:53 . 2011-06-27 12:53 -------- d-----w- c:\documents and settings\Valentina\Impostazioni locali\Dati applicazioni\PackageAware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-24 11:53 . 2011-06-24 11:53 66943 ----a-w- c:\documents and settings\Valentina\Dati applicazioni\mdbu.bin
2011-05-24 17:14 . 2009-11-18 11:22 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 02:52 . 2011-03-28 13:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2007-04-24 14:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2004-06-07 12:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\fc12fb9dc078edc471023573f97c4e40\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2003-04-08 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\drivers\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="c:\programmi\ATnotes\ATnotes.exe" [2005-01-05 1015808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-06-29 286720]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"MSC"="c:\programmi\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Valentina\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2004-7-16 113664]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Valentina^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
path=c:\documents and settings\Valentina\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Valentina^Menu Avvio^Programmi^Esecuzione automatica^IDrive Tray.lnk]
path=c:\documents and settings\Valentina\Menu Avvio\Programmi\Esecuzione automatica\IDrive Tray.lnk
backup=c:\windows\pss\IDrive Tray.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-06 10:55 35736 ----a-w- c:\programmi\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDriveE Startup]
2011-03-30 07:28 193992 ----a-w- c:\programmi\IDrive\IDrvieEStartup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\programmi\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Programmi\\CoffeeCup Software\\CoffeeCup Free FTP\\FreeFTP.exe"=
"c:\\WINDOWS\\system32\\jview.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [23/09/2004 15.36.37 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [23/09/2004 15.36.37 5248]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [03/06/2004 17.34.42 4064]
R2 IDriveE Service;IDriveE Service;c:\programmi\IDrive\IDriveE Service.exe [04/04/2011 14.19.11 153032]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 8.11.22 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 8.11.20 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 8.11.20 12928]
S1 MpKsl34244a56;MpKsl34244a56;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6558B2A0-7EE0-4BA9-BBBD-BBEDC7854477}\MpKsl34244a56.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6558B2A0-7EE0-4BA9-BBBD-BBEDC7854477}\MpKsl34244a56.sys [?]
S1 MpKsl41cdbded;MpKsl41cdbded;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{E48B9B9E-B9A2-41F0-A9DE-1FCF1FFB13E0}\MpKsl41cdbded.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{E48B9B9E-B9A2-41F0-A9DE-1FCF1FFB13E0}\MpKsl41cdbded.sys [?]
S1 MpKsl49dfd5eb;MpKsl49dfd5eb;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{CB442D63-123D-4F89-9C7F-0FA46E2F04AE}\MpKsl49dfd5eb.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{CB442D63-123D-4F89-9C7F-0FA46E2F04AE}\MpKsl49dfd5eb.sys [?]
S1 MpKsl69efc5d5;MpKsl69efc5d5;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{CB960C6B-0092-492B-82F6-754165D252D7}\MpKsl69efc5d5.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{CB960C6B-0092-492B-82F6-754165D252D7}\MpKsl69efc5d5.sys [?]
S1 MpKsl6f360538;MpKsl6f360538;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{5382376F-937F-484B-B55A-7A8D36731AF8}\MpKsl6f360538.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{5382376F-937F-484B-B55A-7A8D36731AF8}\MpKsl6f360538.sys [?]
S1 MpKsl8060130a;MpKsl8060130a;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{ADBE4ABF-6157-45C8-AA29-6EC75B9E147F}\MpKsl8060130a.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{ADBE4ABF-6157-45C8-AA29-6EC75B9E147F}\MpKsl8060130a.sys [?]
S1 MpKsl97fefa9a;MpKsl97fefa9a;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{8C994C38-DCBD-45DC-A190-B8B1C70EBEC9}\MpKsl97fefa9a.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{8C994C38-DCBD-45DC-A190-B8B1C70EBEC9}\MpKsl97fefa9a.sys [?]
S1 MpKsl99b52948;MpKsl99b52948;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{4237F952-0CD7-4316-B75B-A59D2F0D4C3B}\MpKsl99b52948.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{4237F952-0CD7-4316-B75B-A59D2F0D4C3B}\MpKsl99b52948.sys [?]
S1 MpKslb1ef37f6;MpKslb1ef37f6;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6A37E9F3-E500-46B8-ADFD-88995AFD3DC8}\MpKslb1ef37f6.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6A37E9F3-E500-46B8-ADFD-88995AFD3DC8}\MpKslb1ef37f6.sys [?]
S1 MpKslba66253d;MpKslba66253d;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6E248D31-8C07-4EB0-AA90-876428537468}\MpKslba66253d.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{6E248D31-8C07-4EB0-AA90-876428537468}\MpKslba66253d.sys [?]
S1 MpKslcd2fdebb;MpKslcd2fdebb;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{D363BCB6-0FA2-4EF8-BF54-E0CEFD7E76EE}\MpKslcd2fdebb.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{D363BCB6-0FA2-4EF8-BF54-E0CEFD7E76EE}\MpKslcd2fdebb.sys [?]
S1 MpKsld1207474;MpKsld1207474;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{E48B9B9E-B9A2-41F0-A9DE-1FCF1FFB13E0}\MpKsld1207474.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{E48B9B9E-B9A2-41F0-A9DE-1FCF1FFB13E0}\MpKsld1207474.sys [?]
S1 MpKsldf7260b2;MpKsldf7260b2;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{2996AD17-3F60-4E61-A480-8E7DF78334D2}\MpKsldf7260b2.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{2996AD17-3F60-4E61-A480-8E7DF78334D2}\MpKsldf7260b2.sys [?]
S1 MpKsle60726e0;MpKsle60726e0;\??\c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{8880B268-D45E-4AA1-A43D-28B9DFD0CC46}\MpKsle60726e0.sys --> c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{8880B268-D45E-4AA1-A43D-28B9DFD0CC46}\MpKsle60726e0.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13.16.28 130384]
S3 OKI OPHG DCS Loader;OKI OPHG DCS Loader;c:\windows\system32\spool\drivers\w32x86\3\OPHGLDCS.EXE [26/10/2007 13.53.46 24576]
S3 wlags51b;Wireless LAN USB Driver;c:\windows\system32\drivers\wlags51b.sys [03/06/2004 16.52.29 177664]
S3 WLAN FVNETusb(R);WLAN FVNETusb(R) Service for ATMEL USB FastVNET (AR);c:\windows\system32\drivers\vnetusbr.sys [24/01/2005 16.21.47 87168]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13.16.28 753504]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-04-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
2011-07-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mWindow Title =
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.forumswatcher.com/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Valentina\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\documents and settings\Valentina\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Search &Google - c:\programmi\RightClickGoogleSearchOpenSelectedURL\google.htm
IE: Translate this web page with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: Interfaces\{D641A1A8-A6B6-4625-A0A9-46D27DABF96F}: NameServer = 91.80.35.166,91.80.35.134
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
SafeBoot-55578816.sys
AddRemove-Adobe PhotoDeluxe Home Edition 3.0 - c:\windows\UNIN0410.EXE
AddRemove-Adobe Type Manager 4.0 - c:\windows\unin0410.exe
AddRemove-Canon PhotoStitch 3.1 - c:\windows\IsUn0410.exe
AddRemove-L&H Power Translator Pro 7.0 - c:\windows\ISUN0410.EXE
AddRemove-ZoomBrowserEXDeInstall - c:\windows\IsUn0410.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 09:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1292428093-725345543-1003\Software\Corel\WritingTools\9\User Word Lists\* ]
"Selected UWL"=hex:02,00
.
[HKEY_USERS\S-1-5-21-1715567821-1292428093-725345543-1003\Software\Corel\WritingTools\9\User Word Lists\* \Word List 0]
"Name"="c:\\Documents and Settings\\Valentina\\Documenti\\Corel User Files\\WT9‘.UWL"
"Enabled"=hex:01,00,00,00
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(1928)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\System32\msdtc.exe
c:\windows\System32\snmp.exe
c:\windows\system32\mqsvc.exe
c:\windows\system32\fxssvc.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2011-07-26 10:02:17 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-07-26 08:02
.
Pre-Run: 40.182.484.992 byte disponibili
Post-Run: 40.162.869.248 byte disponibili
.
- - End Of File - - 7F97BFFB8307C6FEFA479BD78612E628
Torna in alto
 
vale1976
Inviato: Tuesday, July 26, 2011 11:54:35 AM
Rank: Member

Iscritto dal : 10/23/2009
Posts: 25
@r16: purtroppo continuo ad avere il solito problema, per esempio adesso posso lavorare tranquillamente in word perchè è già aperto ma non mi fa trasformare il file sul quale sto lavorando in pdf, non mi fa aprire la posta e qualsiasi altro programma, devo come al solito riavviare...credimi è snervante.
Torna in alto
 
Utenti presenti in questo topic
Guest

4 pages: 1 [2] 3 4

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Programmi che non si aprono dopo un certo tempo - PC AZIENDALE!!!


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.