Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Non riesco a scaricare file con il download automatico da alcuni siti

2 pages: [1] 2
Non riesco a scaricare file con il download automatico da alcuni siti Opzioni
Topic Precedente · Topic Sucessivo
anny82
Inviato: Friday, October 08, 2010 10:45:19 AM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
Vi espongo in breve il problema.
2 giorni fa un amico mi ha installato sul pc dreamule (io nn ho mai avuto ne usato amule su questo pc), ha aperto la porta 4660 e 4670 sul router e ha fatto lo stesso nelle impostazioni del firewall. Dopodichè ha settato il programma.
Ho scaricato un film (benvenuti al sud), dopo questo download usando il browser firefox (ho fatto la prova in seguito anche su IE) quando cerco di scaricare alcuni file dal web mi dice il file nomefile.zip.part (NOTA: aggiunge al file l'estensione .part ke nn c'entra nulla col file) non può essere salvato in quanto nn è possibile leggere il file di origine. Contattare l'amministratore di sistema.

A questo punto ho provato a rimettere le cose come 2 giorni fa, ossia ho:
- disinstallato dreamule
- cancellato le porte aperte su router e firewall
- passato combofix (non si sa mai)
- passato ccleaner
- passato malwarebyte's
- ripristinato la configurazione di si sitema a 3 giorni fa

Dopo tutto ciò il problema persiste ma ho notato che se disattivo l'antivirus (io ho avast 5) me lo fa scaricare. La cosa è assurda perchè non ho mai avuto problemi nei download fin quando non ho messo questo maledetto amule.

Aiutatemi:(

Vi posto anche il log di Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.42.14, on 08/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\PLFSetI.exe
C:\Programmi\Acer\Acer Bio Protection\PdtWzd.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmi\Acer\Acer Bio Protection\PwdBank.exe
C:\Programmi\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\DOCUME~1\aNNuCCia\IMPOST~1\Temp\RtkBtMnt.exe
C:\Programmi\Acer\Acer Bio Protection\BASVC.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xsearch.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Programmi\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [TimMonitor] C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Programmi\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Programmi\File comuni\SPBA\homefus2.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Programmi\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Programmi\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Programmi\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe

--
End of file - 9465 bytes
Torna in alto
 
Sponsor
Inviato: Friday, October 08, 2010 10:45:19 AM

 
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 11:19:06 AM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
Perfavore aiutatemi :((((((((((((((((((((((
Torna in alto
 
cbbusto
Inviato: Friday, October 08, 2010 11:28:38 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
anny82 ha scritto:
Perfavore aiutatemi :((((((((((((((((((((((


Ciao, in attesa di alfonso che è sempre molto preso, fixa ed elimina questa voce:

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 11:38:25 AM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
mi spieghi bene quello che devo fare??? non ho capito
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 11:39:27 AM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
scusaaaa ho capito dicevi di fixarla su hijackthis... fatto fatto
Torna in alto
 
shapiro
Inviato: Friday, October 08, 2010 11:40:45 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao anny82 puoi postare il log di combofix?
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 11:44:40 AM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
ECCOLO...

ComboFix 10-10-07.01 - aNNuCCia 08/10/2010 2.10.33.11.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3001.2381 [GMT 2:00]
Eseguito da: c:\documents and settings\aNNuCCia\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2010-09-08 al 2010-10-08 )))))))))))))))))))))))))))))))))))
.

2010-10-07 23:04 . 2010-10-07 23:04 188152 ----a-w- c:\documents and settings\aNNuCCia\Dati applicazioni\Mozilla\Firefox\Profiles\24ryi1i5.default\FlashGot.exe
2010-10-07 22:22 . 2010-10-07 22:22 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-07 21:28 . 2010-10-07 22:21 -------- d-----w- C:\RECYCLER(2)
2010-10-07 21:21 . 2010-10-07 22:21 -------- d-----w- C:\ComboFix(2)
2010-10-06 22:04 . 2010-10-07 22:21 -------- d-----w- c:\documents and settings\aNNuCCia\Impostazioni locali\Dati applicazioni\eMule
2010-09-25 08:42 . 2010-09-25 08:42 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-09-18 09:13 . 2010-09-18 09:13 -------- d-----w- c:\programmi\QuickTime
2010-09-18 09:13 . 2010-09-18 09:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-09-08 18:20 . 2010-09-08 18:21 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\vlc

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-08 00:02 . 2010-01-23 16:30 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\mIRC
2010-10-07 23:25 . 2010-01-23 16:30 -------- d-----w- c:\programmi\mIRC
2010-10-07 22:31 . 2010-01-23 16:27 -------- d-----w- c:\programmi\CCleaner
2010-10-07 22:21 . 2010-01-23 14:45 12 ----a-w- c:\windows\bthservsdp.dat
2010-10-07 21:19 . 2010-02-04 14:17 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\Skype
2010-10-07 14:07 . 2010-01-24 12:03 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\skypePM
2010-10-06 22:57 . 2010-01-24 17:24 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\TeamViewer
2010-10-06 00:58 . 2008-09-05 08:14 544850 ----a-w- c:\windows\system32\perfh010.dat
2010-10-06 00:58 . 2008-09-05 08:14 106208 ----a-w- c:\windows\system32\perfc010.dat
2010-09-13 18:56 . 2010-01-23 16:45 -------- d-----w- c:\programmi\File comuni\Java
2010-09-13 18:56 . 2010-01-23 16:45 -------- d-----w- c:\programmi\Java
2010-09-07 15:12 . 2010-06-29 19:47 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-22 17:05 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-22 17:05 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-22 17:05 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-22 17:05 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-22 17:05 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-06-22 17:05 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-06-22 17:05 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-06-22 17:05 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-04 18:07 . 2010-09-04 18:07 -------- d-----w- c:\programmi\vanBasco's Karaoke Player
2010-09-01 20:26 . 2010-09-01 20:26 95544 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-17 13:17 . 2008-04-14 04:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 15:18 . 2010-08-16 15:18 -------- d-----w- c:\documents and settings\aNNuCCia\Dati applicazioni\NCH Swift Sound
2010-08-16 15:18 . 2010-08-09 15:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NCH Swift Sound
2010-08-12 20:52 . 2010-02-14 12:46 1 ----a-w- c:\documents and settings\aNNuCCia\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-09 15:18 . 2010-08-09 15:17 -------- d-----w- c:\programmi\NCH Swift Sound
2010-07-22 15:48 . 2008-04-14 04:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
.

((((((((((((((((((((((((((((( SnapShot_2010-08-13_21.31.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-07 22:28 . 2010-10-07 22:28 16384 c:\windows\Temp\Perflib_Perfdata_378.dat
+ 2008-03-27 10:40 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
- 2008-03-27 10:40 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2008-09-05 08:14 . 2010-10-06 00:58 89676 c:\windows\system32\perfc009.dat
+ 2008-04-14 04:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2006-11-13 12:38 . 2006-11-13 12:38 23336 c:\windows\system32\ceutil.dll
+ 2010-10-07 23:14 . 2010-10-07 23:25 34308 c:\windows\system32\BASSMOD.dll
- 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-09-22 07:43 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-09-23 13:55 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-09-23 00:26 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 00:26 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 00:26 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 01:17 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-23 01:17 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-25 08:42 . 2010-09-25 08:42 22486 c:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\WCESMgrIcon.exe
+ 2010-09-25 08:42 . 2010-09-25 08:42 22486 c:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\ARPPRODUCTICON.exe
+ 2008-04-14 04:00 . 2010-06-18 17:45 293888 c:\windows\system32\winsrv.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 293888 c:\windows\system32\winsrv.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 406016 c:\windows\system32\usp10.dll
+ 2008-04-14 04:00 . 2010-04-16 15:37 406016 c:\windows\system32\usp10.dll
+ 2006-11-13 12:38 . 2006-11-13 12:38 138024 c:\windows\system32\rapi.dll
+ 2008-09-05 08:14 . 2010-10-06 00:58 489596 c:\windows\system32\perfh009.dat
+ 2008-04-14 04:00 . 2010-04-05 09:54 384512 c:\windows\system32\mp4sdmod.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 384512 c:\windows\system32\mp4sdmod.dll
+ 2010-09-25 07:30 . 2010-09-25 07:30 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe
+ 2008-04-14 04:00 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 293888 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-14 04:00 . 2010-06-18 17:45 293888 c:\windows\system32\dllcache\winsrv.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 04:00 . 2010-04-16 15:37 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 04:00 . 2010-07-22 15:48 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2008-04-14 04:00 . 2010-04-05 09:54 384512 c:\windows\system32\dllcache\mp4sdmod.dll
- 2008-04-14 04:00 . 2008-04-14 04:00 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2008-04-14 04:00 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-14 04:00 . 2005-02-18 03:59 226816 c:\windows\system32\dllcache\CEWMDM.dll
+ 2008-04-14 04:00 . 2005-02-18 03:59 226816 c:\windows\system32\CEWMDM.dll
+ 2010-09-22 07:43 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-09-23 00:26 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 00:25 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 01:17 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-18 09:14 . 2010-09-18 09:14 807936 c:\windows\Installer\705a40.msi
+ 2010-09-25 08:42 . 2010-09-25 08:42 869376 c:\windows\Installer\441f1b.msi
+ 2010-08-29 21:57 . 2010-08-29 21:57 836096 c:\windows\Installer\35c27b8.msi
+ 2010-09-23 19:02 . 2010-09-23 19:02 798208 c:\windows\Installer\24c64d1.msp
- 2010-07-14 06:59 . 2010-07-14 06:59 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-10-05 07:51 . 2010-10-05 07:51 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
- 2010-02-04 14:36 . 2010-06-30 18:02 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A82000000003}\SC_Reader.exe
+ 2010-02-04 14:36 . 2010-08-22 05:52 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A82000000003}\SC_Reader.exe
+ 2010-04-16 09:10 . 2010-10-07 22:22 1412636 c:\windows\system32\Restore\rstrlog.dat
+ 2010-01-27 01:07 . 2010-09-25 07:30 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2010-01-27 01:07 . 2010-08-13 06:18 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-09-22 07:44 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 13:55 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-09-23 13:55 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-09-23 00:26 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 00:25 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-23 13:55 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-18 09:13 . 2010-09-18 09:13 9472000 c:\windows\Installer\705a33.msi
+ 2010-10-05 07:51 . 2010-10-05 07:51 1575936 c:\windows\Installer\34b7e0.msi
+ 2010-08-13 21:22 . 2010-08-13 21:22 5811200 c:\windows\Installer\25bb6.msp
+ 2010-09-23 05:39 . 2010-09-23 05:39 4265472 c:\windows\Installer\24c64c9.msp
+ 2010-01-24 12:57 . 2010-09-15 22:47 35552200 c:\windows\system32\MRT.exe
+ 2010-09-24 12:08 . 2010-09-24 12:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-09-24 05:08 . 2010-09-24 05:08 17518080 c:\windows\Installer\24c64bf.msp
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 141848]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"="c:\programmi\Acer\Acer Bio Protection\PdtWzd.exe" [2010-01-23 3724800]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"AzMixerSel"="c:\programmi\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"ePower_DMC"="c:\programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-07-08 466944]
"TimMonitor"="c:\programmi\Chiavetta Internet Olicard 100\TimMonitor.exe" [2010-01-19 393216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2010-01-23 14:39 3167744 ----a-w- c:\programmi\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 14:24 567560 ----a-w- c:\programmi\File comuni\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Photo Express Calendar Checker SE.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Photo Express Calendar Checker SE.lnk
backup=c:\windows\pss\Photo Express Calendar Checker SE.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^aNNuCCia^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\aNNuCCia\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^aNNuCCia^Menu Avvio^Programmi^Esecuzione automatica^Real Desktop.lnk]
path=c:\documents and settings\aNNuCCia\Menu Avvio\Programmi\Esecuzione automatica\Real Desktop.lnk
backup=c:\windows\pss\Real Desktop.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-17 06:24 40368 ----a-w- c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2008-01-24 23:22 159744 ----a-w- c:\programmi\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-07-17 20:40 53248 ------w- c:\programmi\Realtek\Audio\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 04:00 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2007-12-25 02:17 579584 ----a-w- c:\programmi\Acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2008-07-08 17:18 466944 ----a-w- c:\programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 13:07 421888 ----a-w- c:\programmi\Acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 12:38 1289000 ----a-w- c:\programmi\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-05-07 15:41 178712 ----a-w- c:\programmi\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-07-25 02:48 875016 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-13 17:14 1695232 ------w- c:\programmi\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 20:11 3872080 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2006-06-27 15:21 1449984 ----a-w- c:\programmi\Nokia\Nokia PC Suite 6\PcSync2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE]
1998-07-03 11:51 25088 ------w- c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload]
2007-04-21 00:56 20480 ----a-w- c:\windows\RunXMLPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
2008-09-23 04:53 6144 ----a-w- c:\programmi\Acer\WR_PopUp\ProductReg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-05-16 12:39 16862720 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-23 17:03 149280 ----a-w- c:\programmi\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe"=
"c:\\Programmi\\NewTech Infosystems\\NTI Backup Now 5\\Client\\Agentsvc.exe"=
"c:\\Programmi\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\aNNuCCia\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [23/01/2010 16.38.57 42608]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/06/2010 19.05.56 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/06/2010 19.05.56 17744]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13.11.14 16384]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\programmi\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> c:\programmi\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 22.42.24 50424]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [17/04/2007 21.09.28 11032]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\programmi\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> c:\programmi\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [24/01/2010 6.40.47 108032]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [13/05/2008 21.49.12 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [12/06/2008 18.30.12 43608]
S2 IGBASVC;iGroupTec Service;c:\programmi\Acer\Acer Bio Protection\BASVC.exe [23/01/2010 16.39.00 3566080]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 3.03.14 131072]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [10/04/2010 20.28.50 223232]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys --> c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [?]
S3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys --> c:\windows\system32\DRIVERS\ONDAusbnet.sys [?]
S3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys --> c:\windows\system32\DRIVERS\ONDAusbnmea.sys [?]
S3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys --> c:\windows\system32\DRIVERS\ONDAusbser6k.sys [?]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\drivers\pmx3gmdm.sys [14/06/2010 12.41.47 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\drivers\pmx3gnet.sys [14/06/2010 12.41.59 117120]
S3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\drivers\TpChoice.sys [26/12/2007 7.23.10 17968]
.
Contenuto della cartella 'Scheduled Tasks'

2010-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-08-19 c:\windows\Tasks\wavepadShakeIcon.job
- c:\programmi\NCH Swift Sound\WavePad\wavepad.exe [2010-08-09 15:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.xsearch.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\aNNuCCia\Dati applicazioni\Mozilla\Firefox\Profiles\24ryi1i5.default\
FF - prefs.js: browser.startup.homepage - www.xsearch.it
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1751897440-3531595084-122796703-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1112)
c:\programmi\Acer\Acer Bio Protection\WinNotify.dll
c:\programmi\Acer\Acer Bio Protection\CustomRes.dll
c:\programmi\File comuni\SPBA\vtapip.dll
c:\programmi\File comuni\SPBA\infql2.dll
c:\windows\system32\bsapi.dll
c:\programmi\File comuni\SPBA\homefus2.dll
c:\programmi\File comuni\SPBA\homepass.dll
c:\programmi\File comuni\SPBA\bio.dll
c:\programmi\File comuni\SPBA\qlbase.dll
c:\programmi\File comuni\SPBA\vtapipql.dll
c:\windows\system32\l3codeca.acm

- - - - - - - > 'explorer.exe'(248)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
Ora fine scansione: 2010-10-08 02:14:20
ComboFix-quarantined-files.txt 2010-10-08 00:14
ComboFix2.txt 2010-10-07 21:27
ComboFix3.txt 2010-09-13 19:18
ComboFix4.txt 2010-08-13 21:33
ComboFix5.txt 2010-10-08 00:04

Pre-Run: 93.926.830.080 byte disponibili
Post-Run: 93.907.181.568 byte disponibili

- - End Of File - - 5787AFE4D89CDB515C59CD0037220325
Torna in alto
 
shapiro
Inviato: Friday, October 08, 2010 11:53:54 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
prima di scaricare il video il pc non aveva problemi ....giusto? oppure sono nati dopo l'installazione di questo dreamule (non e' emule per caso?)
Torna in alto
 
maopapof
Inviato: Friday, October 08, 2010 12:00:13 PM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,185


SCUSA -----SHAPIRO ( igfxtray.exe I driver delle schede grafiche di tipo Intel 81x portano questo nome ...altrimenti potrebbe essere un cavallino birbaccione :O))))
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 12:42:39 PM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
shapiro la mia scheda grafica è intel e quel file era gia presente su msconfig in avvio.

Prima di scaricare ed usare quel programma non ho mai avuto problemi di questo tipo.
Il file che volevo scaricare è su questo link http://www.amiciveri.it/Crack_mIRC6.35.zip, è un file sicuro l'ho installato in altro modo e funziona.
Ma il punto è che quando si avvia il download automatico il messaggio che esce dice:
C:\DOCUME~1\aNNuCCia\IMPOST~1\Temp\OirvqGFa.zip.part non può essere salvato in quanto non è possibile leggere il file di origine.

Riprovare in seguito o contattare l'amministratore di sistema.

Io cerco di scaricare Crack_mIRC6.35.zip e al momento che si avvia la finestra di download automatico da quell'errore.

http://i53.tinypic.com/o9l7rn.jpg
Torna in alto
 
shapiro
Inviato: Friday, October 08, 2010 1:10:05 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
prova in questo modo e vedi se riesci a scaricarlo


pannello di controllo
opzioni internet
protezione
livello personalizzato
cerca la voce download dei file e controlla che sia attivata
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 1:17:00 PM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
La voce "download dei file" è attivata.
Il problema non è che non mi fa scaricare, è che cambia il nome del file che devo scaricare come mostrato nell'immagine.
Di file .part nel mio pc fino a 2 giorni fa nn ce ne sono mai stati perchè non avevo mai usato ne amule ne dreamule.
Penso che con il download del film ho preso qualche virus.
E poi se disattivo momentaneamente avast riesco a scaricare il file. Ma non è possibile che per scaricare un file innocuo debba disattivare l'antivirus.
Torna in alto
 
a.roselli
Inviato: Friday, October 08, 2010 1:35:59 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Installa questo firewall e risolvi il problema, il fireewall di XP non serve assolutamente a nulla, anzi crea molti problemi di questo genere.

http://software.aiutamici.com/software?ID=80361

comunque .part è un file provvisorio che crea Firefox prima che termini il download, al termine del download riunisce i file part e crea il file finale.

alfonso_aiutamici@hotmail.it
Torna in alto
 
maopapof
Inviato: Friday, October 08, 2010 1:36:57 PM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,185
@anny82

scusami ..... ma quello che vuoi attivare in zip è tutto un virus e posso dirti che ha portato tutti i parenti



se il bravo shapiro mi fà intervenire ... ringrazio :O)
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 2:12:47 PM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
Sto installando quel firewall... ma quello di xp devo disabilitarlo?
Come setto questo nuovo firewall?
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 2:21:52 PM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
anche con quel firewall mi da quell'errore....
Torna in alto
 
a.roselli
Inviato: Friday, October 08, 2010 2:28:36 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Outpost disabilita da solo il firewall di windows e non ha bisogno di configurazioni, se lo hai instalato come indicato sulla scheda di aiutamici

quel file come ti ha fatto notare maopapof e zeppo di virus, firefox prima di salvare il file fa il controlo anrivirus, evita di scaricarlo, di da problemi anche con altri file?

alfonso_aiutamici@hotmail.it
Torna in alto
 
anny82
Inviato: Friday, October 08, 2010 2:33:08 PM

Rank: AiutAmico

Iscritto dal : 4/16/2010
Posts: 37
Si mi ha dato questo errore anche quando scaricavo dei file presi da youtube e poi convertiti. Non lo fa con tutti lo fa con alcuni.
Torna in alto
 
a.roselli
Inviato: Friday, October 08, 2010 2:39:56 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Prova a scaricare il file con Internet Explorer, ma se ci sono problemi significa che quei file sono infetti.

alfonso_aiutamici@hotmail.it
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Non riesco a scaricare file con il download automatico da alcuni siti


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.