Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi date un occhiata al log? sospetto infezioni

Mi date un occhiata al log? sospetto infezioni Opzioni
Topic Precedente · Topic Sucessivo
smokerjoe
Inviato: Tuesday, April 28, 2009 8:49:39 PM
Rank: Member

Iscritto dal : 2/2/2009
Posts: 13
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.47.24, on 28/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Users\win\AppData\Local\Temp\CUninst.exe
C:\Users\win\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Presario&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60429
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=Presario&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60429
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60429
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60429
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60429
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: &AOL Toolbar Cerca - C:\ProgramData\AOL\ieToolbar\resources\it-IT\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233749846541
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233750013714
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11033 bytes

c'è un altro probl il pc è un pò lento mi date una pulita totale da virus e schifezze e se sapete consigliarmi antivirus e firewall ke nn pesino troppo e se vanno bene già quelli ke ho.....
grazie in anticipo
Torna in alto
 
Sponsor
Inviato: Tuesday, April 28, 2009 8:49:39 PM

 
Torna in alto
 
r16
Inviato: Tuesday, April 28, 2009 10:46:02 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Non si vedono montagne di schifezze nel log.
Hai solo un file sospetto.
Prova a fare una scansione con MBAM.
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.
Torna in alto
 
smokerjoe
Inviato: Wednesday, April 29, 2009 12:30:28 PM
Rank: Member

Iscritto dal : 2/2/2009
Posts: 13
ecco il log di mbam:

Malwarebytes' Anti-Malware 1.36
Versione del database: 2057
Windows 6.0.6001 Service Pack 1

29/04/2009 12.14.16
mbam-log-2009-04-29 (12-14-07).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 304474
Tempo trascorso: 3 hour(s), 39 minute(s), 24 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 4
File infetti: 3

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> No action taken.

File infetti:
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> No action taken.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer (Rogue.WebMediaPlayer) -> No action taken.


Ha trovato 7 minacce le ho eliminate...
Torna in alto
 
simo95
Inviato: Wednesday, April 29, 2009 12:33:08 PM

Rank: AiutAmico

Iscritto dal : 12/4/2008
Posts: 2,008
punto 1: anche te ti sei preso la schifezza di quel webmediaplayer
punto 2: non le hai eliminate, malwarebytes dice "No action taken."
Torna in alto
 
r16
Inviato: Wednesday, April 29, 2009 12:37:24 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
simo95 ha scritto:
punto 1: anche te ti sei preso la schifezza di quel webmediaplayer
punto 2: non le hai eliminate, malwarebytes dice "No action taken."

Ciao.
Penso che le avrà eliminate dopo aver postato il log........spero.
A questo punto, esegui anche questa scansione: (vatti a fidare di HJT.....)
Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,e dopo aver scaricato COMBOFIX, chiudi la connessione.

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
smokerjoe
Inviato: Wednesday, April 29, 2009 8:28:02 PM
Rank: Member

Iscritto dal : 2/2/2009
Posts: 13
Log di combofix:

ComboFix 09-04-29.01 - win 29/04/2009 20.15.35.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.39.1040.18.3002.2005 [GMT 2:00]
Eseguito da: c:\users\win\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
ADS - Windows: deleted 72 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Condizioni generali.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Riservatezza.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url
C:\rox.exe
c:\users\Franco\AppData\Local\icdys.dat
c:\users\Franco\AppData\Local\icdys_nav.dat
c:\users\Franco\AppData\Local\icdys_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2009-05-28 al 2009-4-29 )))))))))))))))))))))))))))))))))))
.

2009-04-29 12:26 . 2009-04-29 12:26 -------- d-----w c:\users\Giada\AppData\Roaming\PCToolsFirewallPlus
2009-04-29 12:26 . 2009-04-29 12:26 -------- d-----w c:\users\Giada\AppData\Roaming\Spyware Terminator
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\users\win\AppData\Roaming\Malwarebytes
2009-04-29 06:31 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-29 06:31 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\programdata\Malwarebytes
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\users\All Users\Malwarebytes
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-29 06:15 . 2009-04-29 06:15 -------- d-----w c:\program files\Crawler
2009-04-28 11:51 . 2009-04-28 11:51 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-04-28 11:51 . 2009-04-29 18:08 -------- d-----w c:\users\win\AppData\Roaming\Spyware Terminator
2009-04-28 11:50 . 2009-04-29 13:02 -------- d-----w c:\programdata\Spyware Terminator
2009-04-28 11:50 . 2009-04-29 13:02 -------- d-----w c:\users\All Users\Spyware Terminator
2009-04-28 11:50 . 2009-04-28 15:29 -------- d-----w c:\program files\Spyware Terminator
2009-04-27 18:55 . 2009-04-27 18:56 -------- d-----w c:\users\win\AppData\Roaming\PCToolsFirewallPlus
2009-04-27 18:50 . 2008-09-22 10:29 97408 ----a-w c:\windows\system32\drivers\pctfw.sys
2009-04-27 18:50 . 2009-01-21 08:38 95640 ----a-w c:\windows\system32\drivers\pctplfw.sys
2009-04-27 18:50 . 2009-04-28 19:17 -------- d-----w c:\program files\PC Tools Firewall Plus
2009-04-27 18:49 . 2009-04-28 12:21 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-27 18:49 . 2009-04-28 12:21 -------- d-----w c:\users\All Users\Spybot - Search & Destroy
2009-04-27 18:47 . 2008-12-11 06:38 159600 ----a-w c:\windows\system32\drivers\pctgntdi.sys
2009-04-27 18:47 . 2009-04-03 09:18 130936 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-04-27 18:47 . 2008-12-18 10:16 73840 ----a-w c:\windows\system32\drivers\PCTAppEvent.sys
2009-04-27 18:46 . 2009-04-28 11:43 -------- d-----w c:\program files\Common Files\PC Tools
2009-04-25 12:06 . 2009-04-25 12:06 18816 ----a-w c:\windows\system32\drivers\dvd43llh.sys
2009-04-25 12:06 . 2009-04-25 12:06 -------- d-----w c:\program files\dvd43
2009-04-25 12:00 . 2009-04-25 12:00 -------- d-----w c:\programdata\SlySoft
2009-04-25 12:00 . 2009-04-25 12:00 -------- d-----w c:\users\All Users\SlySoft
2009-04-25 11:57 . 2009-04-25 12:06 -------- d-----w c:\program files\SlySoft
2009-04-25 11:34 . 2009-04-25 11:34 -------- d-----w c:\program files\Elaborate Bytes
2009-04-25 09:17 . 2009-04-25 09:19 -------- d-----w c:\programdata\DVD Shrink
2009-04-25 09:17 . 2009-04-25 09:19 -------- d-----w c:\users\All Users\DVD Shrink
2009-04-25 09:17 . 2009-04-25 09:17 -------- d-----w c:\program files\DVD Shrink
2009-04-23 17:41 . 2009-04-23 17:41 -------- d-----w c:\program files\DAEMON Tools Lite
2009-04-16 22:58 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-16 22:58 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-16 22:58 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-16 22:52 . 2009-02-13 08:49 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-04-16 22:52 . 2009-02-13 08:49 72704 ----a-w c:\windows\system32\secur32.dll
2009-04-16 22:52 . 2009-03-17 03:38 13824 ----a-w c:\windows\system32\apilogen.dll
2009-04-16 22:52 . 2009-03-17 03:38 24064 ----a-w c:\windows\system32\amxread.dll
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\program files\Ferrero
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\programdata\Ferrero
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\users\All Users\Ferrero
2009-04-08 13:26 . 2009-04-08 13:26 -------- d-----w c:\windows\Sun

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-29 18:13 . 2008-08-01 15:35 680208 ----a-w c:\windows\system32\perfh010.dat
2009-04-29 18:13 . 2008-08-01 15:35 126380 ----a-w c:\windows\system32\perfc010.dat
2009-04-28 14:45 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-28 14:45 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-28 14:45 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-28 14:36 . 2009-04-28 14:36 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-04-25 11:40 . 2008-12-29 13:20 -------- d-----w c:\program files\Common Files\Nero
2009-04-23 17:41 . 2009-01-14 19:46 -------- d-----w c:\program files\DAEMON Tools Toolbar
2009-04-23 17:31 . 2009-01-14 19:37 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-04-17 01:08 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-11 13:05 . 2009-02-20 10:46 -------- d-----w c:\program files\Pinnacle
2009-04-11 13:02 . 2008-08-01 06:00 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-11 13:02 . 2006-11-02 12:35 -------- d-----w c:\program files\Microsoft Games
2009-04-11 12:15 . 2009-03-10 12:17 -------- d-----w c:\program files\Windows Live
2009-04-01 15:15 . 2009-03-10 12:32 -------- d-----w c:\program files\Messenger Plus! Live
2009-03-26 19:40 . 2009-02-09 14:51 -------- d-----w c:\program files\free-downloads.net
2009-03-26 16:05 . 2009-02-05 18:07 -------- d-----w c:\program files\MegaLink
2009-03-21 22:08 . 2009-03-13 13:45 -------- d-----w c:\program files\Sweet Games
2009-03-21 22:08 . 2009-03-13 13:45 -------- d-----w c:\program files\Oberon Media
2009-03-21 01:18 . 2009-03-21 01:18 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-21 01:17 . 2009-03-10 12:18 -------- d-----w c:\program files\Microsoft
2009-03-17 03:38 . 2009-04-16 22:52 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-13 13:45 . 2009-03-13 13:45 -------- d-----w c:\program files\Common Files\Oberon Media
2009-03-10 12:17 . 2009-03-10 12:17 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-10 12:14 . 2009-03-10 12:14 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 21:06 . 2009-03-09 21:06 5465 ----a-w C:\kkx.exe
2009-03-09 21:04 . 2009-03-09 20:48 5465 ----a-w C:\kk.exe
2009-03-09 20:56 . 2009-03-09 20:38 83 ----a-w C:\rocks.exe
2009-03-09 13:07 . 2008-11-12 04:58 -------- d-----w c:\program files\CONEXANT
2009-03-08 14:09 . 2009-03-08 14:09 -------- d-----w c:\program files\digicom
2009-03-07 12:18 . 2009-03-07 12:18 0 ------w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-03-07 12:07 . 2009-03-07 12:07 -------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-03-07 12:07 . 2009-03-07 12:07 -------- d-----w c:\program files\DVDVideoSoft
2009-03-06 20:00 . 2009-03-06 20:00 -------- d-----w c:\program files\eMule AdunanzA
2009-03-06 12:15 . 2009-02-12 14:04 -------- d-----w c:\program files\Video Convert Master
2009-03-04 12:32 . 2009-03-04 12:32 -------- d-----w c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-03 19:53 . 2009-03-03 19:52 -------- d-----w c:\program files\mp3DirectCut
2009-03-03 19:45 . 2009-03-03 19:45 -------- d-----w c:\program files\Eazel-IT
2009-03-03 04:46 . 2009-04-16 22:59 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 22:59 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-16 22:59 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-16 22:59 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 22:59 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 22:59 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 22:59 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-16 22:59 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 22:59 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-16 22:59 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-16 22:59 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 22:59 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-16 22:59 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-02 18:50 . 2009-02-04 20:07 89 ----a-w c:\users\Franco\AppData\Local\icdys.bat
2009-02-27 12:36 . 2009-02-27 12:36 237568 ------w c:\windows\system32\rmc_rtspdl.dll
2009-02-27 12:36 . 2009-02-27 12:36 156672 ------w c:\windows\system32\rmc_fixasf.exe
2009-02-27 12:35 . 2009-02-27 12:35 323584 ------w c:\windows\system32\AUDIOGENIE2.DLL
2009-02-23 19:09 . 2009-02-23 19:09 680 ----a-w c:\users\win\AppData\Local\d3d9caps.dat
2009-02-21 10:30 . 2008-12-25 18:14 147280 ----a-w c:\users\Giada\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-20 18:09 . 2008-12-25 16:52 147280 ----a-w c:\users\Franco\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-20 11:01 . 2008-12-12 15:11 147280 ----a-w c:\users\win\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-17 17:11 . 2009-02-17 17:11 24232 ----a-w c:\windows\system32\drivers\ElbyCDIO.sys
2009-02-17 13:33 . 2009-02-17 13:33 89256 ----a-w c:\windows\system32\ElbyCDIO.dll
2009-02-12 14:05 . 2009-02-12 14:05 81920 ----a-w c:\users\win\AppData\Roaming\ezpinst.exe
2009-02-12 14:05 . 2009-02-12 14:05 47360 ----a-w c:\users\win\AppData\Roaming\pcouffin.sys
2009-02-12 14:05 . 2009-02-12 14:05 47360 ------w c:\windows\system32\drivers\pcouffin.sys
2009-02-10 09:53 . 2009-02-10 09:53 603904 ------w c:\windows\system32\TUProgSt.exe
2009-02-10 09:53 . 2009-02-10 09:53 360192 ------w c:\windows\system32\TuneUpDefragService.exe
2009-02-09 03:10 . 2009-03-11 09:10 2033152 ----a-w c:\windows\system32\win32k.sys
2009-02-06 20:15 . 2009-01-14 20:13 138184 ------w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-06 20:14 . 2009-01-14 20:13 183112 ------w c:\windows\system32\PnkBstrB.exe
2009-02-06 17:52 . 2009-02-06 17:52 49504 ------w c:\windows\system32\sirenacm.dll
2009-02-06 15:03 . 2009-02-06 15:03 0 ----a-w c:\windows\nsreg.dat
2009-02-05 21:06 . 2008-12-12 16:36 51792 ------w c:\windows\system32\drivers\aswMonFlt.sys
2009-02-02 18:02 . 2009-02-02 18:02 680 ----a-w c:\users\Giada\AppData\Local\d3d9caps.dat
2009-01-31 13:28 . 2009-01-31 13:28 32 ----a-w c:\users\All Users\ezsid.dat
2009-01-31 13:28 . 2009-01-31 13:28 32 ----a-w c:\programdata\ezsid.dat
2008-01-21 02:57 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
2008-08-01 15:38 . 2008-08-01 15:38 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-11 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-04-28 2176000]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2118804827-1726119250-1251687127-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{279A8A28-4017-4820-A17D-D862F0A951CB}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{E19B1BB9-E744-4FA4-91D0-0350062C3BE7}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{BB38B420-2EB1-47C8-AE57-20B52F5B1002}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{B08C3A01-B8E9-4F1C-B45E-9C613D3D684E}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{7ADFACFA-AB38-409D-B8C7-B3A787F96037}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D8B388C3-96C8-44CA-8A87-B970F0213E4A}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"TCP Query User{A71BAF43-F83F-43F7-A24A-DBE66753BF07}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{53DEE5C0-D5DE-44CE-A68D-5CEEF0ACDD81}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{64103F82-0F91-42E0-900A-D72978480066}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{776CDEB6-899C-499C-9DB2-9B017838DB46}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"{5EA4CE18-0857-4E03-B097-8ED338074E73}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{5E561ED2-77EE-41B1-A4ED-7BE1E0059A3D}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{8CCA36AE-3035-46AE-B563-483A3F7CF690}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C3D0A899-DB50-494B-99AF-45BB9B2C225E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FA435618-E773-4382-9064-7B6CB7979A6B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{A105F6A7-FBEE-4E1A-B985-B0D4C0DC65E0}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{B2C6FE81-8C59-48C2-AF35-483E36EAA124}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{6C87679A-03AB-434F-B20C-6721C7BB4504}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{C5E8BDB2-A16B-4A4A-AFA2-AE4B9437DA1F}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{0A34D861-FB47-4E2B-B1E2-6C03EC3946F0}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{5E0FACC4-372A-466A-B668-8CAEC6366654}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{AF1315C1-54CE-40F0-8EC1-765DDA010B08}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{66D2CCA9-D269-4760-91B4-DDEEB0C471FB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{27066455-3203-41AA-98C3-14B4C9FC1A55}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{A166BBA6-E9CC-4C57-B339-88E790BACBA4}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"TCP Query User{3258A319-4FDC-4E05-B9DA-B2D0B7B7253E}c:\\users\\win\\desktop\\msnmsgr.exe"= UDP:c:\users\win\desktop\msnmsgr.exe:msnmsgr.exe
"UDP Query User{D350F84C-20A2-4596-82CB-A9B705E154E5}c:\\users\\win\\desktop\\msnmsgr.exe"= TCP:c:\users\win\desktop\msnmsgr.exe:msnmsgr.exe
"TCP Query User{767E7E51-2296-4403-8204-50960F094DD8}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{5AC27C3F-5C47-49C4-ACF2-96F867A9542A}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{1342318A-E2BA-4330-B046-90AEA14064E0}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{CEB800CE-F3F8-4480-BEAB-83B9810521EB}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{6B5A92D8-D05D-4EBA-A395-384034A6993F}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{2762681F-3427-4377-B478-F324C1FD891E}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{960DCB8E-04C9-4F2A-88B3-5EF52F8586FF}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{431865B2-A6E1-4C7C-8C9C-EDEDD477A0E3}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{FD70D114-28F7-48F6-8F3E-5B279760187C}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{EEA27814-E62D-400A-8574-B1160D30FB9C}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{E9175E8D-286D-48B9-BC4E-4110C0D8F0B8}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{1EAA5985-8E26-4FDF-B505-D1A749F6DF68}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys [2003-09-12 646784]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [2009-01-21 95640]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-04-03 130936]
S1 aswSP;avast! Self Protection; [x]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2008-12-11 159600]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-04-28 142592]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2008-12-18 73840]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-02-10 603904]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-09 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2008-12-25 15:35]

2009-03-09 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-25 11:11]

2009-03-06 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2008-12-25 22:44]

2009-04-25 c:\windows\Tasks\elbyExecuteWithUAC.job
- c:\program files\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe [2008-06-27 19:26]

2009-03-09 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:20]

2009-03-09 c:\windows\Tasks\User_Feed_Synchronization-{E1B7EB7E-D83D-4EF3-9428-508DCEDFC34D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-29 20:22
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2009-04-29 20.25.06
ComboFix-quarantined-files.txt 2009-04-29 18:25

Pre-Run: 43.127.619.584 byte disponibili
Post-Run: 43.066.392.576 byte disponibili

325 --- E O F --- 2009-04-28 14:47

è tutto apposto??

mi suggeriresti qual'è la combinazione per non prendere virus?? antivirus - firewall
grazie :)
Torna in alto
 
r16
Inviato: Thursday, April 30, 2009 12:07:22 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Apri un file di testo sul Desktop.
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt


File::
C:\kkx.exe
C:\kk.exe
C:\rocks.exe


e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix

A mio avviso disistalla Avast, e installa Avira.
Questa è la pagina con le versioni disponibili, (c'è anche in italiano)
http://www.free-av.com/en/download/download_servers.php
Questa è una guida per configurarlo:
http://www.zeusnews.it/zz_upload/PSV/avira.pdf
Se lo installi,fai una scansione e posta il log.
Nonostante la limitazione del mancato controllo durante la ricezione email (gli allegati vengono comunque controllati all'apertura), è il migliore.
Come Firewall và bene quello che hai.
Torna in alto
 
smokerjoe
Inviato: Thursday, April 30, 2009 8:54:25 AM
Rank: Member

Iscritto dal : 2/2/2009
Posts: 13
Log di combofix aggiornato:

ComboFix 09-04-29.01 - win 30/04/2009 8.39.18.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.39.1040.18.3002.1987 [GMT 2:00]
Eseguito da: c:\users\win\Desktop\ComboFix.exe
Opzioni usate :: c:\users\win\Desktop\CFScript.txt
* Creato nuovo punto di ripristino

FILE ::
C:\kk.exe
C:\kkx.exe
C:\rocks.exe
.

((((((((((((((((((((((((( Files Creati Da 2009-05-28 al 2009-4-30 )))))))))))))))))))))))))))))))))))
.

2009-04-29 19:23 . 2009-04-29 19:23 -------- d-----w c:\users\Giada\AppData\Roaming\TuneUp Software
2009-04-29 12:26 . 2009-04-29 12:26 -------- d-----w c:\users\Giada\AppData\Roaming\PCToolsFirewallPlus
2009-04-29 12:26 . 2009-04-30 05:43 -------- d-----w c:\users\Giada\AppData\Roaming\Spyware Terminator
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\users\win\AppData\Roaming\Malwarebytes
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\programdata\Malwarebytes
2009-04-29 06:31 . 2009-04-29 06:31 -------- d-----w c:\users\All Users\Malwarebytes
2009-04-29 06:15 . 2009-04-29 06:15 -------- d-----w c:\program files\Crawler
2009-04-28 11:51 . 2009-04-28 11:51 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-04-28 11:51 . 2009-04-29 18:08 -------- d-----w c:\users\win\AppData\Roaming\Spyware Terminator
2009-04-28 11:50 . 2009-04-29 13:02 -------- d-----w c:\programdata\Spyware Terminator
2009-04-28 11:50 . 2009-04-29 13:02 -------- d-----w c:\users\All Users\Spyware Terminator
2009-04-28 11:50 . 2009-04-28 15:29 -------- d-----w c:\program files\Spyware Terminator
2009-04-27 18:55 . 2009-04-27 18:56 -------- d-----w c:\users\win\AppData\Roaming\PCToolsFirewallPlus
2009-04-27 18:50 . 2008-09-22 10:29 97408 ----a-w c:\windows\system32\drivers\pctfw.sys
2009-04-27 18:50 . 2009-01-21 08:38 95640 ----a-w c:\windows\system32\drivers\pctplfw.sys
2009-04-27 18:50 . 2009-04-28 19:17 -------- d-----w c:\program files\PC Tools Firewall Plus
2009-04-27 18:49 . 2009-04-28 12:21 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-27 18:49 . 2009-04-28 12:21 -------- d-----w c:\users\All Users\Spybot - Search & Destroy
2009-04-27 18:47 . 2008-12-11 06:38 159600 ----a-w c:\windows\system32\drivers\pctgntdi.sys
2009-04-27 18:47 . 2009-04-03 09:18 130936 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-04-27 18:47 . 2008-12-18 10:16 73840 ----a-w c:\windows\system32\drivers\PCTAppEvent.sys
2009-04-27 18:46 . 2009-04-28 11:43 -------- d-----w c:\program files\Common Files\PC Tools
2009-04-25 12:06 . 2009-04-25 12:06 18816 ----a-w c:\windows\system32\drivers\dvd43llh.sys
2009-04-25 12:06 . 2009-04-25 12:06 -------- d-----w c:\program files\dvd43
2009-04-25 12:00 . 2009-04-25 12:00 -------- d-----w c:\programdata\SlySoft
2009-04-25 12:00 . 2009-04-25 12:00 -------- d-----w c:\users\All Users\SlySoft
2009-04-25 11:57 . 2009-04-25 12:06 -------- d-----w c:\program files\SlySoft
2009-04-25 11:34 . 2009-04-25 11:34 -------- d-----w c:\program files\Elaborate Bytes
2009-04-25 09:17 . 2009-04-25 09:19 -------- d-----w c:\programdata\DVD Shrink
2009-04-25 09:17 . 2009-04-25 09:19 -------- d-----w c:\users\All Users\DVD Shrink
2009-04-25 09:17 . 2009-04-25 09:17 -------- d-----w c:\program files\DVD Shrink
2009-04-23 17:41 . 2009-04-23 17:41 -------- d-----w c:\program files\DAEMON Tools Lite
2009-04-16 22:58 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-16 22:58 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-16 22:58 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-16 22:52 . 2009-02-13 08:49 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-04-16 22:52 . 2009-02-13 08:49 72704 ----a-w c:\windows\system32\secur32.dll
2009-04-16 22:52 . 2009-03-17 03:38 13824 ----a-w c:\windows\system32\apilogen.dll
2009-04-16 22:52 . 2009-03-17 03:38 24064 ----a-w c:\windows\system32\amxread.dll
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\program files\Ferrero
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\programdata\Ferrero
2009-04-08 16:32 . 2009-04-08 16:32 -------- d-----w c:\users\All Users\Ferrero
2009-04-08 13:26 . 2009-04-08 13:26 -------- d-----w c:\windows\Sun

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-30 06:34 . 2008-08-01 15:35 680208 ----a-w c:\windows\system32\perfh010.dat
2009-04-30 06:34 . 2008-08-01 15:35 126380 ----a-w c:\windows\system32\perfc010.dat
2009-04-28 14:45 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-28 14:45 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-28 14:45 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-28 14:36 . 2009-04-28 14:36 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-04-25 11:40 . 2008-12-29 13:20 -------- d-----w c:\program files\Common Files\Nero
2009-04-23 17:41 . 2009-01-14 19:46 -------- d-----w c:\program files\DAEMON Tools Toolbar
2009-04-23 17:31 . 2009-01-14 19:37 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-04-17 01:08 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-11 13:05 . 2009-02-20 10:46 -------- d-----w c:\program files\Pinnacle
2009-04-11 13:02 . 2008-08-01 06:00 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-11 13:02 . 2006-11-02 12:35 -------- d-----w c:\program files\Microsoft Games
2009-04-11 12:15 . 2009-03-10 12:17 -------- d-----w c:\program files\Windows Live
2009-04-01 15:15 . 2009-03-10 12:32 -------- d-----w c:\program files\Messenger Plus! Live
2009-03-26 19:40 . 2009-02-09 14:51 -------- d-----w c:\program files\free-downloads.net
2009-03-26 16:05 . 2009-02-05 18:07 -------- d-----w c:\program files\MegaLink
2009-03-21 22:08 . 2009-03-13 13:45 -------- d-----w c:\program files\Sweet Games
2009-03-21 22:08 . 2009-03-13 13:45 -------- d-----w c:\program files\Oberon Media
2009-03-21 01:18 . 2009-03-21 01:18 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-21 01:17 . 2009-03-10 12:18 -------- d-----w c:\program files\Microsoft
2009-03-17 03:38 . 2009-04-16 22:52 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-13 13:45 . 2009-03-13 13:45 -------- d-----w c:\program files\Common Files\Oberon Media
2009-03-10 12:17 . 2009-03-10 12:17 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-10 12:14 . 2009-03-10 12:14 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 13:07 . 2008-11-12 04:58 -------- d-----w c:\program files\CONEXANT
2009-03-08 14:09 . 2009-03-08 14:09 -------- d-----w c:\program files\digicom
2009-03-07 12:18 . 2009-03-07 12:18 0 ------w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-03-07 12:07 . 2009-03-07 12:07 -------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-03-07 12:07 . 2009-03-07 12:07 -------- d-----w c:\program files\DVDVideoSoft
2009-03-06 20:00 . 2009-03-06 20:00 -------- d-----w c:\program files\eMule AdunanzA
2009-03-06 12:15 . 2009-02-12 14:04 -------- d-----w c:\program files\Video Convert Master
2009-03-04 12:32 . 2009-03-04 12:32 -------- d-----w c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-03 19:53 . 2009-03-03 19:52 -------- d-----w c:\program files\mp3DirectCut
2009-03-03 19:45 . 2009-03-03 19:45 -------- d-----w c:\program files\Eazel-IT
2009-03-03 04:46 . 2009-04-16 22:59 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 22:59 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-16 22:59 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-16 22:59 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 22:59 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 22:59 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 22:59 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-16 22:59 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 22:59 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-16 22:59 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-16 22:59 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 22:59 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-16 22:59 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-02 18:50 . 2009-02-04 20:07 89 ----a-w c:\users\Franco\AppData\Local\icdys.bat
2009-02-27 12:36 . 2009-02-27 12:36 237568 ------w c:\windows\system32\rmc_rtspdl.dll
2009-02-27 12:36 . 2009-02-27 12:36 156672 ------w c:\windows\system32\rmc_fixasf.exe
2009-02-27 12:35 . 2009-02-27 12:35 323584 ------w c:\windows\system32\AUDIOGENIE2.DLL
2009-02-23 19:09 . 2009-02-23 19:09 680 ----a-w c:\users\win\AppData\Local\d3d9caps.dat
2009-02-21 10:30 . 2008-12-25 18:14 147280 ----a-w c:\users\Giada\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-20 18:09 . 2008-12-25 16:52 147280 ----a-w c:\users\Franco\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-20 11:01 . 2008-12-12 15:11 147280 ----a-w c:\users\win\AppData\Local\GDIPFONTCACHEV1.DAT
2009-02-17 17:11 . 2009-02-17 17:11 24232 ----a-w c:\windows\system32\drivers\ElbyCDIO.sys
2009-02-17 13:33 . 2009-02-17 13:33 89256 ----a-w c:\windows\system32\ElbyCDIO.dll
2009-02-12 14:05 . 2009-02-12 14:05 81920 ----a-w c:\users\win\AppData\Roaming\ezpinst.exe
2009-02-12 14:05 . 2009-02-12 14:05 47360 ----a-w c:\users\win\AppData\Roaming\pcouffin.sys
2009-02-12 14:05 . 2009-02-12 14:05 47360 ------w c:\windows\system32\drivers\pcouffin.sys
2009-02-10 09:53 . 2009-02-10 09:53 603904 ------w c:\windows\system32\TUProgSt.exe
2009-02-10 09:53 . 2009-02-10 09:53 360192 ------w c:\windows\system32\TuneUpDefragService.exe
2009-02-09 03:10 . 2009-03-11 09:10 2033152 ----a-w c:\windows\system32\win32k.sys
2009-02-06 20:15 . 2009-01-14 20:13 138184 ------w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-06 20:14 . 2009-01-14 20:13 183112 ------w c:\windows\system32\PnkBstrB.exe
2009-02-06 17:52 . 2009-02-06 17:52 49504 ------w c:\windows\system32\sirenacm.dll
2009-02-06 15:03 . 2009-02-06 15:03 0 ----a-w c:\windows\nsreg.dat
2009-02-05 21:06 . 2008-12-12 16:36 51792 ------w c:\windows\system32\drivers\aswMonFlt.sys
2009-02-02 18:02 . 2009-02-02 18:02 680 ----a-w c:\users\Giada\AppData\Local\d3d9caps.dat
2009-01-31 13:28 . 2009-01-31 13:28 32 ----a-w c:\users\All Users\ezsid.dat
2009-01-31 13:28 . 2009-01-31 13:28 32 ----a-w c:\programdata\ezsid.dat
2008-01-21 02:57 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
2008-08-01 15:38 . 2008-08-01 15:38 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-04-29_18.23.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-04-30 06:29 58080 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-12-25 18:15 . 2009-04-30 05:44 10190 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2118804827-1726119250-1251687127-1003_UserData.bin
+ 2008-12-12 15:08 . 2009-04-30 06:29 13300 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2118804827-1726119250-1251687127-1000_UserData.bin
+ 2008-11-12 04:48 . 2009-04-30 06:28 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-12 04:48 . 2009-04-29 18:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-12 04:48 . 2009-04-29 18:13 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-12 04:48 . 2009-04-30 06:28 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-12 04:48 . 2009-04-30 06:28 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-12 04:48 . 2009-04-29 18:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-04-30 06:27 . 2009-04-30 06:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-04-29 18:06 . 2009-04-29 18:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-04-30 06:27 . 2009-04-30 06:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-04-29 18:06 . 2009-04-29 18:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 13:02 . 2009-04-30 06:29 141356 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-04-30 06:34 594776 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-04-29 18:13 594776 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-04-29 18:13 106596 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-04-30 06:34 106596 c:\windows\System32\perfc009.dat
+ 2009-04-29 19:16 . 2009-04-29 19:32 418304 c:\windows\Resources\Themes\Vectrum\Shell\NormalColor\shellstyle.dll
+ 2009-04-29 19:16 . 2009-04-29 19:32 418304 c:\windows\Resources\Themes\Tiberium\Shell\NormalColor\shellstyle.dll
+ 2009-04-29 19:16 . 2009-04-29 19:32 418304 c:\windows\Resources\Themes\RedEye Vista\Shell\NormalColor\shellstyle.dll
+ 2009-04-29 19:17 . 2009-04-29 19:17 418304 c:\windows\Resources\Themes\BlueEye Vista\Shell\NormalColor\shellstyle.dll
+ 2009-04-29 19:32 . 2009-04-29 19:32 2173440 c:\windows\Resources\Themes\Rose\Shell\NormalColor\shellstyle.dll
+ 2009-04-29 19:32 . 2009-04-29 19:32 1647104 c:\windows\Resources\Themes\Aero 4074 Remix\Shell\NormalColor\shellstyle.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-11 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-04-28 2176000]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2118804827-1726119250-1251687127-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{279A8A28-4017-4820-A17D-D862F0A951CB}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{E19B1BB9-E744-4FA4-91D0-0350062C3BE7}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{BB38B420-2EB1-47C8-AE57-20B52F5B1002}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{B08C3A01-B8E9-4F1C-B45E-9C613D3D684E}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{7ADFACFA-AB38-409D-B8C7-B3A787F96037}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D8B388C3-96C8-44CA-8A87-B970F0213E4A}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"TCP Query User{A71BAF43-F83F-43F7-A24A-DBE66753BF07}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{53DEE5C0-D5DE-44CE-A68D-5CEEF0ACDD81}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{64103F82-0F91-42E0-900A-D72978480066}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{776CDEB6-899C-499C-9DB2-9B017838DB46}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"{5EA4CE18-0857-4E03-B097-8ED338074E73}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{5E561ED2-77EE-41B1-A4ED-7BE1E0059A3D}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{8CCA36AE-3035-46AE-B563-483A3F7CF690}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C3D0A899-DB50-494B-99AF-45BB9B2C225E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FA435618-E773-4382-9064-7B6CB7979A6B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{A105F6A7-FBEE-4E1A-B985-B0D4C0DC65E0}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{B2C6FE81-8C59-48C2-AF35-483E36EAA124}c:\\users\\win\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\win\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{6C87679A-03AB-434F-B20C-6721C7BB4504}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{C5E8BDB2-A16B-4A4A-AFA2-AE4B9437DA1F}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{0A34D861-FB47-4E2B-B1E2-6C03EC3946F0}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{5E0FACC4-372A-466A-B668-8CAEC6366654}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{AF1315C1-54CE-40F0-8EC1-765DDA010B08}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{66D2CCA9-D269-4760-91B4-DDEEB0C471FB}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{27066455-3203-41AA-98C3-14B4C9FC1A55}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{A166BBA6-E9CC-4C57-B339-88E790BACBA4}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"TCP Query User{3258A319-4FDC-4E05-B9DA-B2D0B7B7253E}c:\\users\\win\\desktop\\msnmsgr.exe"= UDP:c:\users\win\desktop\msnmsgr.exe:msnmsgr.exe
"UDP Query User{D350F84C-20A2-4596-82CB-A9B705E154E5}c:\\users\\win\\desktop\\msnmsgr.exe"= TCP:c:\users\win\desktop\msnmsgr.exe:msnmsgr.exe
"TCP Query User{767E7E51-2296-4403-8204-50960F094DD8}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{5AC27C3F-5C47-49C4-ACF2-96F867A9542A}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{1342318A-E2BA-4330-B046-90AEA14064E0}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{CEB800CE-F3F8-4480-BEAB-83B9810521EB}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{6B5A92D8-D05D-4EBA-A395-384034A6993F}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{2762681F-3427-4377-B478-F324C1FD891E}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{960DCB8E-04C9-4F2A-88B3-5EF52F8586FF}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{431865B2-A6E1-4C7C-8C9C-EDEDD477A0E3}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{FD70D114-28F7-48F6-8F3E-5B279760187C}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= UDP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"UDP Query User{EEA27814-E62D-400A-8574-B1160D30FB9C}c:\\users\\giada\\desktop\\lanterna\\lantmirc.exe"= TCP:c:\users\giada\desktop\lanterna\lantmirc.exe:lantmirc.exe
"TCP Query User{E9175E8D-286D-48B9-BC4E-4110C0D8F0B8}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{1EAA5985-8E26-4FDF-B505-D1A749F6DF68}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys [2003-09-12 646784]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [2009-01-21 95640]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-04-03 130936]
S1 aswSP;avast! Self Protection; [x]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2008-12-11 159600]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-04-28 142592]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2008-12-18 73840]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-02-10 603904]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-09 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2008-12-25 15:35]

2009-03-09 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-25 11:11]

2009-03-06 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2008-12-25 22:44]

2009-04-25 c:\windows\Tasks\elbyExecuteWithUAC.job
- c:\program files\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe [2008-06-27 19:26]

2009-03-09 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:20]

2009-03-09 c:\windows\Tasks\User_Feed_Synchronization-{E1B7EB7E-D83D-4EF3-9428-508DCEDFC34D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-30 08:45
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2009-04-30 8.47.57
ComboFix-quarantined-files.txt 2009-04-30 06:47

Pre-Run: 44.736.532.480 byte disponibili
Post-Run: 44.544.765.952 byte disponibili

337 --- E O F --- 2009-04-30 05:46

Per avira io cm antivirus mi trovo bene cn avast avira nun me piace intendevo il mio antivirus se andava bene la mia combinazione o se dovevo cambiare il firewall
Torna in alto
 
r16
Inviato: Thursday, April 30, 2009 12:16:02 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Non ricordo se Avast sia compatibile con PC Tools Firewall Plus.
Monsee, è più informato di me.
Segui questo percorso e elimina la cartella in rosso:
c:\program files\Eazel-IT
Fai una pulizia con CCleaner.
Se non riscontri problemi direi che sei a posto.
Torna in alto
 
paolopa
Inviato: Thursday, April 30, 2009 1:23:22 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
scusa l intromissione,temo di aver letto in altri post che avast abbia la tendenza a distruggere pc tools firewall plus....mentre non dovrebbero esserci conflitti con agv 8.5
Torna in alto
 
monsee
Inviato: Thursday, April 30, 2009 1:30:55 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Confermo: Avast! crea dei problemi a vari firewalls (incluso PCTools Firewall Plus). Alcuni (Kerio, Tiny e Sunbelt) li "ammazza" proprio. Altri (e, fra essi, anche PC Tools Firewall Plus) li disturba al punto da render loro quasi impossibile fare per bene il proprio lavoro. Per evitar questo "disturbo", la sola via consiste nel DISABILITARE permanentemente la "protezione di Rete" in Avast!... Col che, i vari firewalls (PCTools Firewall Plus incluso) potranno finalmente lavorare in santa pace. Non c'è alcun modo, invece, di impedir che Avast! faccia a pezzi i firewall di marca Kerio, Tiny e Sunbelt: in questi casi, o si decide di cambiar firewall... oppure si cambia l'antivirus (e così ho fatto io, che uso con piena soddisfazione, come firewall, proprio Sunbelt).
Torna in alto
 
smokerjoe
Inviato: Thursday, April 30, 2009 2:39:14 PM
Rank: Member

Iscritto dal : 2/2/2009
Posts: 13
ok disabilitato la protezione di rete di avast grazie x il consiglio ciauz
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi date un occhiata al log? sospetto infezioni


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.