Posto il log di HJ perchè IE, passato un pò di tempo a navigare, entra in crisi ma solo su alcuni siti come Aiutamici.Com, e non riaente del difetto, almeno mi sembra, nei siti principali tipo Libero o Yahoo; in pratica la finestra perde il controllo, diventa a tutto schermo senza barre applicazioni i comandi sinistro e destro del mouse danno luogo a schermate bianche e roba del genere. Chiudo IE, riapro, e tutto torna normale...fino alla prossima volta!

Il tutto è iniziato quado, circa un mese fa, ho installato la versione 8; successivamente l'ho disinstallata e sono tornato alla 7, mi sembrava che tutto fosse tornato normale ma il problema si è ripresentato anche con la vecchia versione(7).

Ho quindi, visto che c'era egualmente la malattia, reinstallato la 8 che, a parte quello che sta succedendo, funziona bene. Come predefinito utilizzo però Firefox 3.5.2 che non mi da alcun tipo di problema.

Non riesco a capire da cosa possa dipendere:
Qualcuno mi può dare consigli?

Ho XP SP3

Grazie
Mario.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.09.40, on 09/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Vimicro\Vimicro UVC USB2.0 PC Camera\x86\VMonitor.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Clip2Net\clip2net.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\Vasilios Applications\NumCapsScroll Indicator\NumCapsScroll Indicator.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Utente\Documenti\PROGRAMMI E Icone di sicurezza e utilità\HiJackThis\HijackThis.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://notizie.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: RadioItalia Toolbar - {0aaeaede-aefd-4672-a764-5c5c037612a2} - C:\Programmi\RadioItalia\tbRad0.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: RadioItalia Toolbar - {0aaeaede-aefd-4672-a764-5c5c037612a2} - C:\Programmi\RadioItalia\tbRad0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: (no name) - {bd0e4d83-654e-4213-965b-fcbe887061f4} - (no file)
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Programmi\Tracker Software\PDF-XChange Viewer\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: RadioItalia Toolbar - {0aaeaede-aefd-4672-a764-5c5c037612a2} - C:\Programmi\RadioItalia\tbRad0.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Programmi\Vimicro\Vimicro UVC USB2.0 PC Camera\x86\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.1\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Clip2Net.lnk = C:\Programmi\Clip2Net\clip2net.exe
O4 - Startup: Mozilla Sunbird.lnk = C:\Programmi\Mozilla Sunbird\sunbird.exe
O4 - Startup: NumCapsScroll Indicator.lnk = C:\Programmi\Vasilios Applications\NumCapsScroll Indicator\NumCapsScroll Indicator.exe
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate1c9877f61fbad50) (gupdate1c9877f61fbad50) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9058 bytes

---

Un amico è colui che cammina con te sulla spiaggia infinita della realtà, ma se un giorno voltandoti vedrai le impronte di una sola persona non pensare che ti abbia abbandonato nel momento in cui avevi bisogno di lui, ti ha soltanto preso in braccio.......

Ciao.
Io proverei a disistallare questi programmi:
C:\Programmi\Clip2Net\clip2net.exe
C:\Programmi\Vasilios Applications\NumCapsScroll Indicator\NumCapsScroll Indicator.exe (anche la cartella)
Farei una pulizia con CCleaner, registro compreso, e Riavvierei il Pc.

Niente da fare R16, il problema permane come prima.

Ciao

Mario

P.s: dimenticavo, ho ripristinato le 2 applicazioni che avevo tolto visto che non avevano responsabilità.

---

Un amico è colui che cammina con te sulla spiaggia infinita della realtà, ma se un giorno voltandoti vedrai le impronte di una sola persona non pensare che ti abbia abbandonato nel momento in cui avevi bisogno di lui, ti ha soltanto preso in braccio.......

R16, avevo fatto la scansione ieri sera con Malware e questi erano i risultati.
Avevo fatto inoltre una scansione con il mio antivirus (Kaspersky 2010) che non aveva trovato nulla di anomalo.
Ho utilizzato anche Glary per una pulizia.

Un ringraziamento doveroso per la tua disponibilità considerando anche il periodo agostano: se non ci fossi dovremmo inventarti!!
E poi il problema non è tanto grande visto che utilizzo con soddisfazione FF, ma, come al solito, mi da fastidio che la "macchina" non ubbidisca.
Ciao

Mario



Malwarebytes' Anti-Malware 1.40
Versione del database: 2586
Windows 5.1.2600 Service Pack 3

09/08/2009 21.06.53
mbam-log-2009-08-09 (21-06-53).txt

Tipo di scansione: Scansione completa (C:\|H:\|)
Elementi scansionati: 203957
Tempo trascorso: 1 hour(s), 3 minute(s), 32 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

---

Un amico è colui che cammina con te sulla spiaggia infinita della realtà, ma se un giorno voltandoti vedrai le impronte di una sola persona non pensare che ti abbia abbandonato nel momento in cui avevi bisogno di lui, ti ha soltanto preso in braccio.......

Ciao Erresedici, meriti il nome per esteso;

ho fatto 31 e quello sotto è il risultato.

Di Explorer.exe ce n'è solo uno.


ComboFix 09-08-10.04 - Utente 11/08/2009 11.11.22.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1023.555 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Utente\IMPOST~1\Temp\76A6A24A.nbp
c:\docume~1\Utente\IMPOST~1\Temp\76A6A24D.nbp
c:\documents and settings\Utente\Impostazioni locali\temp\76A6A24A.nbp
c:\documents and settings\Utente\Impostazioni locali\temp\76A6A24D.nbp
C:\LOG12.tmp
C:\LOG13.tmp
C:\LOG15.tmp
C:\LOG25.tmp
C:\LOG26.tmp
C:\LOG3.tmp
C:\LOG4.tmp
C:\LOG5.tmp
C:\LOG6.tmp
C:\LOG7.tmp
C:\LOG8.tmp
C:\LOG9.tmp
C:\LOGA.tmp
C:\LOGB.tmp
C:\LOGC.tmp
C:\LOGF.tmp
c:\programmi\Search Settings
c:\programmi\Search Settings\kb127\SearchSettings.dll
c:\programmi\Search Settings\kb127\SearchSettingsRes409.dll
c:\programmi\Search Settings\SearchSettings.exe
c:\windows\Installer\13be43.msp
c:\windows\Installer\1c0972.msi
c:\windows\Installer\3241ad.msi
c:\windows\Installer\7ed78a.msi
c:\windows\Installer\RefB0.msi
c:\windows\kb913800.exe

.
((((((((((((((((((((((((( Files Creati Da 2009-07-11 al 2009-08-11 )))))))))))))))))))))))))))))))))))
.

2009-08-10 10:57 . 2009-08-10 10:57 -------- d-----w- c:\programmi\Clip2Net
2009-08-10 09:40 . 2009-08-10 09:40 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-10 09:40 . 2009-08-10 09:40 -------- d-----w- c:\programmi\Vasilios Applications
2009-08-07 17:35 . 2009-08-07 17:39 -------- dc-h--w- c:\windows\ie8
2009-08-05 17:27 . 2009-08-05 17:27 -------- d-----w- c:\docume~1\Utente\DATIAP~1\GlarySoft
2009-08-05 17:17 . 2009-08-05 17:17 -------- d-----w- c:\programmi\Glary Utilities
2009-08-04 10:02 . 2009-08-04 10:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Agnitum
2009-07-29 09:55 . 2009-08-08 09:50 -------- d-----w- c:\docume~1\Utente\DATIAP~1\vlc
2009-07-23 22:03 . 2009-07-23 22:03 -------- d-----w- c:\programmi\Windows Defender
2009-07-23 21:40 . 2009-07-23 21:40 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-07-23 21:39 . 2009-07-23 21:39 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-23 21:39 . 2009-07-23 21:39 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-23 21:33 . 2009-07-23 21:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-07-20 09:45 . 2009-07-20 09:45 -------- d-----w- c:\programmi\JDVoiceMail_2.53
2009-07-20 09:29 . 2009-07-20 09:49 -------- d-----w- c:\docume~1\Utente\DATIAP~1\jdvoicemail
2009-07-16 09:03 . 2009-07-16 09:05 -------- d-----w- c:\programmi\Kantaris
2009-07-13 16:36 . 2009-07-13 16:36 -------- d-sh--w- c:\documents and settings\Utente\IECompatCache
2009-07-12 11:16 . 2009-07-12 11:16 -------- d-sh--w- c:\documents and settings\Utente\PrivacIE
2009-07-12 11:14 . 2009-07-12 11:14 -------- d-sh--w- c:\documents and settings\Utente\IETldCache
2009-07-12 11:12 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-12 11:11 . 2009-08-06 10:43 -------- d-----w- c:\windows\ie8updates
2009-07-12 11:10 . 2009-07-03 16:55 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-12 11:10 . 2009-07-03 16:55 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-11 09:18 . 2007-11-30 09:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-08-11 09:18 . 2008-04-26 10:33 -------- d-----w- c:\programmi\Mozilla Sunbird
2009-08-10 17:46 . 2008-10-24 09:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-08-10 17:46 . 2008-02-23 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-08-10 17:45 . 2009-04-10 17:20 -------- d-----w- c:\programmi\SpywareBlaster
2009-08-10 15:06 . 2008-12-13 18:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-08-05 16:50 . 2007-11-30 18:53 -------- d-----w- c:\programmi\Java
2009-08-05 10:32 . 2009-02-09 18:22 -------- d-----w- c:\docume~1\Utente\DATIAP~1\DVD Flick
2009-08-05 09:44 . 2009-07-03 10:25 -------- d-----w- c:\docume~1\Utente\DATIAP~1\XnView
2009-08-04 10:20 . 2009-03-27 10:57 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-08-03 16:37 . 2008-10-13 16:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-08-03 16:36 . 2008-10-13 16:25 -------- d-----w- c:\programmi\NOS
2009-08-03 11:36 . 2009-03-27 10:57 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 11:36 . 2009-03-27 10:57 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-31 17:25 . 2008-07-27 16:16 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-07-31 15:03 . 2009-03-28 11:39 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-07-30 17:21 . 2009-01-26 20:20 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-07-28 17:41 . 2008-03-09 12:30 -------- d-----w- c:\docume~1\Utente\DATIAP~1\dvdcss
2009-07-26 21:16 . 2009-06-19 17:07 -------- d-----w- c:\programmi\RadioItalia
2009-07-26 09:39 . 2009-04-29 18:35 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Yahoo!
2009-07-25 10:53 . 2009-04-18 11:51 -------- d-----w- c:\programmi\TuneUp Utilities 2008
2009-07-25 09:33 . 2004-09-07 12:00 82216 ----a-w- c:\windows\system32\perfc010.dat
2009-07-25 09:33 . 2004-09-07 12:00 485314 ----a-w- c:\windows\system32\perfh010.dat
2009-07-25 03:23 . 2008-10-28 10:51 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-23 21:38 . 2007-11-30 09:52 -------- d-----w- c:\programmi\Kaspersky Lab
2009-07-23 10:11 . 2007-11-30 11:56 -------- d-----w- c:\docume~1\Utente\DATIAP~1\Skype
2009-07-23 10:09 . 2007-12-13 11:20 -------- d-----w- c:\docume~1\Utente\DATIAP~1\skypePM
2009-07-22 09:07 . 2007-11-30 11:30 -------- d-----w- c:\programmi\Google
2009-07-15 09:10 . 2008-12-21 10:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-07-09 09:47 . 2009-02-22 18:57 -------- d-----w- c:\programmi\Download Express
2009-07-07 15:10 . 2009-07-07 15:10 -------- d-----w- c:\programmi\VideoLAN
2009-07-04 17:43 . 2008-03-18 10:19 -------- d-----w- c:\programmi\IObit
2009-07-03 16:55 . 2004-09-07 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-03 13:48 . 2009-07-03 13:48 219664 ----a-w- c:\windows\system32\klogon.dll
2009-07-03 13:45 . 2009-07-03 13:45 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-07-03 10:24 . 2009-07-03 10:24 -------- d-----w- c:\programmi\XnView
2009-07-03 10:12 . 2009-01-22 18:11 -------- d-----w- c:\programmi\VDOWNLOADER
2009-06-30 16:49 . 2009-02-03 18:49 -------- d-----r- c:\programmi\Skype
2009-06-30 16:49 . 2009-06-30 16:49 -------- d-----w- c:\programmi\File comuni\Skype
2009-06-30 16:48 . 2007-11-30 11:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-06-26 18:50 . 2009-02-09 18:19 -------- d-----w- c:\programmi\DVD Flick
2009-06-26 16:37 . 2008-02-02 18:22 -------- d-----w- c:\docume~1\Utente\DATIAP~1\gtk-2.0
2009-06-22 10:03 . 2007-11-30 18:16 -------- d-----w- c:\programmi\Windows Live Safety Center
2009-06-20 10:00 . 2009-06-20 10:00 -------- d-----w- c:\programmi\Photo To Sketch
2009-06-17 18:43 . 2009-06-17 18:43 -------- d-----w- c:\programmi\Cobian Backup 9
2009-06-17 16:37 . 2009-06-17 16:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Macrium
2009-06-17 16:36 . 2009-06-17 16:36 -------- d-----w- c:\programmi\Macrium
2009-06-16 17:52 . 2008-05-05 16:28 -------- d-----w- c:\programmi\WebShot
2009-06-16 14:36 . 2004-09-07 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-09-07 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 12:01 . 2009-06-15 12:01 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-06-14 09:57 . 2009-05-14 15:31 -------- d-----w- c:\programmi\IZArc
2009-06-12 10:20 . 2009-06-12 10:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2009-06-08 17:50 . 2003-03-19 04:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-08 17:50 . 2003-02-21 12:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-03 19:09 . 2004-09-07 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll
2009-05-16 18:59 . 2009-05-16 18:59 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2009-05-13 15:46 . 2009-05-13 15:46 31760 ----a-w- c:\windows\system32\drivers\klim5.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-13 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"VMonitorVMUVC"="c:\programmi\Vimicro\Vimicro UVC USB2.0 PC Camera\x86\VMonitor.exe" [2007-04-13 114688]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-07-03 303376]
"Windows Defender"="c:\programmi\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.1\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-10-27 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Utente\Menu Avvio\Programmi\Esecuzione automatica\
Clip2Net.lnk - c:\programmi\Clip2Net\clip2net.exe [2009-8-10 1591296]
Mozilla Sunbird.lnk - c:\programmi\Mozilla Sunbird\sunbird.exe [2008-4-27 6354540]
NumCapsScroll Indicator.lnk - c:\programmi\Vasilios Applications\NumCapsScroll Indicator\NumCapsScroll Indicator.exe [2009-2-2 1185319]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20.41.32 33808]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [20/05/2008 8.32.40 15328]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [06/08/2008 11.34.02 216032]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17.46.52 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20.59.44 19472]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [13/02/2009 18.26.29 248448]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [13/02/2009 18.26.28 476032]
S2 gupdate1c9877f61fbad50;Google Update Service (gupdate1c9877f61fbad50);c:\programmi\Google\Update\GoogleUpdate.exe [05/02/2009 12.49.11 133104]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-07-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2008\OneClick.exe [2008-06-20 07:27]

2008-12-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-11 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-08-05 08:30]

2009-08-11 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-23 17:29]

2009-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-05 10:49]

2009-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-05 10:49]

2009-08-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-08-07 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-04-08 10:16]

2009-08-11 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-04-08 10:16]

2009-07-04 c:\windows\Tasks\SmartDefrag.job
- c:\programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-07-04 07:22]

2009-08-10 c:\windows\Tasks\User_Feed_Synchronization-{CBE927A5-3159-45B5-8F5D-30F286C020F8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://notizie.libero.it/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\Download Express\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\Download Express\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\Download Express\mdpph.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
FF - ProfilePath - c:\docume~1\Utente\DATIAP~1\Mozilla\Firefox\Profiles\hotcop60.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://notizie.libero.it/index.php?refresh_ce|http://it.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT556636&SearchSource=2&q=
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\hotcop60.default\extensions\{0aaeaede-aefd-4672-a764-5c5c037612a2}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\hotcop60.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programmi\Picasa2\npPicasa2.dll
FF - plugin: c:\programmi\Tracker Software\PDF-XChange Viewer\pdf-viewer\npPDFXCviewNPPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-11 11:18
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1214440339-573735546-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(744)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(3292)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\ehome\mcrdsvc.exe
c:\programmi\Canon\CAL\CALMAIN.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-08-11 11.22.08 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-08-11 09:22

Pre-Run: 148.315.615.232 byte disponibili
Post-Run: 148.167.725.056 byte disponibili

368 --- E O F --- 2009-08-11 09:05

---

Un amico è colui che cammina con te sulla spiaggia infinita della realtà, ma se un giorno voltandoti vedrai le impronte di una sola persona non pensare che ti abbia abbandonato nel momento in cui avevi bisogno di lui, ti ha soltanto preso in braccio.......

Ciao,se puo' esserti utile,KAV 2010 o KIS 2010(CHE USO SU 3 PC) non sono i responsabili di quanto accade sul tuo pc sopratutto non e' responsabile neppure IE8 che utilizzo senza problemi, non e' molto chiaro quanto descrivi,comunque una cosa simile e' accaduta sul pc dei miei figli,dove il browser IE appariva privo di barra applicazone e barra strumenti, il problema era l'aver cliccado sula barra in alto del browser inavvertitamente,questa procedura elimina la visualizzazione delle barre e quindi hai il browser a tutto schermo,non vorrei che sbadatamente clicchi dove modifica la visualizzazione.

Ciao scusa la domanda io utilizzo kis 2010,ma kav 2010 ha l'antibanner?

Ciao fai solo un controlo clicca su antivirus web e nelle impostazioni controlla di averle impostate su consigliato.

Ciao.
Fai prima a fare una prova disistallandolo, e vedi se si ripete la stessa musica.
Il problema, è che con le prove, sei senza antivirus.
Fai prima questa prova:
Strumenti
Opzioni Internet
Avanzate
Clicca su "Reimposta"
Clicca "Applica" e poi OK.
Riavvia il pc.

Mentre scrivo mi sto toccando.... per scaramanzia: da circa un'ora e mezzo, stressato IE e me stesso, non si è riproposto il problema.

Va che è una fucilata;

mi viene da pensare che sono proprio come mi diceva il mio vecchio sergente: imbranatooo!!!

Ulteriori sviluppi in seguito e, per ora, un grazie come al solito.

Mario

---

Un amico è colui che cammina con te sulla spiaggia infinita della realtà, ma se un giorno voltandoti vedrai le impronte di una sola persona non pensare che ti abbia abbandonato nel momento in cui avevi bisogno di lui, ti ha soltanto preso in braccio.......