Manuali.it
Ciao e Benvenuto/a nel Forum di Manuali.it !
Non sei registrato? Registrati subito cliccando QUI! E utilizza tutte le funzionalita' del sito!
Ci vediamo sul Forum !
Lo Staff di Manuali.it
Oggi è mer mag 22, 2013 11:50 am

Messaggi senza risposta | Argomenti attivi


Indice » Informatica ed Internet » Virus

Tutti gli orari sono UTC +2 ore




Apri un nuovo argomento Rispondi all’argomento  Pagina 1 di 1
  [ 6 messaggi ] 
  Precedente | Successivo 
Autore Messaggio
jmonty
 Oggetto del messaggio: Avast mail scanner services.exe
MessaggioInviato: dom feb 14, 2010 4:35 pm 
Non connesso
Utente
Utente

Iscritto il: dom feb 14, 2010 4:30 pm
Messaggi: 45
ho questo problema:
il mail scanner di avast è attivo, indicando che services.exe manda maila persone a me estrane, che devo fare???

allego il log file

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11.03.41, on 14/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\PD6000SM.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmi\Free Download Manager\fdm.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\eMule AdunanzA\eMule_AdnzA.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {6b284373-1765-4464-a587-80fbc2b2eefa} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: MediaBar - {7B840956-64ED-11DE-B890-694956D89593} - C:\Programmi\LphantTb\lphantDx.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programmi\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MediaBar - {7B840956-64ED-11DE-B890-694956D89593} - C:\Programmi\LphantTb\lphantDx.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [PD6000StatusMonitor] C:\WINDOWS\system32\PD6000SM.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Programmi\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; FDM; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.vatican.va/redemptoris_mater/shockwave/index.html?lingua=it"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programmi\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Servizio di Google Update (gupdate1ca894ceb0cf8e) (gupdate1ca894ceb0cf8e) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe

--
End of file - 10412 bytes



Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
RikyToro
 Oggetto del messaggio: Re: Avast mail scanner services.exe
MessaggioInviato: dom feb 14, 2010 5:08 pm 
Non connesso
Amministratore
Amministratore
Avatar utente

Iscritto il: mer set 07, 2005 10:24 am
Messaggi: 6633
Località: Parma
Immagine

Ciao e Benvenuto/a nel Forum di Manuali.it !
Ti ringraziamo per esserti iscritto ed essere entrato a far parte della nostra comunità.

Ti invitiamo a leggere con attenzione il Regolamento del Forum che trovi QUI e a personalizzare il tuo profilo utente inserendo una firma e sopratutto un avatar. Per entrare nel tuo profilo ti basterà cliccare sulla scritta "Profilo" nella parte alta di qualsiasi pagina del Forum.

Per qualsiasi problema, dubbio o richiesta non esitare a contattarci nella sezione Contatti con la Redazione o a contattare un membro dello staff via e-mail o Messaggio Privato.

Ci vediamo sul Forum !
Un saluto.
Lo Staff

_________________
Riccardo

-Corsair 550W 80plus
-SEAGATE Barracuda 1TB
-Windows 7 Home Premium 64bit
-G.SKILL DDR3 4GB CL7
-GIGABYTE P55-USB3
-Intel CORE i5 760/2.8HGz
-Inter-Tech CK-35 Observer Rubber Black Coated ATX-Tower
-Gigabyte nVidia 460 1GB DDR5

Immagine


Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
RikyToro
 Oggetto del messaggio: Re: Avast mail scanner services.exe
MessaggioInviato: dom feb 14, 2010 5:09 pm 
Non connesso
Amministratore
Amministratore
Avatar utente

Iscritto il: mer set 07, 2005 10:24 am
Messaggi: 6633
Località: Parma
Segui questa procedura:

informatica-ed-internet-virus/procedura-per-ripulire-un-pc-infetto-t21749.html

_________________
Riccardo

-Corsair 550W 80plus
-SEAGATE Barracuda 1TB
-Windows 7 Home Premium 64bit
-G.SKILL DDR3 4GB CL7
-GIGABYTE P55-USB3
-Intel CORE i5 760/2.8HGz
-Inter-Tech CK-35 Observer Rubber Black Coated ATX-Tower
-Gigabyte nVidia 460 1GB DDR5

Immagine


Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
jmonty
 Oggetto del messaggio: Re: Avast mail scanner services.exe
MessaggioInviato: lun feb 15, 2010 10:59 am 
Non connesso
Utente
Utente

Iscritto il: dom feb 14, 2010 4:30 pm
Messaggi: 45
ho eseguito la scansione con anti-malwere, ed non ha trovato nulla

allego il file log di combox

ComboFix 10-02-12.01 - massimo 15/02/2010 9.21.05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.657 [GMT 1:00]
Eseguito da: c:\downloads\Software\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\massimo\Dati applicazioni\inst.exe
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\ffqjjuu.dat
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\ffqjjuu_nav.dat
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\ffqjjuu_navps.dat
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\mkihmejb.dat
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\mkihmejb_nav.dat
c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\mkihmejb_navps.dat
c:\programmi\QUAD Utilities
c:\programmi\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\recycler\S-1-5-21-1993962763-362288127-725345543-1003
c:\windows\system32\919560941.dll
c:\windows\system32\config\44865862.Evt
c:\windows\system32\vbzlib1.dll
c:\windows\system32\VFP6RENU.DLL
c:\windows\winhelp.ini

----- BITS: Possibili siti infetti -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_NPF
-------\Service_asc3550p


((((((((((((((((((((((((( Files Creati Da 2010-01-15 al 2010-02-15 )))))))))))))))))))))))))))))))))))
.

2010-02-14 16:06 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 16:06 . 2010-02-14 16:06 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-02-14 16:06 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-13 14:41 . 2010-02-13 17:34 -------- d-----w- c:\programmi\ewido anti-malware
2010-02-13 13:42 . 2010-02-13 13:42 -------- d-----w- c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\PackageAware
2010-02-13 12:55 . 2010-02-13 12:55 -------- d-----w- c:\programmi\TrendMicro
2010-02-10 10:19 . 2010-02-10 10:19 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\Malwarebytes
2010-02-10 10:19 . 2010-02-10 10:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-02-09 16:03 . 2010-02-09 16:03 -------- d-----w- c:\programmi\SEGA
2010-02-09 14:00 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-02-09 14:00 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-02-09 13:58 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-02-09 13:58 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2010-02-09 13:58 . 2007-10-22 02:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2010-02-09 13:58 . 2007-06-20 19:46 266088 ----a-w- c:\windows\system32\xactengine2_8.dll
2010-02-09 13:58 . 2007-05-16 15:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2010-02-09 13:58 . 2007-05-16 15:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2010-02-09 13:58 . 2007-04-04 17:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2010-02-09 13:58 . 2007-03-15 15:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-02-09 13:58 . 2007-03-12 15:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2010-02-09 13:58 . 2007-01-24 14:27 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2010-02-09 13:58 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll
2010-02-09 13:58 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2010-02-09 13:58 . 2006-09-28 15:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll
2010-02-08 12:16 . 2010-02-08 12:16 -------- d-----w- c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\Windows Live Writer
2010-02-08 12:16 . 2010-02-08 12:16 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\Windows Live Writer
2010-02-08 12:07 . 2010-02-08 12:07 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-08 12:06 . 2010-02-08 12:07 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 13:31 . 2010-02-07 13:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2010-02-06 20:58 . 2010-02-07 20:29 -------- d-----w- c:\programmi\Unlocker
2010-02-06 13:30 . 2010-02-06 13:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2010-02-06 13:29 . 2010-02-06 14:52 -------- d-----w- c:\programmi\SUPERAntiSpyware
2010-02-06 13:29 . 2010-02-06 13:29 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\SUPERAntiSpyware.com
2010-01-31 13:43 . 2010-01-31 13:43 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-01-31 13:42 . 2010-01-31 13:43 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\lphanttb
2010-01-31 13:42 . 2010-01-31 13:43 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2010-01-23 13:11 . 2010-01-23 13:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WinZip
2010-01-23 13:04 . 2010-01-23 13:13 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\ZipGenius
2010-01-23 13:03 . 2010-01-23 13:05 -------- d-----w- c:\programmi\ZipGenius 6
2010-01-22 19:08 . 2010-01-22 19:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-01-22 18:25 . 2010-01-22 18:29 -------- d-----w- c:\programmi\Recuva
2010-01-17 08:25 . 2010-01-17 08:25 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-17 08:24 . 2006-07-28 08:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2010-01-17 08:24 . 2006-07-28 08:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2010-01-17 08:20 . 2010-01-17 08:20 -------- d-----w- c:\programmi\Eidos

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-15 08:34 . 2009-09-23 19:20 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\Free Download Manager
2010-02-14 20:17 . 2009-06-30 15:40 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\SolidDocuments
2010-02-14 14:50 . 2008-11-26 19:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-02-13 14:42 . 2010-02-13 14:42 32380 ----a-w- c:\windows\SCHEDLGU.TXT.TMP
2010-02-13 12:55 . 2010-02-13 12:55 388096 ----a-r- c:\documents and settings\massimo\Dati applicazioni\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-11 09:21 . 2009-03-15 18:07 -------- d-----w- c:\programmi\Super14
2010-02-10 17:10 . 2008-11-19 11:22 -------- d-----w- c:\programmi\AdunanzA
2010-02-09 16:52 . 2005-09-21 14:39 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-06 14:53 . 2009-09-01 12:51 -------- d-----w- c:\programmi\DsNET Corp
2010-02-06 13:31 . 2010-02-06 13:31 52224 ----a-w- c:\documents and settings\massimo\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-06 13:31 . 2010-02-06 13:31 117760 ----a-w- c:\documents and settings\massimo\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-06 13:03 . 2008-11-26 19:42 -------- d-----w- c:\programmi\QuickTime
2010-01-29 21:13 . 2009-09-03 14:19 52148 -c-ha-w- c:\windows\system32\mlfcache.dat
2010-01-22 18:41 . 2009-03-15 14:16 -------- d-----w- c:\programmi\tetris
2010-01-21 07:50 . 2009-09-27 17:56 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-14 12:30 . 2010-01-14 12:30 -------- d-----w- c:\programmi\GameSpy Arcade
2010-01-14 12:30 . 2010-01-14 12:30 0 ----a-w- c:\windows\PowerReg.dat
2010-01-13 19:12 . 2009-11-30 12:58 -------- d-----w- c:\programmi\File comuni\Adobe
2009-12-31 16:50 . 2005-09-21 09:01 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-31 13:22 . 2009-12-30 12:34 -------- d-----w- c:\programmi\File comuni\Real
2009-12-30 12:53 . 2009-09-27 15:33 -------- d-----w- c:\programmi\Google
2009-12-30 12:34 . 2009-12-30 12:34 -------- d-----w- c:\programmi\Real
2009-12-25 20:44 . 2009-12-25 20:44 -------- d-----w- c:\programmi\MSECache
2009-12-21 19:06 . 2005-09-21 09:01 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 16:03 . 2009-09-17 17:03 -------- d-----w- c:\documents and settings\massimo\Dati applicazioni\Dev-Cpp
2009-12-17 14:02 . 2009-05-05 14:15 41616 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-12-17 07:40 . 2005-09-21 09:12 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 21:33 . 2005-09-21 09:01 79292 ----a-w- c:\windows\system32\perfc010.dat
2009-12-16 21:33 . 2005-09-21 09:01 478808 ----a-w- c:\windows\system32\perfh010.dat
2009-12-16 09:53 . 2008-11-20 17:54 519 -c-ha-w- C:\os629005.bin
2009-12-14 07:08 . 2005-09-21 09:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:07 . 2005-09-21 09:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:07 . 2004-08-19 15:34 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-06 12:00 . 2009-12-09 07:55 52224 ----a-w- c:\documents and settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\at5nl05m.default\extensions\{7331ed91-b43e-4afe-92a8-f54e8976633f}\components\FFExternalAlert.dll
2009-12-06 12:00 . 2009-12-09 07:55 114688 ----a-w- c:\documents and settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\at5nl05m.default\extensions\{7331ed91-b43e-4afe-92a8-f54e8976633f}\components\npmozax.dll
2009-12-06 11:49 . 2009-12-09 07:55 52224 -c--a-w- c:\documents and settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\at5nl05m.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2009-12-06 11:49 . 2009-12-09 07:55 114688 ----a-w- c:\documents and settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\at5nl05m.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\npmozax.dll
2009-12-04 18:22 . 2005-09-21 09:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:12 . 2005-09-21 09:01 1296896 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:12 . 2004-08-19 15:39 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2001-08-30 23:08 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2005-09-21 09:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2005-09-21 09:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2005-09-21 09:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-19 15:39 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-21 15:54 . 2005-09-21 09:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 17:25 . 2008-11-21 20:21 73680 -c--a-w- c:\documents and settings\massimo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
.

------- Sigcheck -------

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B840956-64ED-11DE-B890-694956D89593}]
2009-08-10 14:07 91584 ----a-w- c:\programmi\LphantTb\lphantDx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7B840956-64ED-11DE-B890-694956D89593}"= "c:\programmi\LphantTb\lphantDx.dll" [2009-08-10 91584]

[HKEY_CLASSES_ROOT\clsid\{7b840956-64ed-11de-b890-694956d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"Free Download Manager"="c:\programmi\Free Download Manager\fdm.exe" [2009-02-27 3399727]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"Apoint"="c:\programmi\Apoint2K\Apoint.exe" [2004-03-24 196608]
"CeEKEY"="c:\programmi\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 671744]
"TPNF"="c:\programmi\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 53248]
"HWSetup"="c:\programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672]
"SVPWUTIL"="c:\programmi\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 65536]
"SmoothView"="c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"PadTouch"="c:\programmi\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077329]
"Tvs"="c:\programmi\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"OpwareSE2"="c:\programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"PD6000StatusMonitor"="c:\windows\system32\PD6000SM.EXE" [2003-06-16 266240]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\massimo\Menu Avvio\Programmi\Esecuzione automatica\
PowerReg Scheduler V3.exe [2010-1-14 225280]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2009-4-12 155648]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AdunanzA\\eMule_AdnzA.exe"=
"c:\\Programmi\\Free Download Manager\\fdm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule AdunanzA\\eMule_AdnzA.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Free Download Manager\\fdmwi.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\Toshiba\\ConfigFree\\CFXFER.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1080:TCP"= 1080:TCP:*:Disabled:prova

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19/11/2008 12.02.43 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19/11/2008 12.02.43 5248]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14/02/2009 21.34.26 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14/02/2009 21.34.26 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [27/09/2009 18.55.56 54752]
S2 gupdate1ca894ceb0cf8e;Servizio di Google Update (gupdate1ca894ceb0cf8e);c:\programmi\Google\Update\GoogleUpdate.exe [30/12/2009 13.31.42 133104]
S3 fsssvc;Servizio Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22.48.42 704864]
S3 WZCOOK;WEP/WPA-PMK key recovery service; [x]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-14 c:\windows\Tasks\User_Feed_Synchronization-{39A4009D-B557-4BEE-A6F1-15E481CF6407}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: &Search
IE: Download all with Free Download Manager - file://c:\programmi\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\programmi\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\programmi\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\programmi\Free Download Manager\dllink.htm
FF - ProfilePath - c:\documents and settings\massimo\Dati applicazioni\Mozilla\Firefox\Profiles\at5nl05m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor=
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npvlc.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{6b284373-1765-4464-a587-80fbc2b2eefa} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKU-Default-Run-drvsys32.exe - c:\windows\drvsys32.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-15 09:31
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x861D3798]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf766ff28
\Driver\ACPI -> ACPI.sys @ 0xf759acb8
\Driver\atapi -> 0x861d3798
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: NIC Fast Ethernet PCI Realtek RTL8139 Family -> SendCompleteHandler -> NDIS.sys @ 0xf7413bd4
PacketIndicateHandler -> NDIS.sys @ 0xf741fa21
SendHandler -> NDIS.sys @ 0xf7413d44
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1746722642-2183141402-3389976770-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2016)
c:\windows\system32\WININET.dll
c:\programmi\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\programmi\TOSHIBA\ConfigFree\CFSvcs.exe
c:\windows\system32\DVDRAMSV.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmi\Apoint2K\Apntex.exe
c:\programmi\Alwil Software\Avast4\ashMaiSv.exe
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Ora fine scansione: 2010-02-15 09:38:00 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-02-15 08:37

Pre-Run: 696.934.400 byte disponibili
Post-Run: 779.419.648 byte disponibili

- - End Of File - - A92FB43FC1CEF052DA427A75AA9CD554

ho utilizzato advanced system car, ha trovato parecchi problemi, e adesso non ho più queto problema,
spero che non appaia di nuovo



Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
RikyToro
 Oggetto del messaggio: Re: Avast mail scanner services.exe
MessaggioInviato: lun feb 15, 2010 11:02 am 
Non connesso
Amministratore
Amministratore
Avatar utente

Iscritto il: mer set 07, 2005 10:24 am
Messaggi: 6633
Località: Parma
Perfetto.

Se dovesse ripresentarsi facci sapere.

_________________
Riccardo

-Corsair 550W 80plus
-SEAGATE Barracuda 1TB
-Windows 7 Home Premium 64bit
-G.SKILL DDR3 4GB CL7
-GIGABYTE P55-USB3
-Intel CORE i5 760/2.8HGz
-Inter-Tech CK-35 Observer Rubber Black Coated ATX-Tower
-Gigabyte nVidia 460 1GB DDR5

Immagine


Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
jmonty
 Oggetto del messaggio: Re: Avast mail scanner services.exe
MessaggioInviato: lun feb 15, 2010 12:11 pm 
Non connesso
Utente
Utente

Iscritto il: dom feb 14, 2010 4:30 pm
Messaggi: 45
grazie



Condividi: Aggiungi: Avast mail scanner services.exe a Technorati Aggiungi: Avast mail scanner services.exe a OKNOtizie Aggiungi: Avast mail scanner services.exe a Segnalo Aggiungi: Avast mail scanner services.exe a Digg Aggiungi: Avast mail scanner services.exe a Boomark.it Aggiungi: Avast mail scanner services.exe a Furl Aggiungi: Avast mail scanner services.exe a de.li.cious Aggiungi: Avast mail scanner services.exe a Yahoo Aggiungi: Avast mail scanner services.exe a Stumbleupon Aggiungi: Avast mail scanner services.exe a Google Aggiungi: Avast mail scanner services.exe a BlogLines Aggiungi: Avast mail scanner services.exe a SocialDust.com Aggiungi: Avast mail scanner services.exe a Live.com Aggiungi: Avast mail scanner services.exe a Wikip.it
Top
 Profilo E-mail  
 
Visualizza ultimi messaggi:  Ordina per  
Apri un nuovo argomento Rispondi all’argomento  Pagina 1 di 1
  [ 6 messaggi ] 

Indice » Informatica ed Internet » Virus

Tutti gli orari sono UTC +2 ore


Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti

Non puoi aprire nuovi argomenti
Non puoi rispondere negli argomenti
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi

Cerca per:
Vai a:  
2000 - 2011 Manuali.it © - P.IVA 00992330670 - Tutti i diritti riservati - Note Legali - Condizioni di utilizzo del sito - Privacy - E' vietata qualsiasi riproduzione parziale o completa se non autorizzata - # Powered by Cykel Software
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Traduzione Italiana phpBB.it
phpBB SEO