Condividi:        

Internet Explorer

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Internet Explorer

Postdi maxbridge » 25/10/08 15:04

Buongiorno a tutti.
Ogni volta che apro il laptop mi si aprono 2 pagine di IE e è lentissimo.
Potreste aiutarmi per favore?
Grazie.
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Sponsor
 

Re: Internet Explorer

Postdi MIKI68 » 25/10/08 15:48

Posta il log di hijackthis!
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: Internet Explorer

Postdi maxbridge » 25/10/08 15:57

Eccolo
Grazie ancora

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.54.55, on 25/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virgilio.alice.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0BB25A64-41B8-4051-A627-A8B9F2DA6FD2} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bytemobile BHO - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: (no name) - {92162A1C-A9E3-4C0C-BCDC-2996E8406887} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [phewv] "C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [License] locker.exe
O4 - HKLM\..\Run: [Microsoft©] C:\WINDOWS\system32\dllcache\iexplore.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe /NoDialog
O4 - HKCU\..\Run: [phewv] "C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe"
O4 - HKCU\..\Run: [Microsoft©] C:\WINDOWS\system32\dllcache\iexplore.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... p=ZKman000
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.virgilio.it/free
O15 - Trusted Zone: www.2mug.com
O15 - Trusted Zone: www.698698698.info
O15 - Trusted Zone: www.adslconnection.name
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.happyfile.net
O15 - Trusted Zone: www.hastalavista.it
O15 - Trusted Zone: www.pornoaccesso.com
O15 - Trusted Zone: www.softlab.name
O15 - Trusted Zone: www.xxx-content.name
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac ... oader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O21 - SSODL: agrlmvp - {45CA98F4-A966-405B-8454-675B1D814D0C} - (no file)
O21 - SSODL: bmlvqkn - {0F6871A7-02A5-4E9A-9769-43A73073ED9B} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe

--
End of file - 9529 bytes
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Re: Internet Explorer

Postdi MIKI68 » 25/10/08 16:14

Non ho mai visto un log così schifoso fixia in modalità provvisoria le seguenti voci: C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0BB25A64-41B8-4051-A627-A8B9F2DA6FD2} - (no file) O2 - BHO: Bytemobile BHO - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file) O3 - Toolbar: (no name) - {92162A1C-A9E3-4C0C-BCDC-2996E8406887} - (no file) O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -
C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [phewv] "C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe" O4 - HKLM\..\Run: [Microsoft©] C:\WINDOWS\system32\dllcache\iexplore.exe O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [phewv] "C:\DOCUME~1\CRISTI~1\IMPOST~1\Temp\6334812.exe" O4 - HKCU\..\Run: [Microsoft©] C:\WINDOWS\system32\dllcache\iexplore.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... p=ZKman000 O15 - Trusted Zone: www.698698698.info O15 - Trusted Zone: www.adslconnection.name O15 - Trusted Zone: www.archiviosex.net O15 - Trusted Zone: www.hastalavista.it O15 - Trusted Zone: www.pornoaccesso.comO15 - Trusted Zone: www.softlab.name O15 - Trusted Zone: www.xxx-content.name O21 - SSODL: agrlmvp - {45CA98F4-A966-405B-8454-675B1D814D0C} - (no file) O21 - SSODL: bmlvqkn - {0F6871A7-02A5-4E9A-9769-43A73073ED9B} - (no file)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
Poi fai una scansione con antivirus e antispyware e riposta il log di hijackthis
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: Internet Explorer

Postdi maxbridge » 25/10/08 17:22

Fatto tutto!
Dammi il responso.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.19.54, on 25/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virgilio.alice.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [License] locker.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.virgilio.it/free
O15 - Trusted Zone: www.2mug.com
O15 - Trusted Zone: www.happyfile.net
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac ... oader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe

--
End of file - 6956 bytes
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Re: Internet Explorer

Postdi maxbridge » 26/10/08 08:46

Aiuto!!!
Mi si aprono un milione di pagine IE ed è impossibile chiuderle!!!
Grazie!
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Re: Internet Explorer

Postdi Luke57 » 26/10/08 10:02

Ciao, scarica combofix sul desktop
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Poi avvia combofix.exe, parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione, se dovessero scomparire le icone sul desktop e la barra delle applicazioni, non è nulla di cui preoccuparsi),una volta terminata, se tutto è andato bene, in C:\ dovresti trovare il file combofix.txt , posta il contenuto del file.

Inoltre, scarica malwarebytes da qui:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: Internet Explorer

Postdi MIKI68 » 26/10/08 10:23

Fixia ancora queste voci: O4 - HKLM\..\Run: [License] locker.exe (questo è importante devi eliminarlo)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac ... oader5.cab O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing) ( questo lo stesso come sopra)
Disinstalla avast e installa antivir della avira e fai una bella scansione, poi scarica spybot e facci un'altra bella scansione e poi ancora segui i consigli di Luke57
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: Internet Explorer

Postdi maxbridge » 26/10/08 21:06

Ecco i logs

ComboFix 08-10-25.01 - Cristiana 2008-10-26 20.01.25.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.185 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Cristiana\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Cristiana\Dati applicazioni\FunWebProducts
C:\Documents and Settings\Cristiana\Impostazioni locali\Dati applicazioni\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\system32\autorun.ini
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService


((((((((((((((((((((((((( Files Creati Da 2008-09-26 al 2008-10-26 )))))))))))))))))))))))))))))))))))
.

2008-10-26 19:49 . 2008-10-26 19:49 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Windows Search
2008-10-25 18:04 . 2008-10-25 18:04 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-10-25 18:03 . 2008-10-25 18:03 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-10-25 16:53 . 2008-10-25 16:53 <DIR> d-------- C:\Programmi\Trend Micro
2008-10-25 16:48 . 2008-10-25 16:48 <DIR> d-------- C:\Programmi\Microsoft Silverlight
2008-10-25 16:48 . 2008-10-25 16:48 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Windows Desktop Search
2008-10-25 16:47 . 2008-10-25 16:47 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-10-25 16:47 . 2008-10-25 16:47 <DIR> d-------- C:\Programmi\Windows Desktop Search
2008-10-25 16:47 . 2008-10-25 17:12 4,625 --a------ C:\WINDOWS\imsins.BAK
2008-10-25 16:46 . 2008-03-07 19:02 192,000 --------- C:\WINDOWS\system32\dllcache\offfilt.dll
2008-10-25 16:46 . 2008-03-07 19:02 98,304 --------- C:\WINDOWS\system32\dllcache\nlhtml.dll
2008-10-25 16:46 . 2008-03-07 19:02 29,696 --------- C:\WINDOWS\system32\dllcache\mimefilt.dll
2008-10-25 15:51 . 2008-10-15 18:36 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-20 20:28 . 2008-10-20 20:28 <DIR> d--hs---- C:\FOUND.007
2008-10-18 09:33 . 2008-10-18 09:33 <DIR> d--hs---- C:\FOUND.006
2008-10-18 09:12 . 2008-10-18 09:12 <DIR> d--hs---- C:\FOUND.005
2008-10-17 22:15 . 2008-10-17 22:14 2,745,808 --a------ C:\Programmi\WebfettiSetup2.3.50.22.ZKman000.exe
2008-10-17 22:04 . 2008-09-08 12:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-17 22:02 . 2008-09-15 17:24 1,846,400 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-17 22:01 . 2008-08-14 15:22 2,192,896 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,148,864 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,069,760 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,027,520 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 19:29 . 2008-10-15 19:29 <DIR> d--hs---- C:\FOUND.004
2008-10-06 22:20 . 2008-10-06 22:20 <DIR> d--hs---- C:\FOUND.003
2008-10-05 17:16 . 2008-10-05 17:16 <DIR> d--hs---- C:\FOUND.002
2008-10-05 10:56 . 2008-10-05 10:56 <DIR> d--hs---- C:\FOUND.001
2008-10-05 10:17 . 2008-10-05 10:17 8,840 --a------ C:\WINDOWS\SEC1146.PNF
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\system32\it
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-05 10:11 . 2008-10-05 10:11 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-10-05 10:09 . 2008-10-05 10:09 2,948 --a------ C:\WINDOWS\SEC16.PNF
2008-10-05 10:05 . 2008-10-05 10:05 <DIR> d-------- C:\WINDOWS\EHome
2008-09-30 23:15 . 2008-09-30 23:15 <DIR> d-------- C:\Programmi\Bonjour
2008-09-30 23:13 . 2008-09-30 23:13 <DIR> d-------- C:\Programmi\Apple Software Update
2008-09-30 22:54 . 2008-09-30 22:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-09-30 09:36 . 2008-09-30 09:36 <DIR> d--hs---- C:\FOUND.000
2008-09-28 23:13 . 2008-06-14 19:32 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-09-28 23:13 . 2008-06-14 19:32 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-28 23:12 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-09-28 23:11 . 2008-04-11 21:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-09-28 16:32 . 2008-09-28 16:32 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\skypePM
2008-09-28 16:32 . 2008-09-28 16:32 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Programmi\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Programmi\File comuni\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Skype
2008-09-28 16:18 . 2008-09-28 16:18 <DIR> d-------- C:\Software
2008-09-28 16:15 . 2008-09-28 16:15 <DIR> d-------- C:\File di registro
2008-09-28 16:08 . 2008-09-28 16:08 <DIR> d-------- C:\Programmi\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-03 17:58 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 16:24 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-12 18:28 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-09-12 17:58 --------- d-----w C:\Documents and Settings\Cristiana\Dati applicazioni\Lavasoft
2008-09-08 11:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-29 09:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
2008-08-27 09:57 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 14:22 2,192,896 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 14:22 2,069,760 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 11:04 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2007-11-15 09:01 102,912 ----a-w C:\Documents and Settings\Cristiana\Dati applicazioni\GDIPFONTCACHEV1.DAT
2005-12-23 13:00 24,192 ----a-w C:\Documents and Settings\Cristiana\usbsermptxp.sys
2005-12-23 13:00 22,768 ----a-w C:\Documents and Settings\Cristiana\usbsermpt.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Packard Bell Data Secure"="C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 2361856]
"PcSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" [2006-11-09 1634304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"PCSuiteTrayApplication"="C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-28 222720]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2007-12-11 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"PcSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\Cristiana\\Documenti\\E-MULE\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 4096]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-03-24 78208]
S3 USBCamera;DIGITAL CAMERA;C:\WINDOWS\system32\Drivers\Bulk533.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03652cc4-20ff-11da-8e2b-00c09fab378b}]
\Shell\auto\command - Knight.exe open
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
\Shell\explore\command - Knight.exe open
\Shell\find\command - Knight.exe open
\Shell\install\command - Knight.exe open
\Shell\open\command - Knight.exe open

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e88dbcc8-80ef-11dd-9489-00c09fab378b}]
\Shell\AutoRun\command - G:\.\run\autorun.exe
\Shell\open\Command - G:\.\run\autorun.exe
.
Contenuto della cartella 'Scheduled Tasks'

2008-10-23 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Programmi\Symantec\LiveUpdate\NDETECT.EXE []

2008-10-26 C:\WINDOWS\Tasks\Packard Bell Data Secure for Cristiana.job
- C:\Programmi\Packard Bell Data Secure\DSMsg.exe [2006-04-13 14:50]

2008-10-23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementare di scansione -------
.
FireFox -: Profile - C:\Documents and Settings\Cristiana\Dati applicazioni\Mozilla\Firefox\Profiles\j2gmd8b6.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://it.start.mozilla.com/firefox?cli ... t:official
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-26 20:05:16
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Altri processi in esecuzione ------------------------
.
C:\PROGRAMMI\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
C:\WINDOWS\SYSTEM32\WGATRAY.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAMMI\FILE COMUNI\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
C:\PROGRAMMI\BONJOUR\MDNSRESPONDER.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\SYSTEM32\HPZIPM12.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2008-10-26 20:08:33 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2008-10-26 19:08:26

Pre-Run: 17.387.569.152 byte disponibili
Post-Run: 17,378,885,632 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

208 --- E O F --- 2008-10-25 14:05:17


------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.30
Versione del database: 1324
Windows 5.1.2600 Service Pack 3

26/10/2008 21.03.16
mbam-log-2008-10-26 (21-03-16).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 93600
Tempo trascorso: 23 minute(s), 16 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 153
Valori di registro infetti: 4
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16c7013f-912e-42ac-aa8e-a10a180dff51} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{50a7e9b0-70ef-11d1-b75a-00a0c90564fe} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0751c551-7568-41c9-8e5b-e22e38919236} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{177160ca-bb5a-411c-841d-bd38facdeaa0} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{18bcc359-4990-4bfb-b951-3c83702be5f9} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1d2efd50-75ce-11d1-b75a-00a0c90564fe} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2d91eea1-9932-11d2-be86-00a0c9a83da1} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{317ee249-f12e-11d2-b1e4-00c04f8eeb3e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{31c147b6-0ade-4a3c-b514-ddf932ef6d17} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4a3df050-23bd-11d2-939f-00a0c91eedba} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{60890160-69f0-11d1-b758-00a0c90564fe} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62112aa2-ebe4-11cf-a5fb-0020afe7292d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{744129e0-cbe5-11ce-8350-444553540000} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{88a05c00-f000-11ce-8350-444553540000} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9ba05970-f6a8-11cf-a442-00a0c90a8f39} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a4c6892c-3ba9-11d2-9dea-00c04fb16162} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7ae5f64-c4d7-4d7f-9307-4d24ee54b841} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b30f7305-5967-45d1-b7bc-d6eb7163d770} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbcbde60-c3ff-11ce-8350-444553540000} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c94f0ad0-f363-11d2-a327-00c04f8eec7f} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8f015c0-c278-11ce-a49e-444553540000} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e7a1af80-4d96-11cf-960c-0080c7f4ee85} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eaa7c309-bbec-49d5-821d-64d966cb667f} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{edc817aa-92b8-11d1-b075-00c04fc33aa5} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{efd84b2d-4bcf-4298-be25-eb542a59fbda} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f0d2d8ef-3890-11d2-bf8b-00c04fb93661} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0010890e-8789-413c-adbc-48f5b511b3af} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0010890e-8789-413c-adbc-48f5b511b3af} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00eebf57-477d-4084-9921-7ab3c2c9459d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01e2e7c0-2343-407f-b947-7e132e791d3e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{021003e9-aac0-4975-979f-14b5d4e717f8} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09799afb-ad67-11d1-abcd-00c04fc30936} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0afaced1-e828-11d1-9187-b532f1e9575d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0d2e74c4-3c34-11d2-a27e-00c04fc30871} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e5cbf21-d15f-11d0-8301-00aa005b4383} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{111dcced-3b96-4170-a076-681669ed1512} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{12518493-00b2-11d2-9fa5-9e3420524153} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{13709620-c279-11ce-a49e-444553540000} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1820fed0-473e-11d0-a96c-00c04fd705a2} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1ebdcf80-a200-11d0-a3a4-00c04fd706ec} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f4de370-d627-11d1-ba4f-00a0c91eedba} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{208d2c60-3aea-1069-a2d7-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20b1cb23-6968-4eb9-b7d4-a66d00d07cee} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20d04fe0-3aea-1069-a2d8-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{21b22460-3aea-1069-a2dc-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{24f14f01-7b1c-11d1-838f-0000f80461cf} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{24f14f02-7b1c-11d1-838f-0000f80461cf} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25585dc7-4da0-438d-ad04-e42c8d2d64b9} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{26fdc864-be88-46e7-9235-032d8ea5162e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3bb4118f-ddfd-4d30-a348-9fb5d6bf1afe} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f454f0e-42ae-4d7c-8ea3-328250d6e272} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f6953f0-5359-47fc-bd99-9f2cb95a62fd} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fc0b520-68a9-11d0-8d77-00c04fd70822} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{450d8fba-ad25-11d0-98a8-0800361b1103} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{450d8fba-ad25-11d0-98a8-0800361b1103} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4622ad11-ff23-11d0-8d34-00a0c90f2719} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4657278a-411b-11d2-839a-00c04fd918d0} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48e7caab-b918-4e58-a94d-505519c795dc} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53c74826-ab99-4d33-aca4-3117f51d3788} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{55d7b852-f6d1-42f2-aa75-8728a1b2d264} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{57651662-ce3e-11d0-8d77-00c04fc99d61} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{59031a47-3f72-44a7-89c5-5595fe6b30ee} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b4dae26-b807-11d0-9815-00c04fd91972} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5ef4af3a-f726-11d0-b8a2-00c04fc309a4} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f5295e0-429f-1069-a2e2-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62112aa1-ebe4-11cf-a5fb-0020afe7292d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63b51f81-c868-11d0-999c-00c04fd655e1} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66742402-f9b9-11d1-a202-0000f81fedee} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{67331d85-be17-42f6-8d3f-47b8e8b26637} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{679d9e37-f8f9-11d2-8deb-00c04f6837d5} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b831e4f-a50d-45fc-842f-16ce27595359} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6cf8e98c-5dd4-42a2-a948-bfe4ca1dc3eb} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d5313c0-8c62-11d1-b2cd-006097df8c11} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72267f6a-a6f9-11d0-bc94-00c04fb67863} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72b3882f-453a-4633-aac9-8c3dced62aff} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72eb61e0-8672-4303-9175-f2e4c68b2e7c} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{733ac4cb-f1a4-11d0-b951-00a0c90312e1} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7487cd30-f71a-11d0-9ea7-00805f714772} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{75048700-ef1f-11d0-9888-006097deacf9} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ba4c740-9e81-11cf-99d3-00aa004ae837} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7be9d83c-a729-4d97-b5a7-1b7313c39e0a} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7eb5fbe4-2100-49e6-8593-17e130122f91} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7febaf7c-18cf-11d2-993f-00a0c91f3880} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8278f931-2a3e-11d2-838f-00c04fd918d0} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84720068-f106-4b58-a4c6-189382ab39bd} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86422020-42a0-1069-a2e5-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{864a1288-354c-4d19-9d68-c2742bb14997} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86747ac0-42a0-1069-a2e6-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c86720-42a0-1069-a2e8-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e827c11-33e7-4bc1-b242-8cd9a1c2b304} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{94357b53-ca29-4b78-83ae-e8fe7409134f} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{95ce8412-7027-11d1-b879-006008059382} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ac9fbe1-e0a2-4ad6-b4ee-e212013ea917} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ba05971-f6a8-11cf-a442-00a0c90a8f39} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a07034fd-6caa-4954-ac3f-97a27216f98a} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a470f8cf-a1e8-4f65-8335-227475aa5c46} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aabe54d4-6e88-4c46-a6b3-1df790dd6e0d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b005e690-678d-11d1-b758-00a0c90564fe} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b091e540-83e3-11cf-a713-0020afd79762} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0a8f3cf-4333-4bab-8873-1ccb1cada48b} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b2f2e083-84fe-4a7e-80c3-4b50d10d646e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b5607793-24ac-44c7-82e2-831726aa6cb7} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bab33640-1280-11d2-aa30-00a0c91eedba} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2fbb630-2971-11d1-a18c-00c04fd75d13} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2fbb631-2971-11d1-a18c-00c04fd75d13} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c4ee31f3-4768-11d2-be5c-00a0c9a83da1} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c827f149-55c1-4d28-935e-57e47caed973} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d82be2b0-5764-11d0-a96e-00c04fd705a2} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d912f8cf-0396-4915-884e-fb425d32943b} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d969a300-e7ff-11d0-a93b-00a0c90f2719} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e13ef4e4-d2f2-11d0-9816-00c04fd91972} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1618f52-bf15-484a-86d2-183400e66a2b} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e17d4fc0-5564-11d1-83f2-00a0c90dc849} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e773f1af-3a65-4866-857d-846fc9c4598a} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ecd4fc4f-521c-11d0-b792-00a0c90312e1} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ef43ecfe-2ab9-4632-bf21-58909dd177f0} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f26a669a-bcbb-4e37-abf9-7325da15f931} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3364ba0-65b9-11ce-a9ba-00aa004ae837} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f46316e4-fb1b-46eb-aedf-9520bfbb916a} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f83cbf45-1c37-4ca1-a78a-28bcb91642ec} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fbf23b41-e3f0-101b-8488-00aa003e56f8} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fef10ded-355e-4e06-9381-9b24d7f7cc88} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fef10fa2-355e-4e06-9381-9b24d7f7cc88} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00021400-0000-0000-c000-000000000046} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-c000-000000000046} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{217fc9c0-3aea-1069-a2db-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{21ec2020-3aea-1069-a2dd-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2227a280-3aea-1069-a2de-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3da165b6-cc41-11d2-bdc6-00c04f79ec6b} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{61e218e0-65d3-101b-9f08-061ceac3d50d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{645ff040-5081-101b-9f08-00aa002f954e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645ff040-5081-101b-9f08-00aa002f954e} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86f19a00-42a0-1069-a2e9-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86f19a00-42a0-1069-a2eb-08002b30309d} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8d8763ab-e93b-4812-964e-f04e0008fd50} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aeb6717e-7e19-11d0-97ee-00c04fd91972} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Backdoor check (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0e5cbf21-d15f-11d0-8301-00aa005b4383} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\postbootreminder (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cdburn (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{aeb6717e-7e19-11d0-97ee-00c04fd91972} (Search.Hijacker) -> Quarantined and deleted successfully.

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

-------------------------------------------------------------------------------------------------------------------------------------------


grazie ancora
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Re: Internet Explorer

Postdi maxbridge » 26/10/08 23:01

Ciao di nuovo.
Dopo aver fatto girare i programmi che mi avete detto che hanno trovato virus e malware, sul desktop ho tre icone senza nome che contengono il pannello di controllo. E se premo su start non accade nulla. C'è tutto, ma ad esempio non ho più esplora risorse.
Please help.
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28

Re: Internet Explorer

Postdi Luke57 » 27/10/08 09:00

Ciao, apri un file di testo e copiaci questo script all'interno:

Codice: Seleziona tutto
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03652cc4-20ff-11da-8e2b-00c09fab378b}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e88dbcc8-80ef-11dd-9489-00c09fab378b}]


salva il file di testo, chiamandolo obbligatoriamente CFScript.txt nella stessa direzione di combofix, trascinalo con il puntatore del mouse sull'icona di combofix per una nuova scansione e riavvio del computer. Allega nuovo report se prodotto.
Inoltre scariaca superantispyware da qui:
http://www.superantispyware.com/downloa ... pyware.exe
installalo e aggiornalo, poiclicca su Preferences quindi sulla scheda Repairs, seleziona le voci relative al desktop, alla systemtray, premi perform repairs.
Riavvii e vedi come va.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: Internet Explorer

Postdi maxbridge » 27/10/08 19:34

ecco il log combofix
però non riesco ad installare superantyspyware

ComboFix 08-10-25.01 - Cristiana 2008-10-27 19.14.03.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.197 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Cristiana\Desktop\ComboFix.exe
Interruttori di comando utilizzati :: C:\Documents and Settings\Cristiana\Desktop\CFScript.txt
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2008-09-27 al 2008-10-27 )))))))))))))))))))))))))))))))))))
.

2008-10-26 21:35 . 2008-10-26 21:35 <DIR> d-------- C:\Programmi\Avira
2008-10-26 21:35 . 2008-10-26 21:35 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Avira
2008-10-26 20:11 . 2008-10-26 20:11 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-10-26 20:11 . 2008-10-26 20:11 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Malwarebytes
2008-10-26 20:11 . 2008-10-26 20:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2008-10-26 20:11 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-26 20:11 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-26 19:49 . 2008-10-26 19:49 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Windows Search
2008-10-25 18:04 . 2008-10-25 18:04 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-10-25 16:53 . 2008-10-25 16:53 <DIR> d-------- C:\Programmi\Trend Micro
2008-10-25 16:48 . 2008-10-25 16:48 <DIR> d-------- C:\Programmi\Microsoft Silverlight
2008-10-25 16:48 . 2008-10-25 16:48 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Windows Desktop Search
2008-10-25 16:47 . 2008-10-25 16:47 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-10-25 16:47 . 2008-10-25 16:47 <DIR> d-------- C:\Programmi\Windows Desktop Search
2008-10-25 16:47 . 2008-10-25 17:12 4,625 --a------ C:\WINDOWS\imsins.BAK
2008-10-25 16:46 . 2008-03-07 19:02 192,000 --------- C:\WINDOWS\system32\dllcache\offfilt.dll
2008-10-25 16:46 . 2008-03-07 19:02 98,304 --------- C:\WINDOWS\system32\dllcache\nlhtml.dll
2008-10-25 16:46 . 2008-03-07 19:02 29,696 --------- C:\WINDOWS\system32\dllcache\mimefilt.dll
2008-10-25 15:51 . 2008-10-15 18:36 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-20 20:28 . 2008-10-20 20:28 <DIR> d--hs---- C:\FOUND.007
2008-10-18 09:33 . 2008-10-18 09:33 <DIR> d--hs---- C:\FOUND.006
2008-10-18 09:12 . 2008-10-18 09:12 <DIR> d--hs---- C:\FOUND.005
2008-10-17 22:15 . 2008-10-17 22:14 2,745,808 --a------ C:\Programmi\WebfettiSetup2.3.50.22.ZKman000.exe
2008-10-17 22:04 . 2008-09-08 12:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-17 22:02 . 2008-09-15 17:24 1,846,400 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-17 22:01 . 2008-08-14 15:22 2,192,896 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,148,864 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,069,760 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-17 22:01 . 2008-08-14 15:22 2,027,520 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 19:29 . 2008-10-15 19:29 <DIR> d--hs---- C:\FOUND.004
2008-10-06 22:20 . 2008-10-06 22:20 <DIR> d--hs---- C:\FOUND.003
2008-10-05 17:16 . 2008-10-05 17:16 <DIR> d--hs---- C:\FOUND.002
2008-10-05 10:56 . 2008-10-05 10:56 <DIR> d--hs---- C:\FOUND.001
2008-10-05 10:17 . 2008-10-05 10:17 8,840 --a------ C:\WINDOWS\SEC1146.PNF
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\system32\it
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-05 10:14 . 2008-10-05 10:14 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-05 10:11 . 2008-10-05 10:11 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-10-05 10:09 . 2008-10-05 10:09 2,948 --a------ C:\WINDOWS\SEC16.PNF
2008-10-05 10:05 . 2008-10-05 10:05 <DIR> d-------- C:\WINDOWS\EHome
2008-09-30 23:15 . 2008-09-30 23:15 <DIR> d-------- C:\Programmi\Bonjour
2008-09-30 23:13 . 2008-09-30 23:13 <DIR> d-------- C:\Programmi\Apple Software Update
2008-09-30 22:54 . 2008-09-30 22:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-09-30 09:36 . 2008-09-30 09:36 <DIR> d--hs---- C:\FOUND.000
2008-09-28 23:13 . 2008-06-14 19:32 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-09-28 23:13 . 2008-06-14 19:32 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-28 23:12 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-09-28 23:11 . 2008-04-11 21:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-09-28 16:32 . 2008-09-28 16:32 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\skypePM
2008-09-28 16:32 . 2008-09-28 16:32 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Programmi\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Programmi\File comuni\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Documents and Settings\Cristiana\Dati applicazioni\Skype
2008-09-28 16:28 . 2008-09-28 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Skype
2008-09-28 16:18 . 2008-09-28 16:18 <DIR> d-------- C:\Software
2008-09-28 16:15 . 2008-09-28 16:15 <DIR> d-------- C:\File di registro
2008-09-28 16:08 . 2008-09-28 16:08 <DIR> d-------- C:\Programmi\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-03 17:58 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 16:24 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-12 18:28 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-09-12 17:58 --------- d-----w C:\Documents and Settings\Cristiana\Dati applicazioni\Lavasoft
2008-09-08 11:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-29 09:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
2008-08-27 09:57 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 14:22 2,192,896 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 14:22 2,069,760 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 11:04 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2007-11-15 09:01 102,912 ----a-w C:\Documents and Settings\Cristiana\Dati applicazioni\GDIPFONTCACHEV1.DAT
2005-12-23 13:00 24,192 ----a-w C:\Documents and Settings\Cristiana\usbsermptxp.sys
2005-12-23 13:00 22,768 ----a-w C:\Documents and Settings\Cristiana\usbsermpt.sys
.

((((((((((((((((((((((((((((( snapshot@2008-10-26_20.08.03.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-09 12:15:52 45,376 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 17:11:30 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-06-27 14:03:56 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Packard Bell Data Secure"="C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 2361856]
"PcSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" [2006-11-09 1634304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"PCSuiteTrayApplication"="C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-28 222720]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"avgnt"="C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"PcSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\Cristiana\\Documenti\\E-MULE\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 4096]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-03-24 78208]
S3 USBCamera;DIGITAL CAMERA;C:\WINDOWS\system32\Drivers\Bulk533.sys [ ]

*Newly Created Service* - CATCHME
.
Contenuto della cartella 'Scheduled Tasks'

2008-10-26 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Programmi\Symantec\LiveUpdate\NDETECT.EXE []

2008-10-27 C:\WINDOWS\Tasks\Packard Bell Data Secure for Cristiana.job
- C:\Programmi\Packard Bell Data Secure\DSMsg.exe [2006-04-13 14:50]

2008-10-23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-27 19:19:04
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-10-27 19.19.48
ComboFix-quarantined-files.txt 2008-10-27 18:19:44
ComboFix2.txt 2008-10-26 19:08:36

Pre-Run: 17.144.512.512 byte disponibili
Post-Run: 17,152,016,384 byte disponibili

165 --- E O F --- 2008-10-25 14:05:17
maxbridge
Utente Junior
 
Post: 36
Iscritto il: 04/08/06 10:28


Torna a Sicurezza e Privacy


Topic correlati a "Internet Explorer":


Chi c’è in linea

Visitano il forum: Nessuno e 84 ospiti

cron