Condividi:        

virus blocca giochi

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

virus blocca giochi

Postdi JollyRoger77 » 25/01/10 14:36

salve a tutti ho preso un virus che mi blocca i giochi sul pc in pratica tutti quelli che avvio si iniziano a caricare poi si fermano e ritorna tutto al desktop senza avviare il gioco come posso fare???
GRAZIE
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Sponsor
 

Re: virus blocca giochi

Postdi shel » 25/01/10 14:48

ciao


Scarica http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo
Esegui una scansione completa
Posta il risultato senza rimuovere niente

Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)

allega il report C:\LopR.txt
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 25/01/10 16:21

primo log

Malwarebytes' Anti-Malware 1.44
Versione del database: 3634
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-01-25 16:20:14
mbam-log-2010-01-25 (16-20-09).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 260198
Tempo trascorso: 1 hour(s), 8 minute(s), 28 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 1
Chiavi di registro infette: 85
Valori di registro infetti: 17
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 76

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
C:\Programmi\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.

Chiavi di registro infette:
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cmstp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Backdoor.Agent) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Backdoor.Agent) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\comrepl (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstsc (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\esent utl (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mqtgsvc (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstinit (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\disableregedit (Hijack.Regedit) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\sessmgr (Trojan.Agent) -> No action taken.

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Programmi\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\JollyRoger\Desktop\messpass\mspass.exe (Password.Stealer) -> No action taken.
C:\Programmi\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\firefox\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP528\A0247187.DLL (Adware.FunWeb) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247449.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247452.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247456.SCR (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247457.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247459.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247460.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247463.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247464.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247466.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247467.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247468.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247469.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247470.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247471.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247472.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247473.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247474.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247475.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247476.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247477.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247478.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247479.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247480.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247481.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247482.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247465.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247485.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247493.scr (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP532\A0247541.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{E9E762CD-A8F7-4E7F-A139-5009BBE4455B}\RP428\A0209203.exe (Malware.Tool) -> No action taken.
C:\Documents and Settings\JollyRoger\Dati applicazioni\sessmgr.exe (Trojan.Zaplo) -> No action taken.
C:\Documents and Settings\JollyRoger\Dati applicazioni\cmstp.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\JollyRoger\Dati applicazioni\Microsoft\mstsc.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\JollyRoger\Dati applicazioni\Microsoft\rsvp.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\cmstp.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ieakui32.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\cisvc.exe (Backdoor.Agent) -> No action taken.
C:\WINDOWS\comrepl.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\mqtgsvc.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\mstsc.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\ieudinit.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\system32\drivers\dllhst3g.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\JollyRoger\Dati applicazioni\spoolsv.exe (Trojan.Agent) -> No action taken.
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi JollyRoger77 » 25/01/10 16:55

secondo log


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.20GHz )
BIOS : BIOS Date: 12/01/05 10:35:14 Ver: 08.00.10
USER : JollyRoger ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100125-0] 4.8.1368 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:136 Go (Free:55 Go)
D:\ (Local Disk) - NTFS - Total:97 Go (Free:45 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 2010-01-25|16:51 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in DATIAP~1

[2010-01-11|16:09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
[2009-02-11|00:51] C:\DOCUME~1\ALLUSE~1\DATIAP~1\{55A29068-F2CE-456C-9148-C869879E2357}
[2009-11-18|10:11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[2009-04-27|12:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple
[2009-07-06|15:51] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple Computer
[2009-11-26|08:43] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ATI
[2009-11-26|01:01] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ATI(2)
[2008-02-12|00:11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Autodesk
[2009-11-09|15:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\AVS4YOU
[2010-01-25|13:47] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Codemasters
[2009-01-25|17:15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DAEMON Tools Lite
[2009-02-10|14:16] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Downloaded Installations
[2009-04-07|02:34] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DriverCure
[2008-10-12|00:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\EmailNotifier
[2008-03-12|19:26] C:\DOCUME~1\ALLUSE~1\DATIAP~1\GamesBar
[2008-05-26|12:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Gogii
[2009-02-17|14:27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[2008-02-10|00:55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Hewlett-Packard
[2009-12-22|13:51] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Installations
[2008-02-11|16:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield
[2008-03-31|10:52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab
[2008-02-09|19:13] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab Setup Files
[2009-02-11|00:52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\LogiShrd
[2009-02-11|00:52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Logitech
[2009-07-24|14:02] C:\DOCUME~1\ALLUSE~1\DATIAP~1\LogMeIn
[2010-01-25|14:55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[2008-10-12|00:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Megaupload
[2009-03-14|16:16] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[2008-05-29|09:32] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Games
[2010-01-18|14:26] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[2008-07-04|23:41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\MumboJumbo
[2008-02-28|19:40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NannyMania
[2008-11-15|00:36] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nero
[2008-12-03|11:38] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nitro PDF
[2008-08-02|16:28] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nokia
[2008-03-12|19:37] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Oberon
[2009-02-10|00:47] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ParetoLogic
[2008-12-12|16:07] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PC Drivers HeadQuarters
[2008-08-18|23:40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PC Suite
[2008-06-05|10:18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PlayFirst
[2009-11-09|10:22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Real
[2008-09-16|15:00] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Roxio
[2008-06-05|17:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Sandlot Games
[2008-02-11|16:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SmartSound Software Inc
[2008-02-11|16:18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Sonic
[2009-10-26|00:50] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spybot - Search & Destroy
[2008-03-28|14:48] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com
[2010-01-25|14:38] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TEMP
[2009-09-27|23:08] C:\DOCUME~1\ALLUSE~1\DATIAP~1\THQ
[2008-02-11|01:19] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TuneUp Software
[2008-10-31|00:05] C:\DOCUME~1\ALLUSE~1\DATIAP~1\UDL
[2008-02-21|18:57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Valusoft
[2008-02-09|15:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[2008-09-23|00:56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\WLInstaller
[2008-06-16|16:36] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Zylom
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[57|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[2008-02-09|14:25] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[2009-11-17|10:15] C:\DOCUME~1\JOLLYR~1\DATIAP~1\A Note
[2008-10-29|11:19] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Adobe
[2009-08-25|13:42] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Apple Computer
[2008-07-23|10:32] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Atari
[2008-05-10|12:35] C:\DOCUME~1\JOLLYR~1\DATIAP~1\ATI
[2008-05-25|01:20] C:\DOCUME~1\JOLLYR~1\DATIAP~1\atitray
[2009-03-21|00:27] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Auslogics
[2008-02-12|00:11] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Autodesk
[2009-11-09|15:35] C:\DOCUME~1\JOLLYR~1\DATIAP~1\AVS4YOU
[2008-07-05|00:03] C:\DOCUME~1\JOLLYR~1\DATIAP~1\BlackBean
[2008-11-02|14:35] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Capcom
[2008-10-29|11:19] C:\DOCUME~1\JOLLYR~1\DATIAP~1\com.uplayme.airclient.9B472EFF9A3BAE26509EDFEDD3D8214233BACDB1.1
[2008-08-04|15:21] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Convivea
[2009-01-25|17:16] C:\DOCUME~1\JOLLYR~1\DATIAP~1\DAEMON Tools
[2009-01-25|17:16] C:\DOCUME~1\JOLLYR~1\DATIAP~1\DAEMON Tools Lite
[2009-01-25|17:16] C:\DOCUME~1\JOLLYR~1\DATIAP~1\DAEMON Tools Pro
[2008-12-02|11:48] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Digital Support
[2009-02-10|00:48] C:\DOCUME~1\JOLLYR~1\DATIAP~1\DriverCure
[2008-12-30|13:20] C:\DOCUME~1\JOLLYR~1\DATIAP~1\drivers
[2009-10-22|15:11] C:\DOCUME~1\JOLLYR~1\DATIAP~1\dvdcss
[2008-10-12|00:03] C:\DOCUME~1\JOLLYR~1\DATIAP~1\EmailNotifier
[2009-08-29|15:35] C:\DOCUME~1\JOLLYR~1\DATIAP~1\eMuleTV
[2008-10-31|00:11] C:\DOCUME~1\JOLLYR~1\DATIAP~1\EPSON
[2009-06-30|13:18] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Ethereal
[2008-05-24|14:42] C:\DOCUME~1\JOLLYR~1\DATIAP~1\GameHouse
[2008-02-28|19:12] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Gamelab
[2009-02-11|00:50] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Google
[2008-10-28|15:51] C:\DOCUME~1\JOLLYR~1\DATIAP~1\HiYo
[2008-03-13|15:47] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Home Sweet Home
[2008-02-09|14:31] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Identities
[2008-02-09|15:57] C:\DOCUME~1\JOLLYR~1\DATIAP~1\InstallShield
[2009-04-27|23:08] C:\DOCUME~1\JOLLYR~1\DATIAP~1\KoshyJohn.com
[2008-10-06|00:20] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Leadertech
[2008-02-09|20:05] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Logitech
[2008-03-29|00:41] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Macromedia
[2010-01-25|14:55] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Malwarebytes
[2008-10-12|00:03] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Megaupload
[2010-01-25|15:03] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Microsoft
[2008-05-29|09:32] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Microsoft Games
[2009-12-18|15:29] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Mipony
[2009-01-06|16:14] C:\DOCUME~1\JOLLYR~1\DATIAP~1\mIRC
[2008-06-20|12:14] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Mozilla
[2008-09-16|14:56] C:\DOCUME~1\JOLLYR~1\DATIAP~1\nCleaner
[2008-10-03|13:22] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Nero
[2008-12-03|11:40] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Nitro PDF
[2009-09-01|17:02] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Nokia
[2008-03-12|19:36] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Oberon
[2009-12-22|14:30] C:\DOCUME~1\JOLLYR~1\DATIAP~1\PC Suite
[2008-06-05|10:18] C:\DOCUME~1\JOLLYR~1\DATIAP~1\PlayFirst
[2009-11-09|10:17] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Real
[2009-10-15|12:59] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Rilla.it
[2008-02-12|14:01] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Roxio
[2009-01-26|00:43] C:\DOCUME~1\JOLLYR~1\DATIAP~1\SecuROM
[2008-06-07|00:13] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Snapter Images
[2008-02-09|19:46] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Sun
[2008-04-14|15:13] C:\DOCUME~1\JOLLYR~1\DATIAP~1\SUPERAntiSpyware.com
[2008-02-25|11:34] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Talkback
[2008-02-11|01:20] C:\DOCUME~1\JOLLYR~1\DATIAP~1\TuneUp Software
[2008-09-16|22:49] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Uniblue
[2010-01-25|14:11] C:\DOCUME~1\JOLLYR~1\DATIAP~1\uTorrent
[2008-02-21|18:57] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Valusoft
[2008-02-22|20:09] C:\DOCUME~1\JOLLYR~1\DATIAP~1\ViquaSoft
[2010-01-21|19:27] C:\DOCUME~1\JOLLYR~1\DATIAP~1\vlc
[2009-12-06|01:37] C:\DOCUME~1\JOLLYR~1\DATIAP~1\WinRAR
[2008-09-27|12:45] C:\DOCUME~1\JOLLYR~1\DATIAP~1\WirePilot
[2009-08-09|12:33] C:\DOCUME~1\JOLLYR~1\DATIAP~1\Wireshark
[0|File] C:\DOCUME~1\JOLLYR~1\DATIAP~1\byte
[68|Directory] C:\DOCUME~1\JOLLYR~1\DATIAP~1\byte disponibili

[2008-02-09|14:25] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[2008-02-11|16:39] C:\DOCUME~1\LOCALS~1\DATIAP~1\Roxio
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[2008-02-09|14:25] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[2009-04-07 08:34][--a------] C:\WINDOWS\tasks\DriverCure.job
[2010-01-25 16:00][--a------] C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-01-25 14:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-31 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[2004-08-19 14:39][--ahs----] C:\WINDOWS\tasks\FOLDER.TSX

--------------------\\ Listing Folders in C:\Programmi

[2009-11-26|01:04] C:\Programmi\Activision
[2008-11-09|01:06] C:\Programmi\Adobe
[2010-01-15|16:05] C:\Programmi\AGEIA Technologies
[2009-06-30|13:19] C:\Programmi\AirSnare
[2008-02-09|19:30] C:\Programmi\Altiris
[2008-12-30|13:36] C:\Programmi\Alwil Software
[2008-02-09|14:40] C:\Programmi\Analog Devices
[2009-09-07|23:14] C:\Programmi\Anolis
[2009-04-27|12:35] C:\Programmi\Apple Software Update
[2009-02-11|00:37] C:\Programmi\ASUS
[2009-11-26|01:56] C:\Programmi\ATI Technologies
[2009-03-21|00:25] C:\Programmi\Auslogics
[2008-02-12|00:14] C:\Programmi\AutoCAD 2008
[2008-02-12|00:10] C:\Programmi\Autodesk
[2009-11-09|15:34] C:\Programmi\AVS4YOU
[2008-08-04|15:21] C:\Programmi\Bit Che
[2008-09-25|13:02] C:\Programmi\Black List Software
[2009-12-13|18:35] C:\Programmi\BRS
[2009-09-22|14:57] C:\Programmi\CAPCOM
[2009-02-11|00:45] C:\Programmi\CCleaner
[2008-05-08|14:25] C:\Programmi\cdcover
[2009-02-17|14:27] C:\Programmi\CdCoverCreator
[2009-12-13|18:15] C:\Programmi\Codemasters
[2008-08-28|12:53] C:\Programmi\COMODO
[2008-09-10|12:45] C:\Programmi\CPU Speed Pro
[2009-01-25|17:15] C:\Programmi\DAEMON Tools Lite
[2008-08-18|23:39] C:\Programmi\DIFX
[2008-12-02|11:48] C:\Programmi\Digital Support
[2009-03-07|15:41] C:\Programmi\Duplicate Cleaner
[2009-09-22|16:37] C:\Programmi\Eidos
[2009-06-19|23:12] C:\Programmi\Ekahau
[2008-06-17|12:33] C:\Programmi\Elaborate Bytes
[2010-01-22|15:45] C:\Programmi\Electronic Arts
[2009-08-29|15:35] C:\Programmi\eMuleTV
[2009-12-24|16:21] C:\Programmi\esyPlanner
[2009-06-30|13:16] C:\Programmi\Ethereal
[2010-01-25|14:16] C:\Programmi\File comuni
[2008-03-27|11:55] C:\Programmi\Finson Live Update
[2009-11-24|17:02] C:\Programmi\FreePOPs
[2008-04-17|14:14] C:\Programmi\FreshDevices
[2009-02-03|14:04] C:\Programmi\GetData
[2009-02-17|14:27] C:\Programmi\Google
[2008-11-08|13:08] C:\Programmi\HD Tune Pro
[2008-03-21|01:04] C:\Programmi\HDDGURU LLF Tool
[2008-02-10|00:55] C:\Programmi\Hewlett-Packard
[2008-09-16|15:00] C:\Programmi\HP
[2008-02-09|15:49] C:\Programmi\IncrediMail
[2010-01-25|14:38] C:\Programmi\InstallShield Installation Information
[2008-02-09|14:44] C:\Programmi\Intel
[2010-01-23|00:23] C:\Programmi\Internet Explorer
[2008-10-15|09:36] C:\Programmi\IObit
[2008-04-02|23:17] C:\Programmi\IrfanView
[2008-07-19|12:27] C:\Programmi\Java
[2009-02-11|00:46] C:\Programmi\jv16 PowerTools 2008
[2009-10-27|16:26] C:\Programmi\K-Lite Codec Pack
[2008-05-22|12:37] C:\Programmi\Lavalys
[2009-02-11|01:05] C:\Programmi\Logitech
[2009-11-09|01:18] C:\Programmi\LogMeIn
[2009-05-04|12:42] C:\Programmi\Look@LAN
[2008-08-17|23:28] C:\Programmi\Lunarsoft
[2010-01-25|14:55] C:\Programmi\Malwarebytes' Anti-Malware
[2008-09-23|12:41] C:\Programmi\Messenger Plus! Live
[2009-07-06|14:33] C:\Programmi\MetaGeek
[2009-02-19|14:26] C:\Programmi\Microsoft
[2008-02-11|14:02] C:\Programmi\Microsoft CAPICOM 2.1.0.2
[2008-06-11|16:26] C:\Programmi\microsoft frontpage
[2008-12-10|00:47] C:\Programmi\Microsoft Games for Windows - LIVE
[2008-02-12|11:42] C:\Programmi\Microsoft Office
[2010-01-21|07:31] C:\Programmi\Microsoft Silverlight
[2008-09-23|00:40] C:\Programmi\Microsoft SQL Server Compact Edition
[2009-02-19|14:25] C:\Programmi\Microsoft Sync Framework
[2008-02-12|11:42] C:\Programmi\Microsoft Visual Studio
[2008-02-12|11:38] C:\Programmi\Microsoft Visual Studio 8
[2009-10-27|00:46] C:\Programmi\Microsoft Works
[2008-02-12|11:41] C:\Programmi\Microsoft.NET
[2009-04-21|15:38] C:\Programmi\Midway Games
[2008-11-08|16:50] C:\Programmi\Ministero beni culturali
[2009-12-18|15:26] C:\Programmi\MiPony
[2008-05-03|10:58] C:\Programmi\Movie Maker
[2010-01-24|18:44] C:\Programmi\Mozilla Firefox
[2009-10-15|13:00] C:\Programmi\MRWinForLife
[2008-02-12|11:42] C:\Programmi\MSBuild
[2008-02-09|14:21] C:\Programmi\MSN Gaming Zone
[2008-11-12|13:57] C:\Programmi\MSXML 4.0
[2008-02-11|14:03] C:\Programmi\MSXML 6.0
[2008-11-15|00:50] C:\Programmi\Nero
[2008-05-03|10:56] C:\Programmi\NetMeeting
[2008-09-16|14:56] C:\Programmi\NKProds
[2009-12-22|13:51] C:\Programmi\Nokia
[2009-12-22|14:28] C:\Programmi\NSS
[2008-10-17|15:41] C:\Programmi\OO Software
[2009-12-13|18:33] C:\Programmi\OpenAL
[2008-05-08|12:01] C:\Programmi\Origini di Famiglia 3
[2009-09-08|15:21] C:\Programmi\Outlook Express
[2008-12-28|18:06] C:\Programmi\Panda Security
[2009-02-10|14:17] C:\Programmi\ParetoLogic
[2009-02-11|00:43] C:\Programmi\PC Connectivity Solution
[2008-12-12|16:07] C:\Programmi\PC Drivers HeadQuarters
[2009-02-02|23:54] C:\Programmi\PC Inspector File Recovery
[2009-02-04|00:29] C:\Programmi\Pesca Sportiva
[2008-02-09|19:30] C:\Programmi\Philips Flat Panel Adjust
[2010-01-15|16:26] C:\Programmi\Playlogic
[2010-01-24|00:15] C:\Programmi\PoigpsGo
[2009-07-06|15:51] C:\Programmi\QuickTime Alternative
[2008-02-09|15:40] C:\Programmi\Reference Assemblies
[2010-01-25|14:05] C:\Programmi\SEGA
[2008-02-09|14:24] C:\Programmi\Servizi in linea
[2008-06-17|12:33] C:\Programmi\SlySoft
[2008-02-11|16:12] C:\Programmi\SmartSound Software
[2009-05-04|12:39] C:\Programmi\Speeditup Free
[2009-10-26|00:50] C:\Programmi\Spybot - Search & Destroy
[2008-12-28|16:42] C:\Programmi\SpywareBlaster
[2008-09-16|15:00] C:\Programmi\SUPERAntiSpyware
[2008-03-12|11:28] C:\Programmi\The Cleaner
[2009-03-20|16:48] C:\Programmi\TuneUp Utilities 2009
[2008-09-29|22:45] C:\Programmi\Two Pilots
[2009-10-19|15:22] C:\Programmi\Ubisoft
[2008-02-10|01:19] C:\Programmi\UltraISO
[2008-09-16|22:48] C:\Programmi\Uniblue
[2008-02-12|00:11] C:\Programmi\Uninstall Information
[2009-04-20|23:58] C:\Programmi\Unlocker
[2009-12-04|15:39] C:\Programmi\USB Vibration
[2008-02-09|17:46] C:\Programmi\uTorrent
[2009-12-10|15:00] C:\Programmi\Vibration
[2009-10-19|23:40] C:\Programmi\VID_0E8F&PID_0003
[2009-05-20|23:27] C:\Programmi\VideoLAN
[2009-09-27|22:43] C:\Programmi\Volition Inc
[2008-10-03|12:01] C:\Programmi\WinAVI MP4 Converter
[2008-10-03|11:58] C:\Programmi\WinAVI Video Converter 9.0
[2009-10-08|14:48] C:\Programmi\Windows Live
[2009-02-19|14:22] C:\Programmi\Windows Live SkyDrive
[2008-03-13|11:18] C:\Programmi\Windows Media Connect 2
[2009-09-08|15:21] C:\Programmi\Windows Media Player
[2008-05-03|10:56] C:\Programmi\Windows NT
[2008-11-15|00:48] C:\Programmi\Windows Sidebar
[2009-08-09|11:00] C:\Programmi\WinPcap
[2009-12-08|10:27] C:\Programmi\WinRAR
[2008-09-29|22:46] C:\Programmi\Wire Pilot
[2009-08-09|11:00] C:\Programmi\Wireshark
[2008-02-09|14:25] C:\Programmi\xerox
[2009-05-09|14:53] C:\Programmi\Xirrus
[2009-08-05|15:57] C:\Programmi\Zamzom
[0|File] C:\Programmi\byte
[144|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[2009-11-18|00:56] C:\Programmi\File comuni\Adobe
[2008-10-29|11:19] C:\Programmi\File comuni\Adobe AIR
[2008-02-12|00:14] C:\Programmi\File comuni\Autodesk Shared
[2009-11-09|15:34] C:\Programmi\File comuni\AVSMedia
[2008-02-12|11:42] C:\Programmi\File comuni\Designer
[2008-04-18|12:30] C:\Programmi\File comuni\DirectX
[2008-02-10|01:19] C:\Programmi\File comuni\EZB Systems
[2008-02-10|00:53] C:\Programmi\File comuni\Hewlett-Packard
[2008-02-10|00:58] C:\Programmi\File comuni\HP
[2008-02-11|16:12] C:\Programmi\File comuni\InstallShield
[2008-02-09|19:22] C:\Programmi\File comuni\Java
[2009-02-11|01:11] C:\Programmi\File comuni\Logishrd
[2009-02-11|00:32] C:\Programmi\File comuni\Logitech
[2009-10-27|00:46] C:\Programmi\File comuni\Microsoft Shared
[2008-02-09|14:23] C:\Programmi\File comuni\MSSoap
[2008-11-15|00:50] C:\Programmi\File comuni\Nero
[2009-12-22|13:49] C:\Programmi\File comuni\Nokia
[2008-02-09|15:09] C:\Programmi\File comuni\ODBC
[2009-02-10|14:17] C:\Programmi\File comuni\ParetoLogic
[2009-02-11|00:44] C:\Programmi\File comuni\PCSuite
[2008-07-23|10:27] C:\Programmi\File comuni\PocketSoft
[2009-11-09|10:16] C:\Programmi\File comuni\Real
[2008-05-08|23:08] C:\Programmi\File comuni\Roxio Shared
[2008-06-05|17:35] C:\Programmi\File comuni\Sandlot Shared
[2008-02-09|14:23] C:\Programmi\File comuni\Services
[2008-02-09|15:58] C:\Programmi\File comuni\snpstd3
[2008-02-09|15:09] C:\Programmi\File comuni\SpeechEngines
[2009-09-08|15:21] C:\Programmi\File comuni\System
[2009-10-19|23:40] C:\Programmi\File comuni\VID_0E8F&PID_0003
[2008-09-22|23:15] C:\Programmi\File comuni\Windows Live
[2008-02-09|16:35] C:\Programmi\File comuni\WindowsLiveInstaller
[2010-01-15|16:04] C:\Programmi\File comuni\Wise Installation Wizard
[2009-11-09|10:16] C:\Programmi\File comuni\xing shared
[0|File] C:\Programmi\File comuni\byte
[35|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 48 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 16:53:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JOLLYR~1\Dati applicazioni\uTorrent\[PC - Game] Roller Coaster Tycoon 3 Wild + Crack (ITA).iso.torrent
C:\DOCUME~1\JOLLYR~1\Desktop\crack+wifi
C:\DOCUME~1\JOLLYR~1\Desktop\patch\GTA IV 1.0.3.0 Crack.rar
C:\DOCUME~1\JOLLYR~1\Preferiti\CRACK
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Dex`s Download Area.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Downloads.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\gsm @ www.ezboard.com.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\GSM-Forum - Sim cloning.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\mobile.box.sk - your ultimate mobile-gsm guide.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Multimediale.net - oltre i confini della comunicazione.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Nokia Flash Reverse Electronic Engineering - SIM Cloning.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Panasonic GD87 KMobileTools.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Panasonic GD87 KMobileTools.URL
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Yahoo! Groups simlock-remover Messages Message 2318 of 7376.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Yahoo! Groups simlock-remover Messages Message 2318 of 7376.URL
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Zdalny unlock w Panasonic GU87 GD67,GD68,GD87,GD88 - 1 KOD.url


[F:75][D:10]-> C:\DOCUME~1\JOLLYR~1\IMPOST~1\Temp
[F:12][D:0]-> C:\DOCUME~1\JOLLYR~1\Cookies
[F:171][D:4]-> C:\DOCUME~1\JOLLYR~1\IMPOST~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2010-01-25|16:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2010-01-25|16:53 - Option : [2]

--------------------\\ Scan completed at 16:53:57
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 25/01/10 19:18

elimina tutto cio' che ha trovato malwarebytes e se non vuoi altre sorprese elimina tutti i crack

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JOLLYR~1\Dati applicazioni\uTorrent\[PC - Game] Roller Coaster Tycoon 3 Wild + Crack (ITA).iso.torrent
C:\DOCUME~1\JOLLYR~1\Desktop\crack+wifi
C:\DOCUME~1\JOLLYR~1\Desktop\patch\GTA IV 1.0.3.0 Crack.rar
C:\DOCUME~1\JOLLYR~1\Preferiti\CRACK
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Dex`s Download Area.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Downloads.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\gsm @ http://www.ezboard.com.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\GSM-Forum - Sim cloning.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\mobile.box.sk - your ultimate mobile-gsm guide.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Multimediale.net - oltre i confini della comunicazione.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Nokia Flash Reverse Electronic Engineering - SIM Cloning.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Panasonic GD87 KMobileTools.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Panasonic GD87 KMobileTools.URL
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Yahoo! Groups simlock-remover Messages Message 2318 of 7376.url
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Yahoo! Groups simlock-remover Messages Message 2318 of 7376.URL
C:\DOCUME~1\JOLLYR~1\Preferiti\crack cellulare\Zdalny unlock w Panasonic GU87 GD67,GD68,GD87,GD88 - 1 KOD.url





scarica Ccleaner

http://www.filehippo.com/download_ccleaner/

1) per il download dell'ultima versione clicca a destra in alto sotto la freccia verde
2) installalo
3) clicca su "avvia pulizia", ripeti il procedimento 2 volte


clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.

scarica Atfcleaner

http://www.atribune.org/ccount/click.php?id=1

Avvia ATFCleaner.exe con un doppio click

1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 26/01/10 15:35

Niente da fare ho fatto tutto nessun gioco si è ripreso li ho disistallati ho reistallato ma ninete si avviano e poi si spegne tutto e torna al desktop bo mi sa che devo formattare tutto
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 26/01/10 15:42

mai arrendersi :)

scarica sul desktop
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- disconnetiti da internet
- disattiva l'antivirus
- esegui ComboFix.exe
- digita 1
- segui le instruzioni
- finita la scansione portati in C:\ e copia/incolla, nella tua prossima risposta, il contenuto del file di testo Combofix.txt
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 26/01/10 16:32

ecco il report

ComboFix 10-01-24.05 - JollyRoger 2010-01-26 16:14:07.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.2047.1510 [GMT 1:00]
Eseguito da: c:\documents and settings\JollyRoger\Desktop\abc.exe
AV: avast! antivirus 4.8.1368 [VPS 100126-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\JollyRoger\Dati applicazioni\cmstp.exe
c:\documents and settings\JollyRoger\Dati applicazioni\Microsoft\cisvc.exe
c:\documents and settings\JollyRoger\Dati applicazioni\Microsoft\clipsrv.exe
c:\documents and settings\JollyRoger\Dati applicazioni\Microsoft\ieudinit.exe
c:\documents and settings\JollyRoger\Dati applicazioni\mqtgsvc.exe
c:\documents and settings\JollyRoger\Dati applicazioni\mstinit.exe
c:\documents and settings\JollyRoger\Dati applicazioni\spoolsv.exe
c:\windows\dllhst3g.exe
c:\windows\sessmgr.exe
c:\windows\system\logman.exe
c:\windows\System\mstinit.exe
c:\windows\system\sessmgr.exe
c:\windows\system32\d58e3988.dll
c:\windows\system32\drivers\sessmgr.exe

----- BITS: Possibili siti infetti -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((( Files Creati Da 2009-12-26 al 2010-01-26 )))))))))))))))))))))))))))))))))))
.

2010-01-26 14:45 . 2010-01-26 14:45 -------- d-----w- c:\documents and settings\JollyRoger\Impostazioni locali\Dati applicazioni\SEGA
2010-01-25 23:57 . 2010-01-25 23:57 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2010-01-25 23:57 . 2010-01-25 23:57 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2010-01-25 23:57 . 2010-01-25 23:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-25 23:57 . 2010-01-26 13:03 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\Spyware Terminator
2010-01-25 23:57 . 2010-01-26 13:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2010-01-25 23:57 . 2010-01-26 13:25 -------- d-----w- c:\programmi\Spyware Terminator
2010-01-25 15:25 . 2010-01-25 15:53 -------- d-----w- C:\Lop SD
2010-01-25 14:03 . 2010-01-25 14:01 93696 ----a-w- c:\windows\clipsrv.exe
2010-01-25 13:55 . 2010-01-25 13:55 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\Malwarebytes
2010-01-25 13:55 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-25 13:55 . 2010-01-25 13:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-01-25 13:55 . 2010-01-25 13:55 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-01-25 13:55 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-24 18:11 . 2009-01-13 10:43 65536 ----a-w- c:\windows\system32\XInputTest.exe
2010-01-15 15:16 . 2010-01-15 15:16 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-01-15 15:16 . 2010-01-15 15:16 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-01-15 14:59 . 2010-01-15 15:26 -------- d-----w- c:\programmi\Playlogic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-26 15:07 . 2008-02-09 16:46 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\uTorrent
2010-01-26 14:37 . 2008-02-09 13:40 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-26 14:07 . 2008-07-04 22:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MumboJumbo
2010-01-26 13:59 . 2008-02-17 12:21 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-01-25 16:05 . 2009-05-15 22:56 2467712 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-01-25 12:47 . 2008-05-31 23:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Codemasters
2010-01-23 23:15 . 2008-07-04 10:47 -------- d-----w- c:\programmi\PoigpsGo
2010-01-21 18:27 . 2009-07-09 11:55 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\vlc
2010-01-21 06:31 . 2008-03-12 10:51 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-18 13:26 . 2008-02-12 10:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-01-15 15:05 . 2008-05-08 22:53 -------- d-----w- c:\programmi\AGEIA Technologies
2010-01-15 15:04 . 2009-10-16 13:32 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-01-11 15:09 . 2008-09-16 21:48 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
2009-12-24 15:21 . 2009-11-23 15:12 -------- d-----w- c:\programmi\esyPlanner
2009-12-22 13:30 . 2008-08-18 22:40 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\PC Suite
2009-12-22 13:28 . 2008-08-18 22:30 -------- d-----w- c:\programmi\NSS
2009-12-22 12:51 . 2008-08-02 15:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-12-22 12:51 . 2008-08-02 15:26 -------- d-----w- c:\programmi\Nokia
2009-12-22 12:49 . 2008-08-18 22:39 -------- d-----w- c:\programmi\File comuni\Nokia
2009-12-22 12:49 . 2009-12-22 12:49 36864 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-22 12:49 . 2009-12-22 12:49 3351812 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-22 12:49 . 2009-12-22 12:49 3203453 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-22 12:48 . 2009-12-22 12:49 24419312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_it.exe
2009-12-21 19:06 . 2004-08-19 13:39 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:29 . 2009-12-18 14:27 -------- d-----w- c:\documents and settings\JollyRoger\Dati applicazioni\Mipony
2009-12-18 14:26 . 2009-12-18 14:26 -------- d-----w- c:\programmi\MiPony
2009-12-13 17:35 . 2009-12-13 17:35 -------- d-----w- c:\programmi\BRS
2009-12-13 17:33 . 2008-02-22 15:04 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-13 17:33 . 2008-02-22 15:04 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-13 17:33 . 2008-02-22 15:04 -------- d-----w- c:\programmi\OpenAL
2009-12-10 14:00 . 2009-12-10 14:00 -------- d-----w- c:\programmi\Vibration
2009-12-04 14:39 . 2009-02-13 23:22 -------- d-----w- c:\programmi\USB Vibration
2009-11-24 23:54 . 2008-12-30 12:36 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-12-30 12:36 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2008-12-30 12:36 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2008-12-30 12:36 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-12-30 12:36 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-12-30 12:36 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-12-30 12:36 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-12-30 12:36 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-12-30 12:36 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 15:30 . 2001-08-31 12:00 84282 ----a-w- c:\windows\system32\perfc010.dat
2009-11-23 15:30 . 2001-08-31 12:00 489370 ----a-w- c:\windows\system32\perfh010.dat
2009-11-21 15:54 . 2004-08-19 13:39 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\programmi\IncrediMail\bin\IncMail.exe" [2008-02-09 214456]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"esyPlanner.exe"="c:\programmi\esyPlanner\esyPlanner.exe" [2009-10-21 3981312]
"SpywareTerminatorUpdate"="c:\programmi\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-25 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2007-10-09 1036288]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"LogMeIn GUI"="c:\programmi\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2009-11-09 198160]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"Malwarebytes' Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392]

[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"ClipSrv"="c:\windows\clipsrv.exe" [2010-01-25 93696]

c:\documents and settings\JollyRoger\Menu Avvio\Programmi\Esecuzione automatica\
emule (2).lnk - d:\emule0.49c-sharkx_v1.7rc1-bin\emule.exe [2010-1-2 2206720]
FreePOPs.lnk - c:\programmi\FreePOPs\freepopsd.exe [2008-12-27 49152]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
emule (2).lnk - d:\emule0.49c-sharkx_v1.7rc1-bin\emule.exe [2010-1-2 2206720]
FreePOPs.lnk - c:\programmi\FreePOPs\freepopsd.exe [2008-12-27 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoRecentDocsNetHood"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 09:10 72208 ----a-w- c:\programmi\File comuni\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-10-01 16:40 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 09:45 39792 ----a-w- c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-12-03 11:47 1205760 ----a-w- c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\programmi\QuickTime Alternative\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-11-09 09:16 198160 ----a-w- c:\programmi\File comuni\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Activision\\Prototype\\prototypef.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\eMule0.49c-SharkX_v1.7RC1-BIN\\emule.exe"=
"d:\\Programmi\\SEGA\\Vancouver 2010\\Vancouver.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25:TCP"= 25:TCP:File and Printer Sharing
"5448:TCP"= 5448:TCP:yxox

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-30 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-26 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-30 20560]
R2 Ekauio;Ekahau NDIS Usermode I/O Protocol;c:\windows\system32\drivers\ekauio.sys [2009-04-07 12416]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-19 54752]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\programmi\LogMeIn\x86\rainfo.sys [2009-07-24 12856]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-25 236368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-01-25 19160]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-02-09 717296]
S1 SASDIFSV;SASDIFSV; [x]
S1 SASKUTIL;SASKUTIL; [x]
S2 ieakui32;Microsoft IEAK Shared UI DLL;c:\windows\system32\rundll32.exe ieakui32.dll,yxox --> c:\windows\system32\rundll32.exe ieakui32.dll,yxox [?]
S2 RoxLiveShare10;LiveShare P2P Server 10; [x]
S2 SessionLauncher;SessionLauncher; [x]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\drivers\aexpamdrv.sys [2005-12-20 27008]
S3 fsssvc;Servizio Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-12-23 50704]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2008-08-18 32377]
S3 SASENUM;SASENUM; [x]
.
Contenuto della cartella 'Scheduled Tasks'

2010-01-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2009-04-07 c:\windows\Tasks\DriverCure.job
- c:\programmi\ParetoLogic\DriverCure\DriverCure.exe [2008-12-29 13:17]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml ... n=77ce5afd
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to AMV Converter...
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file
IE: Scarica con Mipony - file://c:\programmi\MiPony\Browser\IEContext.htm
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00
FF - ProfilePath - c:\documents and settings\JollyRoger\Dati applicazioni\Mozilla\Firefox\Profiles\dufxs4g0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT20867 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor=
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\programmi\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\programmi\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\programmi\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\programmi\QuickTime Alternative\Plugins\npqtplugin5.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300

FF - user.js: network.http.pipelining - false
FF - user.js: browser.feeds.handler - ask
FF - user.js: network.http.proxy.pipelining - falsec:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Explorer_Run-Cisvc - c:\docume~1\JOLLYR~1\DATIAP~1\MICROS~1\cisvc.exe
HKLM-Explorer_Run-CmSTP - c:\docume~1\JOLLYR~1\DATIAP~1\cmstp.exe
HKLM-Explorer_Run-SessMgr - c:\windows\System32\drivers\sessmgr.exe
HKLM-Explorer_Run-DllHst - c:\windows\dllhst3g.exe
HKLM-Explorer_Run-Logman - c:\windows\System\logman.exe
HKCU-Explorer_Run-ClipSrv - c:\docume~1\JOLLYR~1\DATIAP~1\MICROS~1\clipsrv.exe
HKU-Default-Explorer_Run-Spool - c:\docume~1\JOLLYR~1\DATIAP~1\spoolsv.exe
HKU-Default-Explorer_Run-rsvp - c:\documents and settings\JollyRoger\LOCALS~1\APPLIC~1\rsvp.exe
HKU-Default-Explorer_Run-CmSTP - c:\docume~1\JOLLYR~1\DATIAP~1\cmstp.exe
HKU-Default-Explorer_Run-MqtgSVC - c:\docume~1\JOLLYR~1\DATIAP~1\mqtgsvc.exe
HKU-Default-Explorer_Run-SessMgr - c:\windows\System\sessmgr.exe
HKU-Default-Explorer_Run-IEudinit - c:\windows\System32\drivers\ieudinit.exe
AddRemove-InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A} - c:\programmi\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-26 16:17
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1177238915-113007714-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:a9,85,98,85,58,81,6a,8a,43,be,8e,b0,91,cb,25,43,d1,a0,e1,c0,e5,
57,c7,fd,ac,5c,72,f5,8a,1e,81,d6,24,99,a8,e1,72,98,c4,42,ad,b0,d0,fe,ab,ed,\
"rkeysecu"=hex:af,cf,60,8e,58,2d,7f,c2,3d,33,91,66,06,f8,1d,70

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="AF97D3471FD3C5A859E9166D2B5DAE3B36C88EE5B8071C1E491ABD9E205E9B09D457F8603CB8F15CB8F5260AB267846497E85062FDF791305B2604F5DF853AFA7C4283838A20D723A299C47E2BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5C5D575E7D6A3B9808BA7FD869164D67940CB5F7DD2AFA09B651D8C14BE13F4F3B2E552E90DD993E4CD103017CE8146D8FA3A493B195F50968A3BDC34BE8C35EFA5FBD8243910DDE00737765B2B48E456B1DE6CEDD4927415FDCCE258E7F90B771AB9F15433EF210BE392EEFA82D4A9151C23B0AE9CD0ED353F050B44AA7393F944FE4C6917F96965CC9D7B1CB28E2161443B724D054BD28B337DAC4250A661C0E69CA7BA497547A5F2DF6BE7D1E0C5DB5B1C383012FDC67216BDD2D3BF355B9BE006519E36A9C070550E5B0942F8C3470031E925ED4A77F71AA9AC71E535545B57B9B8CAC8175CE3A07CD235B9ABDAAAF12563DBF5F6D22AE7BA6F2CFBD4B34BD27A7C4CF0978232504AF370EC88E17949E51786F8F11C694C36C9149E92EBCCD3497B593D1D19E9C61DF92E04100127449C8362C470AA7164FA88AF6330D5916B6D058AF51441C2A9E855C793429F8569948F12B8D6241594D6D48389B05CAF8A68726D222243B101B1C417072B46CF6F931A9918D3BD736D1213AE0C5CB920D61471F1C7DDAE0C09B7373D472E0D248B6B7DE7B96476F3CD27D51B879A9789BA76EC7A1C6E536E2CB2FA5A84D0054ED856516F699CDD32B2C10057DA27A88A41C31286B0256A553B7C89262C0775E3FFA9659872F2A13F89DB950DD51AF915B4815CAF758D160A0D009F46BAFC2224A917C37A3914A7ECECBB132FEB94CA52319F540379711D9106C920E211FEE944FA79B413721342C0CBB01AC7733E81C995D811C0E2F61CA1744582356B91FEEC200CB0C215E7CF740DA85C6D3B932110D4B3B745735A4AF6175A0FCD1CD882ECDC0BA323372CFFC3176F18A936EE663FDF878E6DDE0CFC74F8109E64C4B7793CB74E9D0B6A6EBA05944CA07AC935EB5A4E5E59263916C17F4CD803374494824CD092D0AE4EA2787E4DAE9CF0592FDEF6B70819A1EC6966698244BB46C03ED2A97512E82ECD1E51BB735FC7979F4C33C6F5D9D27B52481C2B53200C5C9D36FB12305E765F211A48A64B107205A6DBE0B0554E1E3C6F4F07A7D080CC196BFE50C1C3C2DDF0C85F2C7B695DCE26B4D930EB1E2C87F6425BE23D19C2E8AD1EA80CEE2F6A1A2462D730A2B082862640FFBBDB079A0AE914557944AC77A846C2180D10D163E631D2B5EC8F31467C7F14D42D46FEB8DA8488ABD6AB348D8174C4F3D34E1E1CFDD8646FC44F5A9EB3CB3C647D191F204A9F4CD06040DBD84AFCC0720D4DD03764D"
"OODEFRAG11.00.00.01WORKSTATION"="A4E41FE07E2A3A18C0F62457EACD0E7C20355ADFB75438321DB389A7E7AA1A9D77F2804D6EF63846544CD036C06EBDCD57309D2EF27611BC4930EF55679CF296CB5DA5E20AD9B24124F46735A42571C3105A3AB3BADA7148A968927BF4707D79E087036423F6D7A581A0754CCAF33E3E49D3F53FC201781A8F880FDE67410310F8CAAFAA51AA3961BFF4A98A29941D708A2C3B33061EA7C852FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667A6A0AC4980AC79339DB7CE019D40AA5C24BA55CE1244CD59F50203E5D71DF1D54EE0492E6592B2BB884D137C077B61909DC53F9731FBF7309360FE9E6E57A3B0555E097408511CD74BDC18BC13A4CCA3440A3CECC302C8E03674F96A0DA19BCF4B633DB71D6A58DA39BE18B1989F8CE1758E53E2B626EC862982CF5DA2D6E99F858B352B30607D24D809F5CD5EB7DA3982811D4A302065C32B6E6C49CF3674934F1554457D9A741621F0ABC8DE1EC71F31B247BD870603BCECC255CA6660F321676312C078657B187D55C31EC7E6B489B8971218C5D8EE1914AD1EBA71DDF44182FCF71AC36FA3124F345F0CFB8A59F548495379ADF6A586BC81F1BE2D1857F1C58D27153CCB54F569B133169165BF637F04F4C63128F6B472330F3988DB52B3CDE2D2366CF246B494160703D439C7D47329F3A7F61505593A5DC7532A5EEB0EA8F0C14997C087440D4D37DE42A7A3D22D3DE1085C49C8AB073D037BE8B4828A59CD4F5CB272782181E633778D3B59E72AEA63196F390E6AC435B9E25259C63556B5E940E6ACD149171780611D6044A45BFB314D7538F3D3504BFAFCA62A3C208C06170B13771BBEE535B6F30BE5941C256499DE64016FAE7C2969055A6ABDE159C2EB99C7BC320979BD03C82682C96661B6FDC867AF4743101C3B7615BF761410111586C9CDC8B25351A4BEF0CBBD9FDC2DD2CA5FC717DC431839933535E75478BECFB6945C66C964B16FFA22C09A6658A3A2E85FABCFCD46B044614A396642CCB772CD5400E26017484DE3A3C05D5E891D88ECAE26B46938214CA8199E9B073C1161396A35EC8EC72239249510DA31983CB8E1C9655C09B146D875981A82C969801A246CDA866F44EB44AB4856B807A24AF5975E7A35883CA3831BF7C66E386CE1AA812534059FD2FC13AD43A1F213B9351B2351D9FBC954DC7A2E96A40205D033B68990E892432B4BDB2041615607E08D93DC3B5E46B1ED3E0286879337E51396F533E1042C0077F1ED3EB06A079A1408E2DE64C3FB27EDB46D43955C599328D5323EFCF4A3815933A60834757C893DFC1D8BCE2D57182FD1A844BC270B4CF659CB2DFB0F9F7564F1FB41A29D0094BF6A6B06AE1E6AF4FECA32AE2C84BF5159B0B7462C0A99"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(872)
c:\windows\system32\Ati2evxx.dll
c:\programmi\file comuni\logitech\bluetooth\LBTWlgn.dll
c:\windows\system32\LMIinit.dll
c:\programmi\file comuni\logitech\bluetooth\LBTServ.dll
.
Ora fine scansione: 2010-01-26 16:19:35
ComboFix-quarantined-files.txt 2010-01-26 15:19
ComboFix2.txt 2010-01-25 13:26

Pre-Run: 72,125,308,928 byte disponibili
Post-Run: 72,098,263,040 byte disponibili

- - End Of File - - 9A43B2FCE308DDC2B4F5C262BFBF05C3
ormai non ci credo più è successo tutto dopo aver istallato un crack per far partire un gioco senza il disco inserito
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 26/01/10 22:58

i crack sono il nemico numero uno, ricordalo

il log sembra a posto - esegui le pulizie

scarica http://www.filehippo.com/download_ccleaner/

1) per il download dell'ultima versione clicca a destra in alto sotto la freccia verde
2) installalo (senza la toolbar aggiuntiva)
3) clicca su "avvia pulizia", ripeti il procedimento 2 volte

poi


scarica http://www.atribune.org/ccount/click.php?id=1


Avvia ATFCleaner.exe con un doppio click

1.1) seleziona la casella Select All
2.1) clicca sul pulsante Empty selected
3.1) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)


posta un log aggiornato di hijackthis
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 26/01/10 23:53

le pulizie con questi programmi le ho fatte già
ccleaner lo uso da tempo
anche con l'altro l'ho fatto ieri sera adesso lo rifaccio
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi JollyRoger77 » 26/01/10 23:59

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:59, on 2010-01-26
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\LogMeIn\x86\LogMeInSystray.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\LogMeIn\x86\LMIGuardian.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programmi\esyPlanner\esyPlanner.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\eMule0.49c-SharkX_v1.7RC1-BIN\emule.exe
C:\Programmi\FreePOPs\freepopsd.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\JollyRoger\Desktop\fgghhh\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... n=77ce5afd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programmi\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [esyPlanner.exe] C:\Programmi\esyPlanner\esyPlanner.exe osUp
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [ClipSrv] C:\WINDOWS\clipsrv.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [ClipSrv] C:\WINDOWS\clipsrv.exe /waitservice (User 'Default user')
O4 - S-1-5-18 Startup: emule (2).lnk = D:\eMule0.49c-SharkX_v1.7RC1-BIN\emule.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: emule (2).lnk = D:\eMule0.49c-SharkX_v1.7RC1-BIN\emule.exe (User 'Default user')
O4 - .DEFAULT Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe (User 'Default user')
O4 - Global Startup: emule (2).lnk = D:\eMule0.49c-SharkX_v1.7RC1-BIN\emule.exe
O4 - Global Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2565152465
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2734550625
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Nokia. - (no file)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 12125 bytes
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 27/01/10 11:29

esyPlanner questo programma lo hai installato tu?

Lancia HiJackThis -> Clicca Do a scan only -> Metti la spunta a fianco delle righe che ti segnalo qui sotto -> Clicca su Fix Checked

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64, 2e,68,74,6d,00 (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64, 2e,68,74,6d,00 (file missing)

O23 - Service: SessionLauncher - Nokia. - (no file)
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 27/01/10 11:37

si è un memo per gli appuntamenti
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 27/01/10 11:42

per il resto sembra tutto a posto

riscontri ancora problemi?

elimina combofix con questo programmino

Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
riavvia il pc quando te lo chiede


vai in Disco Locale C: ed elimina la cartella QooBox
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 27/01/10 12:36

niente non funziona
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 27/01/10 12:52

niente non funziona


il programma? o non riesci a trovare la cartella qoobox?
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 27/01/10 12:58

la cartella qoobox non esiste sul mio pc l'ho cercata
il gioco Vancouver 2010 che prima funzionava non parte cioè si apre la finestra come se sta caricando e poi torna al desktop
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 27/01/10 13:08

prova a disinstallarlo e vedi se torn a posto
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus blocca giochi

Postdi JollyRoger77 » 27/01/10 13:12

l'ho fatto almeno 10 volte
Avatar utente
JollyRoger77
Utente Senior
 
Post: 141
Iscritto il: 13/11/06 00:24

Re: virus blocca giochi

Postdi shel » 27/01/10 13:14

Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)

allega il report C:\LopR.txt insieme ad un nuovo log di hijackthis
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "virus blocca giochi":


Chi c’è in linea

Visitano il forum: Nessuno e 79 ospiti