Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

sicurezza per il pc

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

sicurezza per il pc

Postdi micro78 » 11/11/08 21:36

vorrei sapere che software utilizzare per la pulizia e la sicurezza sul pc
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Sponsor
 

Re: sicurezza per il pc

Postdi m.paolo » 11/11/08 23:35

Un firewall: http://www.pc-facile.com/download/firew ... larm/9.htm (XP e Vista ne hanno uno integrato)
Un antivirus: http://www.pc-facile.com/download/anti- ... st/279.htm
Un antispyware: http://www.pc-facile.com/download/anti- ... er/339.htm (In Vista è integrato)
Per la pulizia: http://www.pc-facile.com/download/puliz ... er/255.htm
Importante è tenere anche aggiornato il sistema operativo tramite Windows Update.
m.paolo
Moderatore
 
Post: 2224
Iscritto il: 11/11/06 22:34

Re: sicurezza per il pc

Postdi micro78 » 12/11/08 17:21

zone alarm non e un po pesante?
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi m.paolo » 12/11/08 17:29

Se usi Windows Vista puoi fare a meno di installare un'altro firewall perchè quello che ha integrato ha una buona protezione.
m.paolo
Moderatore
 
Post: 2224
Iscritto il: 11/11/06 22:34

Re: sicurezza per il pc

Postdi MIKI68 » 13/11/08 15:50

m.paolo ha scritto:Se usi Windows Vista puoi fare a meno di installare un'altro firewall perchè quello che ha integrato ha una buona protezione.

Non sono tanto d'accordo perchè zone alarm avvisa l'utente di tutti i programmi che tentano di connettersi ai server esterni e di agire come server, invece il firewall di vista blocca solo all'entrata all'infuori di qualche eccezione tipo i programmi p2p.
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: sicurezza per il pc

Postdi micro78 » 18/11/08 18:04

spybot mi trova i seguenti
BURSMEDIA
CASALEMEDIA
DOUBLECLICK
FASTCLIK
MEDIAPLEX
START COUNTER
WEB TRENDS LIVE
ZEDO
che cosa sono ?che devo fare ? quando immunizzo con spybot, i file di firefox non li protegge come mai?

il firewall comodo mi ha trovato che il file izngztm.exe si vuole connettwere ad internet,ma che cosa e ? non rieco neanche a trovare il suo percosco in c/
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi MIKI68 » 19/11/08 12:12

Ehm...certo stai prprio inguaiato :D clicca sulla voce correggi di spybot ed eliminali poi sybot ha la protezione internet solo di internet explorer e non di altri broswer. Posta un log di hijackthis
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: sicurezza per il pc

Postdi micro78 » 19/11/08 18:42

li correggo con spy ma poi ci sono dinuovo
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi micro78 » 19/11/08 19:59

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.56.28, on 19/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\COMODO\COMODO Internet Security\cfp.exe
C:\Programmi\Nortek Office Multimedia Keyboard & Mouse Driver\MouseDrv.exe
C:\Programmi\Nortek Office Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\documents and settings\mikko\impostazioni locali\dati applicazioni\izngztm.exe
C:\Programmi\Vista Start Menu\VistaStartMenu.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\uTorrent\uTorrent.exe
C:\Programmi\eMule\emule.exe
C:\Documents and Settings\mikko\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Office Multimedia Keyboard & Mouse Driver\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Programmi\Nortek Office Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [izngztm] "c:\documents and settings\mikko\impostazioni locali\dati applicazioni\izngztm.exe" izngztm
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Programmi\Vista Start Menu\VistaStartMenu.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{C232BA14-E545-4419-B56F-BEC4CA4BDD2E}: NameServer = 85.37.17.41 85.38.28.83
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7350 bytes
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi Luke57 » 19/11/08 22:31

Ciao, apri hijackthis, premi "config", "misc tools", "open process manager", cerca tra i processi:
C:\documents and settings\mikko\impostazioni locali\dati applicazioni\izngztm.exe
se presenti lo evidenzi e premi kill process.
Torni al menu principale con back, premi "scan", cerchi e spunti le voci seguenti:
O4 - HKCU\..\Run: [izngztm] "c:\documents and settings\mikko\impostazioni locali\dati applicazioni\izngztm.exe" izngztm

premi fix checked.

Chiudi hijackthis, da risorse del computer>strumenti>opzioni cartella>visualizzazione, metti la spunta a "visualizza file e cartelle nascosti">OK.

Cerchi ed elimini il seguente file:
c:\documents and settings\mikko\impostazioni locali\dati applicazioni\izngztm.exe

Poi scarica combofix sul desktop
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Poi avvia combofix.exe, parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione, se dovessero scomparire le icone sul desktop e la barra delle applicazioni, non è nulla di cui preoccuparsi),una volta terminata, se tutto è andato bene, in C:\ dovresti trovare il file combofix.txt , allegalo o posta il contenuto del file.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: sicurezza per il pc

Postdi micro78 » 20/11/08 14:22

Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm.exe
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_nav.dat
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2008-10-20 al 2008-11-20 )))))))))))))))))))))))))))))))))))
.

2008-11-17 14:01 . 2008-11-17 14:03 <DIR> d-------- c:\windows\system32\HWC HD
2008-11-17 14:01 . 2006-08-01 12:31 3,600,384 --a------ c:\windows\ffmpeg.exe
2008-11-16 18:49 . 2008-02-22 12:30 334,792 --a------ c:\windows\system32\_AxShlEx.dll
2008-11-16 18:02 . 2008-11-16 18:02 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\vlc
2008-11-15 17:30 . 2008-11-18 20:39 69 --a------ c:\windows\NeroDigital.ini
2008-11-15 17:26 . 2008-11-15 17:30 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\ArcSoft
2008-11-15 17:25 . 2008-11-15 17:25 <DIR> d-------- c:\programmi\File comuni\ArcSoft
2008-11-15 17:25 . 2006-11-10 15:05 18,688 --a------ c:\windows\system32\drivers\afc.sys
2008-11-15 17:24 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\system32\gdiplus.dll
2008-11-15 17:24 . 2008-11-15 17:24 1,156 --a------ c:\windows\mozver.dat
2008-11-15 17:23 . 2008-11-18 13:29 <DIR> d-------- c:\windows\OvtCam
2008-11-15 17:23 . 2005-06-21 10:29 245,408 --a------ c:\windows\system32\unicows.dll
2008-11-15 17:23 . 1995-08-01 04:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-11-15 17:22 . 2008-11-17 14:01 <DIR> d-------- c:\programmi\Hercules
2008-11-15 17:22 . 2005-03-15 17:04 161,792 --a------ c:\windows\system32\drivers\ov530vid.sys
2008-11-15 17:22 . 2004-08-05 17:34 61,440 --a------ c:\windows\ov530dib.dll
2008-11-15 17:22 . 2005-09-30 09:42 40,960 --a------ c:\windows\system32\ov530ext.dll
2008-11-15 17:22 . 2004-11-09 00:37 25,177 --a------ c:\windows\system32\drivers\ov530cmd.sys
2008-11-15 17:22 . 2005-09-30 09:56 18,972 --a------ c:\windows\system32\ov530ext.ax
2008-11-15 17:22 . 2004-07-20 01:50 16,440 --a------ c:\windows\system32\ov530usd.dll
2008-11-15 16:55 . 2008-11-15 16:55 <DIR> d-------- c:\documents and settings\mikko\Contacts
2008-11-15 16:53 . 2008-11-15 16:53 268 --ah----- C:\sqmdata02.sqm
2008-11-15 16:53 . 2008-11-15 16:53 244 --ah----- C:\sqmnoopt02.sqm
2008-11-15 16:46 . 2008-11-15 16:46 0 --a------ c:\windows\nsreg.dat
2008-11-15 16:35 . 2008-11-15 16:35 268 --ah----- C:\sqmdata01.sqm
2008-11-15 16:35 . 2008-11-15 16:35 244 --ah----- C:\sqmnoopt01.sqm
2008-11-15 16:34 . 2008-11-15 16:38 <DIR> d-------- c:\programmi\Motive
2008-11-15 16:34 . 2008-11-15 16:34 <DIR> d-------- c:\programmi\Common Files
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\programmi\Telecom Italia
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Comodo
2008-11-15 16:27 . 2008-11-15 16:27 268 --ah----- C:\sqmdata00.sqm
2008-11-15 16:27 . 2008-11-15 16:27 244 --ah----- C:\sqmnoopt00.sqm
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\Vista Start Menu
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\VideoLAN
2008-11-15 16:22 . 2008-11-19 19:50 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Vista Start Menu
2008-11-15 16:21 . 2008-11-15 16:21 <DIR> d-------- c:\programmi\uTorrent
2008-11-15 16:21 . 2008-11-15 17:32 <DIR> d-------- c:\programmi\Spybot - Search & Destroy
2008-11-15 16:21 . 2008-11-20 14:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\uTorrent
2008-11-15 16:21 . 2008-11-17 20:02 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-15 16:20 . 2008-11-15 16:20 <DIR> d-------- c:\programmi\MSN Messenger
2008-11-15 16:19 . 2008-11-15 16:19 <DIR> d-------- c:\programmi\Foxit Software
2008-11-15 16:18 . 2008-11-19 18:46 <DIR> d-------- c:\programmi\eMule
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\programmi\DVD Shrink
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2008-11-15 16:17 . 2008-11-15 16:17 <DIR> d-------- c:\programmi\IObit
2008-11-15 16:16 . 2008-11-15 16:16 <DIR> d-------- c:\programmi\7-Zip
2008-11-15 16:14 . 2008-11-15 16:14 <DIR> d-------- c:\programmi\Xilisoft
2008-11-15 16:13 . 2008-11-15 16:13 <DIR> d-------- c:\programmi\Total Video Converter
2008-11-15 16:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\windows\Downloaded Installations
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver
2008-11-15 16:11 . 2008-11-15 16:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\programmi\Nero
2008-11-15 16:10 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\File comuni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nero
2008-11-15 16:07 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\Elaborate Bytes
2008-11-15 16:06 . 2008-11-15 16:06 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\SlySoft
2008-11-15 16:04 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\SlySoft
2008-11-15 16:04 . 2008-11-15 16:58 24 ---hs---- c:\windows\S12589416.tmp
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\CCleaner
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\Allok Audio Converter
2008-11-15 16:03 . 2002-01-05 13:37 344,064 --a------ c:\windows\system32\Msvcr70.dll
2008-11-15 16:03 . 2002-06-25 06:28 40,960 --a------ c:\windows\system32\wavdest.ax
2008-11-15 16:01 . 2008-11-15 16:01 <DIR> d-------- c:\programmi\COMODO
2008-11-15 16:01 . 2008-11-15 16:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\comodo
2008-11-15 16:01 . 2008-11-18 17:57 143,096 --a------ c:\windows\system32\guard32.dll
2008-11-15 16:01 . 2008-11-18 17:57 99,216 --a------ c:\windows\system32\drivers\cmdguard.sys
2008-11-15 16:01 . 2008-11-18 17:57 31,504 --a------ c:\windows\system32\drivers\cmdhlp.sys
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-15 16:00 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\programmi\Avira
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avira
2008-11-15 15:52 . 2008-11-15 15:52 <DIR> d-------- c:\programmi\Alcohol Soft
2008-11-15 15:48 . 2008-11-15 15:48 716,272 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-15 13:19 . 2008-11-16 17:10 <DIR> d-------- C:\VideoSec
2008-11-15 13:13 . 2008-11-15 17:35 <DIR> d--h----- C:\ASUS.000
2008-11-15 13:12 . 2008-11-15 13:12 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Corel
2008-11-15 13:12 . 2008-11-15 13:12 2,516 --ahs---- c:\windows\system32\KGyGaAvL.sys
2008-11-15 13:12 . 2008-11-15 13:12 8 -r-hs---- c:\windows\system32\8736CE1C6F.sys
2008-11-15 12:24 . 2008-11-15 12:59 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ulead Systems

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-19 19:55 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-11-17 13:01 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-15 15:34 155,995 ----a-w c:\windows\java\Packages\2XNX39V7.ZIP
2008-11-15 11:56 --------- d-----w c:\programmi\File comuni\Ulead Systems
2008-11-15 11:56 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2008-11-15 11:18 --------- d-----w c:\programmi\File comuni\Symantec Shared
2008-11-14 22:05 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Symantec
2008-11-14 21:48 --------- d-----w c:\programmi\ASUS
2008-11-14 21:47 --------- d-----w c:\programmi\My Company Name
2008-11-14 21:38 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\WinZip
2008-11-14 21:37 --------- d-----w c:\programmi\Ulead Systems
2008-11-14 21:37 --------- d-----w c:\programmi\File comuni\InstallShield
2008-11-14 21:37 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\InstallShield
2008-11-14 21:34 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Corel
2008-11-14 21:22 --------- d-----w c:\programmi\VIA
2008-11-14 21:21 --------- d-----w c:\programmi\NVIDIA Corporation
2008-11-14 21:17 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\Symantec
2008-11-14 21:13 --------- d-----w c:\programmi\AMD
2008-11-14 21:13 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\InstallShield
2008-11-14 21:01 --------- d-----w c:\programmi\microsoft frontpage
2008-11-14 21:00 --------- d-----w c:\programmi\Servizi in linea
2008-11-14 20:58 --------- d-----w c:\programmi\Windows Media Connect 2
2008-09-18 13:52 1,571,840 ----a-w c:\windows\system32\sfcfiles.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"VistaStartMenu"="c:\programmi\Vista Start Menu\VistaStartMenu.exe" [2007-12-12 1704624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-15 29831168]
"Ulead AutoDetector v2"="c:\programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2008-11-18 1796856]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WireLessMouse"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\MouseDrv.exe" [2005-11-03 286720]
"WireLessKeyboard"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe" [2005-11-03 925696]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]
"_nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FILECO~1\ULEADS~1\vio\dvacm.acm
"vidc.asv2"= asusasv2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2008-11-16 18:49 4608 c:\programmi\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\eMule\\emule.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-15 99216]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-15 31504]
R1 EIO_XP;EIO_XP;\??\c:\windows\system32\drivers\EIO_XP.sys [2008-11-14 12288]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2008-11-14 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2008-05-03 38176]
R3 ovt530;Hercules Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys [2008-11-15 161792]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-14 238080]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2008-11-14 10752]

*Newly Created Service* - PROCEXP90
.
.
------- Supplementare di scansione -------
.
FireFox -: Profile - c:\documents and settings\mikko\Dati applicazioni\Mozilla\Firefox\Profiles\bw5rqorz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://virgilio.alice.it/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-20 14:13:01
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-11-20 14.13.32
ComboFix-quarantined-files.txt 2008-11-20 13:13:29

Pre-Run: 13.395.144.704 byte disponibili
Post-Run: 13,385,334,784 byte disponibili

212
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi micro78 » 20/11/08 14:22

che file era?
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi micro78 » 20/11/08 14:25

vorrei sapere perche spybot non mi immuniza firefox.
eppure e spuntato.

ho letto su un post che ce da eliminare una cartella , ma non la trovohttp://www.spybot.com/it/faq/58.html
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi micro78 » 21/11/08 20:28

luke 57 ti posto il resoconto

Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm.exe
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_nav.dat
c:\documents and settings\mikko\Impostazioni locali\Dati applicazioni\izngztm_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2008-10-20 al 2008-11-20 )))))))))))))))))))))))))))))))))))
.

2008-11-17 14:01 . 2008-11-17 14:03 <DIR> d-------- c:\windows\system32\HWC HD
2008-11-17 14:01 . 2006-08-01 12:31 3,600,384 --a------ c:\windows\ffmpeg.exe
2008-11-16 18:49 . 2008-02-22 12:30 334,792 --a------ c:\windows\system32\_AxShlEx.dll
2008-11-16 18:02 . 2008-11-16 18:02 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\vlc
2008-11-15 17:30 . 2008-11-18 20:39 69 --a------ c:\windows\NeroDigital.ini
2008-11-15 17:26 . 2008-11-15 17:30 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\ArcSoft
2008-11-15 17:25 . 2008-11-15 17:25 <DIR> d-------- c:\programmi\File comuni\ArcSoft
2008-11-15 17:25 . 2006-11-10 15:05 18,688 --a------ c:\windows\system32\drivers\afc.sys
2008-11-15 17:24 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\system32\gdiplus.dll
2008-11-15 17:24 . 2008-11-15 17:24 1,156 --a------ c:\windows\mozver.dat
2008-11-15 17:23 . 2008-11-18 13:29 <DIR> d-------- c:\windows\OvtCam
2008-11-15 17:23 . 2005-06-21 10:29 245,408 --a------ c:\windows\system32\unicows.dll
2008-11-15 17:23 . 1995-08-01 04:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2008-11-15 17:23 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-11-15 17:22 . 2008-11-17 14:01 <DIR> d-------- c:\programmi\Hercules
2008-11-15 17:22 . 2005-03-15 17:04 161,792 --a------ c:\windows\system32\drivers\ov530vid.sys
2008-11-15 17:22 . 2004-08-05 17:34 61,440 --a------ c:\windows\ov530dib.dll
2008-11-15 17:22 . 2005-09-30 09:42 40,960 --a------ c:\windows\system32\ov530ext.dll
2008-11-15 17:22 . 2004-11-09 00:37 25,177 --a------ c:\windows\system32\drivers\ov530cmd.sys
2008-11-15 17:22 . 2005-09-30 09:56 18,972 --a------ c:\windows\system32\ov530ext.ax
2008-11-15 17:22 . 2004-07-20 01:50 16,440 --a------ c:\windows\system32\ov530usd.dll
2008-11-15 16:55 . 2008-11-15 16:55 <DIR> d-------- c:\documents and settings\mikko\Contacts
2008-11-15 16:53 . 2008-11-15 16:53 268 --ah----- C:\sqmdata02.sqm
2008-11-15 16:53 . 2008-11-15 16:53 244 --ah----- C:\sqmnoopt02.sqm
2008-11-15 16:46 . 2008-11-15 16:46 0 --a------ c:\windows\nsreg.dat
2008-11-15 16:35 . 2008-11-15 16:35 268 --ah----- C:\sqmdata01.sqm
2008-11-15 16:35 . 2008-11-15 16:35 244 --ah----- C:\sqmnoopt01.sqm
2008-11-15 16:34 . 2008-11-15 16:38 <DIR> d-------- c:\programmi\Motive
2008-11-15 16:34 . 2008-11-15 16:34 <DIR> d-------- c:\programmi\Common Files
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\programmi\Telecom Italia
2008-11-15 16:33 . 2008-11-15 16:33 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Comodo
2008-11-15 16:27 . 2008-11-15 16:27 268 --ah----- C:\sqmdata00.sqm
2008-11-15 16:27 . 2008-11-15 16:27 244 --ah----- C:\sqmnoopt00.sqm
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\Vista Start Menu
2008-11-15 16:22 . 2008-11-15 16:22 <DIR> d-------- c:\programmi\VideoLAN
2008-11-15 16:22 . 2008-11-19 19:50 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Vista Start Menu
2008-11-15 16:21 . 2008-11-15 16:21 <DIR> d-------- c:\programmi\uTorrent
2008-11-15 16:21 . 2008-11-15 17:32 <DIR> d-------- c:\programmi\Spybot - Search & Destroy
2008-11-15 16:21 . 2008-11-20 14:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\uTorrent
2008-11-15 16:21 . 2008-11-17 20:02 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-15 16:20 . 2008-11-15 16:20 <DIR> d-------- c:\programmi\MSN Messenger
2008-11-15 16:19 . 2008-11-15 16:19 <DIR> d-------- c:\programmi\Foxit Software
2008-11-15 16:18 . 2008-11-19 18:46 <DIR> d-------- c:\programmi\eMule
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\programmi\DVD Shrink
2008-11-15 16:18 . 2008-11-15 16:18 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2008-11-15 16:17 . 2008-11-15 16:17 <DIR> d-------- c:\programmi\IObit
2008-11-15 16:16 . 2008-11-15 16:16 <DIR> d-------- c:\programmi\7-Zip
2008-11-15 16:14 . 2008-11-15 16:14 <DIR> d-------- c:\programmi\Xilisoft
2008-11-15 16:13 . 2008-11-15 16:13 <DIR> d-------- c:\programmi\Total Video Converter
2008-11-15 16:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\windows\Downloaded Installations
2008-11-15 16:12 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver
2008-11-15 16:11 . 2008-11-15 16:11 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\programmi\Nero
2008-11-15 16:10 . 2008-11-15 16:12 <DIR> d-------- c:\programmi\File comuni\Ahead
2008-11-15 16:10 . 2008-11-15 16:10 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nero
2008-11-15 16:07 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\Elaborate Bytes
2008-11-15 16:06 . 2008-11-15 16:06 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\SlySoft
2008-11-15 16:04 . 2008-11-15 16:07 <DIR> d-------- c:\programmi\SlySoft
2008-11-15 16:04 . 2008-11-15 16:58 24 ---hs---- c:\windows\S12589416.tmp
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\CCleaner
2008-11-15 16:03 . 2008-11-15 16:03 <DIR> d-------- c:\programmi\Allok Audio Converter
2008-11-15 16:03 . 2002-01-05 13:37 344,064 --a------ c:\windows\system32\Msvcr70.dll
2008-11-15 16:03 . 2002-06-25 06:28 40,960 --a------ c:\windows\system32\wavdest.ax
2008-11-15 16:01 . 2008-11-15 16:01 <DIR> d-------- c:\programmi\COMODO
2008-11-15 16:01 . 2008-11-15 16:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\comodo
2008-11-15 16:01 . 2008-11-18 17:57 143,096 --a------ c:\windows\system32\guard32.dll
2008-11-15 16:01 . 2008-11-18 17:57 99,216 --a------ c:\windows\system32\drivers\cmdguard.sys
2008-11-15 16:01 . 2008-11-18 17:57 31,504 --a------ c:\windows\system32\drivers\cmdhlp.sys
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-11-15 16:00 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-11-15 16:00 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-15 16:00 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\programmi\Avira
2008-11-15 15:59 . 2008-11-15 15:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avira
2008-11-15 15:52 . 2008-11-15 15:52 <DIR> d-------- c:\programmi\Alcohol Soft
2008-11-15 15:48 . 2008-11-15 15:48 716,272 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-15 13:19 . 2008-11-16 17:10 <DIR> d-------- C:\VideoSec
2008-11-15 13:13 . 2008-11-15 17:35 <DIR> d--h----- C:\ASUS.000
2008-11-15 13:12 . 2008-11-15 13:12 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Corel
2008-11-15 13:12 . 2008-11-15 13:12 2,516 --ahs---- c:\windows\system32\KGyGaAvL.sys
2008-11-15 13:12 . 2008-11-15 13:12 8 -r-hs---- c:\windows\system32\8736CE1C6F.sys
2008-11-15 12:24 . 2008-11-15 12:59 <DIR> d-------- c:\documents and settings\mikko\Dati applicazioni\Ulead Systems

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-19 19:55 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2008-11-17 13:01 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-15 15:34 155,995 ----a-w c:\windows\java\Packages\2XNX39V7.ZIP
2008-11-15 11:56 --------- d-----w c:\programmi\File comuni\Ulead Systems
2008-11-15 11:56 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2008-11-15 11:18 --------- d-----w c:\programmi\File comuni\Symantec Shared
2008-11-14 22:05 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Symantec
2008-11-14 21:48 --------- d-----w c:\programmi\ASUS
2008-11-14 21:47 --------- d-----w c:\programmi\My Company Name
2008-11-14 21:38 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\WinZip
2008-11-14 21:37 --------- d-----w c:\programmi\Ulead Systems
2008-11-14 21:37 --------- d-----w c:\programmi\File comuni\InstallShield
2008-11-14 21:37 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\InstallShield
2008-11-14 21:34 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Corel
2008-11-14 21:22 --------- d-----w c:\programmi\VIA
2008-11-14 21:21 --------- d-----w c:\programmi\NVIDIA Corporation
2008-11-14 21:17 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\Symantec
2008-11-14 21:13 --------- d-----w c:\programmi\AMD
2008-11-14 21:13 --------- d-----w c:\documents and settings\mikko\Dati applicazioni\InstallShield
2008-11-14 21:01 --------- d-----w c:\programmi\microsoft frontpage
2008-11-14 21:00 --------- d-----w c:\programmi\Servizi in linea
2008-11-14 20:58 --------- d-----w c:\programmi\Windows Media Connect 2
2008-09-18 13:52 1,571,840 ----a-w c:\windows\system32\sfcfiles.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"VistaStartMenu"="c:\programmi\Vista Start Menu\VistaStartMenu.exe" [2007-12-12 1704624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-15 29831168]
"Ulead AutoDetector v2"="c:\programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2008-11-18 1796856]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WireLessMouse"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\MouseDrv.exe" [2005-11-03 286720]
"WireLessKeyboard"="c:\programmi\Nortek Office Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe" [2005-11-03 925696]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]
"_nltide_3"="advpack.dll" [2008-04-27 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FILECO~1\ULEADS~1\vio\dvacm.acm
"vidc.asv2"= asusasv2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2008-11-16 18:49 4608 c:\programmi\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\eMule\\emule.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-15 99216]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-15 31504]
R1 EIO_XP;EIO_XP;\??\c:\windows\system32\drivers\EIO_XP.sys [2008-11-14 12288]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2008-11-14 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2008-05-03 38176]
R3 ovt530;Hercules Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys [2008-11-15 161792]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-14 238080]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2008-11-14 10752]

*Newly Created Service* - PROCEXP90
.
.
------- Supplementare di scansione -------
.
FireFox -: Profile - c:\documents and settings\mikko\Dati applicazioni\Mozilla\Firefox\Profiles\bw5rqorz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://virgilio.alice.it/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-20 14:13:01
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-11-20 14.13.32
ComboFix-quarantined-files.txt 2008-11-20 13:13:29

Pre-Run: 13.395.144.704 byte disponibili
Post-Run: 13,385,334,784 byte disponibili
micro78
Utente Senior
 
Post: 297
Iscritto il: 13/09/08 23:45

Re: sicurezza per il pc

Postdi Luke57 » 22/11/08 16:57

Ciao, scusa il ritardo, il report sembra a posto. Sempre combofix chiede di installare la consolle di ripristino e quasi sempre è individuato dagli antivirus come un malware perchè il codice dei tools per la sicurezza molto spesso è simile a quello dei virus.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "sicurezza per il pc":

reti e sicurezza
Autore: paolap62
Forum: Reti, ADSL e wireless
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 11 ospiti