Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

problema file IEXPLORER.EXE - Log

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

problema file IEXPLORER.EXE - Log

Postdi Akomyr » 18/07/09 12:26

Ciao a tutti.
E' la prima volta che scrivo in questo forum e spero di farlo nella maniera corretta.
Mi chiamo Marco e da qualche giorno sul mio portatile si aprono ogni tanto dei pop up.
Ho provato a guardare nel task manager ed ho visto che si aprono molti processo IEXPLORER.EXE che, se eliminati, ricompaiono immediatameti (ne ho circa 4 in contemporanea alla volta).
Seguendo i consigli che ho letto su questo forum ho usato Hijackthis; vi posto cosa ha trovato:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.46.01, on 17/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Bluetooth Software\bin\btwdins.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ltmoh\Ltmoh.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ClamWin\bin\ClamTray.exe
C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ansa.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\Marco\DATIAP~1\ELSEPL~1\AXISNEW.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d ... o-eula.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programmi\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe

--
End of file - 8911 bytes


Vi ringrazio in anticipo per tutto l'aiuto che saprete darmi.
Akomyr
Newbie
 
Post: 5
Iscritto il: 18/07/09 12:08

Sponsor
 

Re: problema file IEXPLORER.EXE - Log

Postdi shel » 18/07/09 16:50

ciao

per prima cosa analizza questo file

C:\DOCUME~1\Marco\DATIAP~1\ELSEPL~1\AXISNEW.exe

sembrerebbe un adware ma analizzalo prima di prendere decisioni affrettate

http://www.virustotal.com/it/


Scarica e installa malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completata, posta il rapporto e per ora non rimuovere nulla
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: problema file IEXPLORER.EXE - Log

Postdi Akomyr » 18/07/09 17:29

Intanto grazie shel per la risposta.

Ho analizzato con il sito che mi dicevi quel file C:\DOCUME~1\Marco\DATIAP~1\ELSEPL~1\AXISNEW.exe e questo è il rapporto:

File AXISNEW.exe ricevuto il 2009.07.18 16:25:40 (UTC)
Stato corrente: Carico ... in coda attesa scansione finito NON TROVATO INTERROTTO


Risultato: 10/41 (24.4%)

Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.24 2009.07.18 Trojan-Downloader.Swizzor!IK
AhnLab-V3 5.0.0.2 2009.07.18 -
AntiVir 7.9.0.220 2009.07.17 TR/Dldr.Swizzor.Gen
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.18 -
Avast 4.8.1335.0 2009.07.17 -
AVG 8.5.0.387 2009.07.18 -
BitDefender 7.2 2009.07.18 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.18 -
Comodo 1692 2009.07.18 -
DrWeb 5.0.0.12182 2009.07.18 Trojan.Swizzor.based
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6623 2009.07.18 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.18 -
Fortinet 3.120.0.0 2009.07.18 -
GData 19 2009.07.18 -
Ikarus T3.1.1.64.0 2009.07.18 Trojan-Downloader.Swizzor
Jiangmin 11.0.800 2009.07.18 -
K7AntiVirus 7.10.796 2009.07.18 -
Kaspersky 7.0.0.125 2009.07.18 -
McAfee 5680 2009.07.18 Swizzor!hv.h
McAfee+Artemis 5680 2009.07.18 Swizzor!hv.h
McAfee-GW-Edition 6.8.5 2009.07.18 Trojan.Dldr.Swizzor.Gen
Microsoft 1.4803 2009.07.18 Trojan:Win32/C2Lop.gen!K
NOD32 4257 2009.07.18 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.18 -
Panda 10.0.0.14 2009.07.17 -
PCTools 4.4.2.0 2009.07.18 -
Prevx 3.0 2009.07.18 -
Rising 21.38.52.00 2009.07.18 Trojan.DL.Win32.Swizzor.dtp
Sophos 4.43.0 2009.07.18 -
Sunbelt 3.2.1858.2 2009.07.18 -
Symantec 1.4.4.12 2009.07.18 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.18 -
VBA32 3.12.10.8 2009.07.17 BScope.Trojan.BugsWay.H.Obfs
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -


tra poco ti mando il risultato della scansione
Akomyr
Newbie
 
Post: 5
Iscritto il: 18/07/09 12:08

Re: problema file IEXPLORER.EXE - Log

Postdi Akomyr » 18/07/09 18:18

ecco il risultato della scansione malware

Malwarebytes' Anti-Malware 1.39
Versione del database: 2460
Windows 5.1.2600 Service Pack 3

18/07/2009 19.18.16
mbam-log-2009-07-18 (19-18-09).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 157286
Tempo trascorso: 32 minute(s), 7 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 1
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 2

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\book ante (Trojan.Agent) -> No action taken.

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
c:\documents and settings\massimo\dati applicazioni\else plus\jvfulbkv.exe (Trojan.Swizzor) -> No action taken.
C:\Documents and Settings\Marco\Dati applicazioni\Else plus\AXISNEW.exe (Trojan.Agent) -> No action taken.
Akomyr
Newbie
 
Post: 5
Iscritto il: 18/07/09 12:08

Re: problema file IEXPLORER.EXE - Log

Postdi shel » 18/07/09 20:13

ciao

era da eliminare dal controllo di virus total, ma ci ha pensato malwarebytes

ora fai un po' di pulizia e una nuova scansione

scarica Ccleaner

http://www.filehippo.com/download_ccleaner/

1) per il download dell'ultima versione clicca a destra in alto sotto la freccia verde
2) installalo
3) clicca su "avvia pulizia", ripeti il procedimento 2 volte

poi

scarica Atfcleaner

http://www.atribune.org/ccount/click.php?id=1

Avvia ATFCleaner.exe con un doppio click

1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning.
(se non vuoi eliminare le password togli la spunta) - (se usi opera o firefox,spunta anche le loro sezioni)


Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.

non usare il pc durante la scansione, nemmeno il mouse!
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: problema file IEXPLORER.EXE - Log

Postdi Akomyr » 18/07/09 23:38

ecco il log di combofix

ComboFix 09-07-14.08 - Marco 19/07/2009 0.30.23.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.495.292 [GMT 2:00]
Eseguito da: c:\documents and settings\Marco\Desktop\ComboFix.exe

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf

.
((((((((((((((((((((((((( Files Creati Da 2009-06-18 al 2009-07-18 )))))))))))))))))))))))))))))))))))
.

2009-07-18 22:14 . 2009-07-18 22:14 -------- d-----w- c:\programmi\CCleaner
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\documents and settings\Marco\Dati applicazioni\Malwarebytes
2009-07-18 16:20 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-07-18 16:20 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-18 08:53 . 2009-07-18 08:53 -------- d-----w- c:\windows\Sun
2009-07-17 18:11 . 2009-07-17 18:11 -------- d-----w- c:\programmi\Trend Micro
2009-07-17 17:02 . 2008-04-14 02:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-07-17 15:19 . 2009-07-17 15:19 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\FullTiltPoker
2009-07-17 12:27 . 2009-07-17 12:27 -------- d-----w- c:\documents and settings\Marco\Impostazioni locali\Dati applicazioni\Mozilla
2009-07-16 10:27 . 2009-07-16 10:27 -------- d-----w- c:\programmi\NOS
2009-07-16 10:27 . 2009-07-16 10:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-07-15 23:19 . 2009-07-15 23:19 -------- d-----w- c:\documents and settings\Marco\Impostazioni locali\Dati applicazioni\FullTiltPoker
2009-07-15 23:11 . 2009-07-15 23:11 -------- d-----w- c:\programmi\Full Tilt Poker
2009-07-15 11:37 . 2009-07-15 11:37 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Else plus
2009-07-14 15:15 . 2004-08-19 03:00 26496 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2009-07-13 12:33 . 2009-07-13 12:33 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\AdobeUM
2009-07-13 12:33 . 2009-07-13 12:33 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Adobe
2009-07-12 16:05 . 2009-07-12 16:05 -------- d-----w- c:\programmi\PokerStars.IT
2009-07-12 13:48 . 2009-07-12 13:48 -------- d-----w- c:\programmi\AskBarDis
2009-07-12 13:48 . 2009-07-12 13:48 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\uTorrent
2009-07-09 22:23 . 2009-07-09 22:23 348160 ----a-w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\LimeWire\browser\xulrunner\msvcr71.dll
2009-07-09 22:22 . 2009-07-09 22:22 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\LimeWire
2009-07-09 22:20 . 2009-07-09 22:20 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-09 22:20 . 2009-07-09 22:20 -------- d-----w- c:\programmi\Java
2009-07-09 22:20 . 2009-07-09 22:20 152576 ----a-w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-09 22:09 . 2009-07-09 22:09 -------- d-----w- c:\programmi\eMule
2009-07-09 20:41 . 2009-07-09 20:41 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Apple Computer
2009-07-09 20:39 . 2009-07-09 20:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-09 20:38 . 2009-07-09 20:38 -------- d-----w- c:\programmi\Bonjour
2009-07-09 20:37 . 2009-07-09 20:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-07-09 20:35 . 2009-07-09 20:35 -------- d-----w- c:\programmi\Apple Software Update
2009-07-09 20:35 . 2009-07-09 20:35 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Apple
2009-07-09 20:33 . 2009-07-09 20:33 -------- d-----w- c:\programmi\File comuni\Apple
2009-07-09 20:31 . 2009-07-09 20:31 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Apple Computer
2009-07-09 20:09 . 2009-07-09 20:09 -------- d-----w- c:\programmi\GiocoDigitale
2009-07-09 20:09 . 2009-07-09 20:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GiocoDigitale
2009-07-09 18:58 . 2009-07-09 18:58 0 ----a-w- c:\windows\nsreg.dat
2009-07-09 18:58 . 2009-07-09 18:58 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Mozilla
2009-07-09 18:26 . 2009-07-09 18:26 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Contacts
2009-07-09 17:30 . 2009-07-09 17:30 90344 ----a-w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-07-09 17:29 . 2009-07-09 17:29 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Google
2009-07-09 17:26 . 2009-07-09 17:26 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\.clamwin
2009-07-09 15:40 . 2009-07-09 15:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\windows\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\programmi\File comuni\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\programmi\Common Files
2009-07-09 13:42 . 2009-07-09 13:42 -------- d-----w- c:\programmi\Telecom Italia
2009-07-09 13:41 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-07-09 13:41 . 2009-03-06 14:19 286208 ------w- c:\windows\system32\dllcache\pdh.dll
2009-07-09 13:41 . 2009-02-09 11:22 111104 ------w- c:\windows\system32\dllcache\services.exe
2009-07-09 13:41 . 2009-02-09 10:51 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-07-09 13:41 . 2009-02-09 10:51 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-07-09 13:41 . 2009-02-09 10:51 734720 ------w- c:\windows\system32\dllcache\lsasrv.dll
2009-07-09 13:41 . 2009-02-09 10:51 736256 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-07-09 13:41 . 2009-02-09 10:51 683520 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-07-09 13:41 . 2009-02-09 10:51 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-07-09 13:32 . 2008-04-21 21:14 219136 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-07-09 13:32 . 2009-07-18 17:05 806912 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\idle safe.exe
2009-07-09 13:32 . 2009-07-09 13:32 802816 ----a-w- c:\documents and settings\Marco\Dati applicazioni\Else plus\lzqovgnw.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-18 13:01 . 2005-07-06 21:36 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-09 15:59 . 1979-12-31 22:00 49704 ----a-w- c:\windows\system32\perfc010.dat
2009-07-09 15:59 . 1979-12-31 22:00 349726 ----a-w- c:\windows\system32\perfh010.dat
2009-07-09 14:03 . 2009-07-09 14:03 -------- d-----w- c:\programmi\Alice ti aiuta
2009-07-09 14:03 . 2009-07-09 14:03 2232 ----a-w- c:\windows\java\Packages\Data\TRV5R75R.DAT
2009-07-09 14:03 . 2009-07-09 14:03 155995 ----a-w- c:\windows\java\Packages\DJJPNNXB.ZIP
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\7JVPZPNB.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\O5ZRTBH7.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\LFZT7R3D.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\9VVFLBRL.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\2TBVTB9B.DAT
2009-07-09 13:32 . 2008-07-23 09:00 413696 ----a-w- c:\documents and settings\Marco\Dati applicazioni\Else plus\Thunkdeafgreat.exe
2009-07-09 13:32 . 2008-07-23 09:00 327680 ----a-w- c:\documents and settings\Marco\Dati applicazioni\Else plus\JoyPokeForkBlue.exe
2009-07-09 13:32 . 2009-03-17 18:56 823296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\Debug Admin.exe
2009-07-09 13:31 . 2008-07-23 09:00 524288 ----a-w- c:\documents and settings\Marco\Dati applicazioni\Else plus\AXISNEW.exe
2009-06-16 14:36 . 1979-12-31 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 1979-12-31 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:09 . 1979-12-31 22:00 1296384 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:32 . 1979-12-31 22:00 347648 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:45 . 1979-12-31 22:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:44 . 1979-12-31 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-24 16:22 . 2009-07-09 18:58 137208 ----a-w- c:\programmi\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-12 68856]
"book ante"="c:\docume~1\Marco\DATIAP~1\ELSEPL~1\AXISNEW.exe" [2009-07-09 524288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-08-12 102400]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-08-12 684032]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-21 40960]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-03-28 188416]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-24 2880512]
"LManager"="c:\progra~1\LAUNCH~1\LManager.EXE" [2004-10-01 262144]
"ClamWin"="c:\programmi\ClamWin\bin\ClamTray.exe" [2007-08-21 73728]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-09 136600]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-27 68096]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-07-22 88361]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\Bluetooth Software\BTTray.exe [2004-10-1 565309]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=

R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [09/07/2009 15.44.51 8192]
R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [01/01/1980 140288]
S4 ASKUpgrade;ASKUpgrade;c:\programmi\AskBarDis\bar\bin\ASKUpgrade.exe [12/07/2009 15.49.01 234888]
.
Contenuto della cartella 'Scheduled Tasks'

2009-07-18 c:\windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job
- c:\programmi\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]

2009-07-18 c:\windows\Tasks\AE7F1E5E91848EEA.job
- c:\docume~1\massimo\datiap~1\elsepl~1\Thunkdeafgreat.exe [2008-07-08 18:56]

2009-07-18 c:\windows\Tasks\AC522BF39189DE9F.job
- c:\docume~1\marco\datiap~1\elsepl~1\Thunkdeafgreat.exe [2008-07-23 13:32]

2009-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\programmi\AskBarDis\bar\bin\askBar.dll
HKCU-Run-MessengerPlus3 - c:\programmi\MessengerPlus! 3\MsgPlus.exe


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.ansa.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programmi\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\yc5j2nar.default\
FF - prefs.js: browser.startup.homepage - www.fiorentina.it

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-19 00:34
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
Ora fine scansione: 2009-07-18 0.36.21
ComboFix-quarantined-files.txt 2009-07-18 22:36

Pre-Run: 6.131.777.536 byte disponibili
Post-Run: 6.108.135.424 byte disponibili

241 --- E O F --- 2009-07-16 01:29
Akomyr
Newbie
 
Post: 5
Iscritto il: 18/07/09 12:08

Re: problema file IEXPLORER.EXE - Log

Postdi Luke57 » 19/07/09 08:02

Ciao, apri un file di testo, al suo interno copiaci il seguente testo.

Codice: Seleziona tutto
File::
c:\windows\Tasks\AC522BF39189DE9F.job
c:\windows\Tasks\AE7F1E5E91848EEA.job

Folder::
c:\documents and settings\Marco\Dati applicazioni\Else plus
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"book ante"=-



salvalo sul desktop con il nome obbligatorio di CFScript.txt

trascina con il puntatore del mouse sull'icona di combofix ; il programma avvierà una nuova scansione. Al termine di essa, riavvia e posta il nuovo report.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: problema file IEXPLORER.EXE - Log

Postdi Akomyr » 19/07/09 16:04

ecco il nuovo report

ComboFix 09-07-19.01 - Marco 19/07/2009 16.57.04.2.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.495.209 [GMT 2:00]
Eseguito da: c:\documents and settings\Marco\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Marco\Desktop\CFScript.txt.txt

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
"c:\windows\Tasks\AC522BF39189DE9F.job"
"c:\windows\Tasks\AE7F1E5E91848EEA.job"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\Debug Admin.dat
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\Debug Admin.exe
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\idle safe.dat
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\idle safe.exe
c:\documents and settings\All Users\Dati applicazioni\Ball mapi owns ping\poll 64.exe
c:\documents and settings\Marco\Dati applicazioni\Else plus
c:\documents and settings\Marco\Dati applicazioni\Else plus\0
c:\documents and settings\Marco\Dati applicazioni\Else plus\AXISNEW.exe
c:\documents and settings\Marco\Dati applicazioni\Else plus\JoyPokeForkBlue.exe
c:\documents and settings\Marco\Dati applicazioni\Else plus\lzqovgnw.exe
c:\documents and settings\Marco\Dati applicazioni\Else plus\mkuhkuoj.exe
c:\documents and settings\Marco\Dati applicazioni\Else plus\Thunkdeafgreat.exe
c:\windows\Tasks\AC522BF39189DE9F.job
c:\windows\Tasks\AE7F1E5E91848EEA.job

.
((((((((((((((((((((((((( Files Creati Da 2009-06-19 al 2009-07-19 )))))))))))))))))))))))))))))))))))
.

2009-07-18 22:14 . 2009-07-18 22:14 -------- d-----w- c:\programmi\CCleaner
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\documents and settings\Marco\Dati applicazioni\Malwarebytes
2009-07-18 16:20 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-18 16:20 . 2009-07-18 16:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-07-18 16:20 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-18 08:53 . 2009-07-18 08:53 -------- d-----w- c:\windows\Sun
2009-07-17 18:11 . 2009-07-17 18:11 -------- d-----w- c:\programmi\Trend Micro
2009-07-17 17:02 . 2008-04-14 02:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-07-17 15:19 . 2009-07-17 15:19 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\FullTiltPoker
2009-07-17 12:27 . 2009-07-17 12:27 -------- d-----w- c:\documents and settings\Marco\Impostazioni locali\Dati applicazioni\Mozilla
2009-07-16 10:27 . 2009-07-16 10:27 -------- d-----w- c:\programmi\NOS
2009-07-16 10:27 . 2009-07-16 10:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-07-15 23:19 . 2009-07-15 23:19 -------- d-----w- c:\documents and settings\Marco\Impostazioni locali\Dati applicazioni\FullTiltPoker
2009-07-15 23:11 . 2009-07-15 23:11 -------- d-----w- c:\programmi\Full Tilt Poker
2009-07-15 11:37 . 2009-07-15 11:37 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Else plus
2009-07-14 15:15 . 2004-08-19 03:00 26496 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2009-07-13 12:33 . 2009-07-13 12:33 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\AdobeUM
2009-07-13 12:33 . 2009-07-13 12:33 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Adobe
2009-07-12 16:05 . 2009-07-12 16:05 -------- d-----w- c:\programmi\PokerStars.IT
2009-07-12 13:48 . 2009-07-12 13:48 -------- d-----w- c:\programmi\AskBarDis
2009-07-12 13:48 . 2009-07-12 13:48 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\uTorrent
2009-07-09 22:23 . 2009-07-09 22:23 348160 ----a-w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\LimeWire\browser\xulrunner\msvcr71.dll
2009-07-09 22:22 . 2009-07-09 22:22 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\LimeWire
2009-07-09 22:20 . 2009-07-09 22:20 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-09 22:20 . 2009-07-09 22:20 -------- d-----w- c:\programmi\Java
2009-07-09 22:20 . 2009-07-09 22:20 152576 ----a-w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-09 22:09 . 2009-07-09 22:09 -------- d-----w- c:\programmi\eMule
2009-07-09 20:41 . 2009-07-09 20:41 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\Apple Computer
2009-07-09 20:39 . 2009-07-09 20:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-09 20:38 . 2009-07-09 20:38 -------- d-----w- c:\programmi\Bonjour
2009-07-09 20:37 . 2009-07-09 20:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-07-09 20:35 . 2009-07-09 20:35 -------- d-----w- c:\programmi\Apple Software Update
2009-07-09 20:35 . 2009-07-09 20:35 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Apple
2009-07-09 20:33 . 2009-07-09 20:33 -------- d-----w- c:\programmi\File comuni\Apple
2009-07-09 20:31 . 2009-07-09 20:31 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Apple Computer
2009-07-09 20:09 . 2009-07-09 20:09 -------- d-----w- c:\programmi\GiocoDigitale
2009-07-09 20:09 . 2009-07-09 20:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GiocoDigitale
2009-07-09 18:58 . 2009-07-09 18:58 0 ----a-w- c:\windows\nsreg.dat
2009-07-09 18:58 . 2009-07-09 18:58 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Mozilla
2009-07-09 18:26 . 2009-07-09 18:26 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Contacts
2009-07-09 17:30 . 2009-07-09 17:30 90344 ----a-w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-07-09 17:29 . 2009-07-09 17:29 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Impostazioni locali\Dati applicazioni\Google
2009-07-09 17:26 . 2009-07-09 17:26 -------- d-----w- c:\documents and settings\Ultras Granata 1969\Dati applicazioni\.clamwin
2009-07-09 15:40 . 2009-07-09 15:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\windows\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\programmi\File comuni\Motive
2009-07-09 14:04 . 2009-07-09 14:04 -------- d-----w- c:\programmi\Common Files
2009-07-09 13:42 . 2009-07-09 13:42 -------- d-----w- c:\programmi\Telecom Italia
2009-07-09 13:41 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-07-09 13:41 . 2009-03-06 14:19 286208 ------w- c:\windows\system32\dllcache\pdh.dll
2009-07-09 13:41 . 2009-02-09 11:22 111104 ------w- c:\windows\system32\dllcache\services.exe
2009-07-09 13:41 . 2009-02-09 10:51 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-07-09 13:41 . 2009-02-09 10:51 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-07-09 13:41 . 2009-02-09 10:51 734720 ------w- c:\windows\system32\dllcache\lsasrv.dll
2009-07-09 13:41 . 2009-02-09 10:51 736256 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-07-09 13:41 . 2009-02-09 10:51 683520 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-07-09 13:41 . 2009-02-09 10:51 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-07-09 13:32 . 2008-04-21 21:14 219136 ------w- c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-19 09:39 . 2005-07-06 21:36 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-09 15:59 . 1979-12-31 22:00 49704 ----a-w- c:\windows\system32\perfc010.dat
2009-07-09 15:59 . 1979-12-31 22:00 349726 ----a-w- c:\windows\system32\perfh010.dat
2009-07-09 14:03 . 2009-07-09 14:03 -------- d-----w- c:\programmi\Alice ti aiuta
2009-07-09 14:03 . 2009-07-09 14:03 2232 ----a-w- c:\windows\java\Packages\Data\TRV5R75R.DAT
2009-07-09 14:03 . 2009-07-09 14:03 155995 ----a-w- c:\windows\java\Packages\DJJPNNXB.ZIP
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\7JVPZPNB.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\O5ZRTBH7.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\LFZT7R3D.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\9VVFLBRL.DAT
2009-07-09 14:03 . 2009-07-09 14:03 2678 ----a-w- c:\windows\java\Packages\Data\2TBVTB9B.DAT
2009-06-16 14:36 . 1979-12-31 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 1979-12-31 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:09 . 1979-12-31 22:00 1296384 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:32 . 1979-12-31 22:00 347648 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:45 . 1979-12-31 22:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:44 . 1979-12-31 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-24 16:22 . 2009-07-09 18:58 137208 ----a-w- c:\programmi\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-18_22.35.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-19 14:16 . 2009-07-19 14:16 16384 c:\windows\Temp\Perflib_Perfdata_758.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-12 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-08-12 102400]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-08-12 684032]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-21 40960]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-03-28 188416]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-24 2880512]
"LManager"="c:\progra~1\LAUNCH~1\LManager.EXE" [2004-10-01 262144]
"ClamWin"="c:\programmi\ClamWin\bin\ClamTray.exe" [2007-08-21 73728]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-09 136600]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-27 68096]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-07-22 88361]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\Bluetooth Software\BTTray.exe [2004-10-1 565309]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=

R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [09/07/2009 15.44.51 8192]
R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [01/01/1980 140288]
S4 ASKUpgrade;ASKUpgrade;c:\programmi\AskBarDis\bar\bin\ASKUpgrade.exe [12/07/2009 15.49.01 234888]
.
Contenuto della cartella 'Scheduled Tasks'

2009-07-19 c:\windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job
- c:\programmi\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]

2009-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.fiorentina.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programmi\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\yc5j2nar.default\
FF - prefs.js: browser.startup.homepage - www.fiorentina.it

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-19 17:01
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-07-19 17.03.16
ComboFix-quarantined-files.txt 2009-07-19 15:03
ComboFix2.txt 2009-07-18 22:36

Pre-Run: 6.061.981.696 byte disponibili
Post-Run: 6.085.427.200 byte disponibili

245 --- E O F --- 2009-07-16 01:29
Akomyr
Newbie
 
Post: 5
Iscritto il: 18/07/09 12:08

Re: problema file IEXPLORER.EXE - Log

Postdi Luke57 » 20/07/09 08:29

Ciao, adesso pare a posto ;)
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "problema file IEXPLORER.EXE - Log":

Problema Windows 10
Autore: asso1998
Forum: Software Windows
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti