Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

security sphere 2012

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Re: security sphere 2012

Postdi COCCOBELLO » 01/10/11 18:06

seleziona tutti gli elementi trovati da malwarebyts
clicca su Rimuovi gli elementi selezionati
riavvia il pc
il log ti uscirà automaticamente e lo salvi sul desktop
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Sponsor
 

Re: security sphere 2012

Postdi torcito » 01/10/11 19:01

sembra che è tutto finito ho i due file di testo, adesso spiegami bene questi passaggi:
Allega i log delle scansioni di
Malwarebytes Anti-Malware
Combofix
caricali da qui
http://wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file
Clicca su Upload file
Seleziona Forum Link, copialo e incolla il link in un nuovo messaggio per il forumCOCCOBELLO
Utente Senior

1) come allegare i log delle scanzioni di Malwarebytes Anti-Malware
2)sono andato su http://wikisend.com/ ho cliccato su sfoglia ho selezionato il file estratto con Malwarebytes"mbam-log-2011-10-01" ho cliccato su upload file e lo ha aperto. devo ripetere la stessa operazione con combofix?
3)seleziona forum link da dove sempre dal sito http://wikisend.com/.
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 01/10/11 19:11

si devi allegarne 2
1 di malwarebytes e l'altro di combofix
1 alla volta
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 01/10/11 19:20

cosa vuol dire questo"Seleziona Forum Link, copialo e incolla il link in un nuovo messaggio per il forumCOCCOBELLO"
che ti devo copiare i due file anche qui?
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 01/10/11 19:24

si dopo che hai Cliccato su Upload file
ti esce una pagina con due links
tu Seleziona quella Forum Link, copialo e incolla il link qui sul forum
in un nuovo messaggio per il forum,come se volessi rispondermi
esempio
Forum link:hosts

io ora devo uscire,devo scappare
tu allega i report,si devono controllare bene
poi li controllo e domani ti aggiorno
ciao buona serata ;)
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 01/10/11 19:30

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Versione database: 7622

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

01/10/2011 19.18.43
mbam-log-2011-10-01 (19-18-43).txt

Tipo di scansione: Scansione completa (A:\|C:\|D:\|E:\|)
Elementi esaminati: 245353
Tempo impiegato: 17 minuti, 12 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 13
Valori di registro infetti: 1
Voci infette nei dati di registro: 0
Cartelle infette: 11
File infetti: 57

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB893839-10F0-4AF9-92FA-B23528F530AF} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UUSEE_base (PUP.Uusee) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UUSEE (PUP.Uusee) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MSSec (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Error Repair Professional_is1 (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web-Mediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\oP21703LiBmF21703 (Rogue.RemovalTool.M) -> Value: oP21703LiBmF21703 -> Quarantined and deleted successfully.

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
c:\documents and settings\Giuseppe\dati applicazioni\netpumper (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programmi\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\programmi\error repair professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\startbug (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu avvio\programmi\error repair professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

File infetti:
c:\documents and settings\Giuseppe\dati applicazioni\thinstall\speedconnect internet accelerator v.7.5\30000000d900002i\DW20.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\kaspersky2009trialreset\box_ktr_v2.5a\box_ktr_v2.5a.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\mirc\html.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\mirc\mirc v6.34 crack.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\utility pc\penna\mirc\html.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\utility pc\penna\mirc\mirc v6.34 crack.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\nuova cartella\utility pc\penna\winrar.3.91.beta.2.32bit.64bit.fff.dm999\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\documenti\downloads\adobe photoshop cs5 extended [32bit+64bit]\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\documenti\downloads\box_ktr_v2.5a\box_ktr_v2.5a.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\impostazioni locali\dati applicazioni\TVLC\Sandbox\2009.12.14t00.29\Virtual\STUBEXE\@programfiles@\TVLC\TVLC.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\impostazioni locali\dati applicazioni\TVLC\Sandbox\2009.12.14t00.29\Virtual\STUBEXE\@programfiles@\VideoLAN\VLC\vlc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\errorrepairprofessional.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\file comuni\uusee\uninst.exe (PUP.Uusee) -> Quarantined and deleted successfully.
c:\programmi\softvision\crossvision super enalotto\CVSE303.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
c:\programmi\uusee\bass-plugins.exe (PUP.Uusee) -> Quarantined and deleted successfully.
c:\programmi\uusee\uninstuusee.exe (PUP.Uusee) -> Quarantined and deleted successfully.
c:\programmi\WinRAR\winrar v3.8 multilingual patch-true.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\0.19165636880466197.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\0.20800756442962953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\0.3119213033500049.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\emule download\download speedupmypc 2011serials securely with new secured browser\securedeie_cl_sv_lw_-1253606917.exe (AdwareSecuredIE) -> Quarantined and deleted successfully.
e:\emule download\programmi superenalotto\softvision + cr-ak ita(lotto, superenalotto, totogol)\softvision\Crack\crossvision superenalotto 3.0.3\CVSE303.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
e:\mirc\html.dll (Trojan.Agent) -> Quarantined and deleted successfully.
e:\mirc\mirc v6.34 crack.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
e:\winrar.3.9.beta.2\CRACK\winrar.3.9.beta.2-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
e:\winrar.3.9.beta.2\CRACK\winrar.3.9.beta.2-patch\winrar.3.9.beta.2-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\dati applicazioni\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
c:\programmi\windows\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\documents and settings\all users\dati applicazioni\op21703libmf21703\op21703libmf21703.exe (Rogue.RemovalTool.M) -> Quarantined and deleted successfully.
c:\programmi\Bifrost\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\autostart.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\unins000.dat (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\unins000.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_10-59-50_19-7-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_11-33-51_11-6-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_11-41-42_11-6-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_13-27-21_22-12-2009.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_14-57-57_21-1-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_14-6-52_30-4-2011.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_15-0-54_21-1-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_16-0-26_23-4-2011.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_17-0-13_30-1-2011.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_18-13-56_19-9-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_19-45-3_30-4-2011.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_21-55-16_11-9-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_22-40-22_30-11-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_7-7-19_3-5-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_8-29-25_4-1-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\error repair professional\Backups\backup_9-34-52_4-1-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\webmediaplayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\programmi\webmediaplayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu avvio\programmi\error repair professional\error repair professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu avvio\programmi\error repair professional\uninstall error repair professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
c:\documents and settings\Giuseppe\Desktop\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi torcito » 01/10/11 19:31

ComboFix 11-09-30.05 - Giuseppe 01/10/2011 19.30.52.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2815.2354 [GMT 2:00]
Eseguito da: c:\documents and settings\Giuseppe\Desktop\abc.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Condizioni generali.url
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Disinstalla.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Riservatezza.url
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\WebMediaPlayer.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Website.url
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\~DFK68129.tmp
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\1eaadjc.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\bass.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\kfgresk.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\mjcriu.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\peaadje.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\qwadjb.dll
c:\documents and settings\Giuseppe\Dati applicazioni\Microsoft\rsaadjd.dll
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Giuseppe\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\dduulkc.dat
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\dduulkc_nav.dat
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\dduulkc_navps.dat
c:\documents and settings\Giuseppe\WINDOWS
c:\programmi\QUAD Utilities
c:\programmi\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\IsUn0410.exe
c:\windows\ST6UNST.000
c:\windows\struct~.ini
c:\windows\system32\comct332.ocx
c:\windows\system32\d3d9caps.dat
c:\windows\system32\MSMAsk32.ocx
c:\windows\unin0410.exe
E:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Files Creati Da 2011-09-01 al 2011-10-01 )))))))))))))))))))))))))))))))))))
.
.
2011-10-01 16:37 . 2011-10-01 16:37 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Malwarebytes
2011-10-01 16:37 . 2011-10-01 16:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-10-01 16:36 . 2011-10-01 16:37 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-10-01 16:36 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-30 14:44 . 2011-09-30 15:32 -------- d-----w- C:\sh4ldr
2011-09-30 14:44 . 2011-09-30 14:44 -------- d-----w- c:\programmi\Enigma Software Group
2011-09-30 14:43 . 2011-09-30 15:32 -------- d-----w- c:\windows\D3F93A5A7A5D4867B2A16F46500D006C.TMP
2011-09-30 14:43 . 2011-09-30 14:43 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2011-09-30 14:13 . 2011-09-30 14:13 -------- d-----r- c:\documents and settings\NetworkService\Preferiti
2011-09-30 13:16 . 2011-10-01 17:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\oP21703LiBmF21703
2011-09-20 17:00 . 2011-09-20 17:00 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Uniblue
2011-09-15 17:50 . 2011-09-15 17:50 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\BabylonToolbar
2011-09-12 16:07 . 2011-09-18 18:45 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Toolbar4
2011-09-12 14:09 . 2011-09-12 14:09 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Burraconline
2011-09-12 14:04 . 2011-09-12 14:04 -------- d-----w- c:\programmi\Burraconline
2011-09-12 13:56 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-09-12 13:56 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-09-12 13:56 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-09-12 13:56 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-09-09 19:52 . 2011-09-18 18:47 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PUpdBHO
2011-09-09 19:52 . 2011-09-18 18:47 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PService
2011-09-09 19:52 . 2011-09-10 10:27 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd
2011-09-09 08:44 . 2011-09-09 08:44 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\DVDVideoSoftIEHelpers
2011-09-09 08:43 . 2011-09-18 18:42 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-18 18:39 . 2010-01-09 17:49 47360 -c--a-w- c:\documents and settings\Giuseppe\Dati applicazioni\pcouffin.sys
2011-09-12 16:00 . 2011-02-25 21:52 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-09-12 15:59 . 2011-03-01 13:09 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-09-12 15:59 . 2011-02-25 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-09-10 18:25 . 2011-02-25 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2009-11-09 08:40 . 2009-11-09 08:40 586240 -c--a-w- c:\programmi\SSSP_Cccam1.3.1.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\programmi\ConduitEngine\ConduitEngine.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CheckRubAnniversari"="c:\documents and settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\chkrub_cdi.exe" [2009-08-03 630272]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-17 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-07-21 208616]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^EPSON Status Monitor 3 Environment Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\EPSON Status Monitor 3 Environment Check.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Giuseppe^Menu Avvio^Programmi^Esecuzione automatica^Xfire.lnk]
path=c:\documents and settings\Giuseppe\Menu Avvio\Programmi\Esecuzione automatica\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 -c--a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 -c--a-w- c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-13 17:14 1695232 ------w- c:\programmi\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-31 06:35 86016 -c--a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-31 06:35 1622016 -c--a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 14:26 406016 -c--a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-06-18 16:17 148888 -c--a-w- c:\programmi\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-06-24 14:41 247144 -c--a-w- c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-01-21 10:40 395640 ----a-w- c:\programmi\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UUSEE]
2008-01-14 09:52 432904 -c--a-w- c:\programmi\uusee\UUSeePlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\italian\\setup.exe"=
"c:\\Programmi\\uusee\\UUSeePlayer.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
.
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 18.29.38 33808]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [24/06/2010 16.41.38 92008]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 19.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17.06.48 24592]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/02/2011 23.08.10 136176]
S2 PowerOffer Upd Service;ServiceUpd;c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd\ServiceUpd.exe [09/09/2011 21.52.19 26112]
S3 esgiguard;esgiguard;\??\c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [15/02/2011 23.08.10 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [09/01/2010 19.49.02 47360]
S3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [19/09/2010 17.37.11 627288]
S3 ZD1211BU(SBS);SBS BW254 Wireless Wireless LAN Driver(SBS);c:\windows\system32\drivers\ZD1211BU.sys [21/12/2009 22.25.35 500736]
.
Contenuto della cartella 'Scheduled Tasks'
.
2010-06-29 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8269502706.job
- c:\programmi\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-02-15 21:08]
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-02-15 21:08]
.
2011-08-21 c:\windows\Tasks\NeroLiveEpgUpdate-FAG-65354EA14BE_Giuseppe.job
- c:\programmi\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 11:51]
.
2011-10-01 c:\windows\Tasks\User_Feed_Synchronization-{EC8C2FBE-F613-47B9-A351-2385EE3DA6A4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss ... 966b21be1/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Trusted Zone: videocoolstreaming.us
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKCU-Run-SpeedUpMyPC - c:\programmi\Uniblue\SpeedUpMyPC\launcher.exe
MSConfigStartUp-Babylon Client - c:\programmi\Babylon\Babylon-Pro\Babylon.exe
MSConfigStartUp-eBayToolbar - c:\programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
MSConfigStartUp-Google IME Autoupdater - c:\programmi\Google\Google Pinyin\GooglePinyinDaemon.exe
MSConfigStartUp-QuickTime Task - c:\programmi\QuickTime\qttask.exe
MSConfigStartUp-Skype - c:\programmi\Skype\Phone\Skype.exe
MSConfigStartUp-swg - c:\programmi\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
MSConfigStartUp-VoipZoom - c:\programmi\VoipZoom.com\VoipZoom\VoipZoom.exe
MSConfigStartUp-{55B7BA07-0CBF-4EAB-1D5C-72A02A1A0730} - c:\documents and settings\Giuseppe\Dati applicazioni\Dourk\oqkoz.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-01 19:43
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(3576)
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\msls31.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\System32\ping.exe
.
**************************************************************************
.
Ora fine scansione: 2011-10-01 19:46:53 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-10-01 17:46
.
Pre-Run: 26.996.404.224 byte disponibili
Post-Run: 26.995.478.528 byte disponibili
.
- - End Of File - - 8BE2172A845CD0BB4BDBFB420C14FA59
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi torcito » 01/10/11 19:33

ok ci sentiamo domani spero di aver fatto tutto bene
ciao
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 09:14

Fai un click destro in un punto vuoto del Desktop
crea un Nuovo Documento di testo
Ci copi e incolli dentro il Nuovo Documento di testo il codice che vedi sotto,
e lo salvi con il nome CFScript.txt
e trascinalo sull'icona di ComboFix.
partirà la scansione attendi la fine senza toccare niente
se chiede il riavvio del pc riavvia
Posta il log aggiornato di combofix
Immagine

Codice: Seleziona tutto
KillAll::

File::
c:\windows\D3F93A5A7A5D4867B2A16F46500D006C.TMP
c:\programmi\SSSP_Cccam1.3.1.exe
c:\programmi\ConduitEngine\ConduitEngine.dll
c:\programmi\uusee\UUSeePlayer.exe
c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys
c:\programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
c:\programmi\Babylon\Babylon-Pro\Babylon.exe
c:\documents and settings\Giuseppe\Dati applicazioni\Dourk\oqkoz.exe

Driver::
esgiguard

Folder::
c:\documents and settings\All Users\Dati applicazioni\oP21703LiBmF21703
c:\documents and settings\Giuseppe\Dati applicazioni\BabylonToolbar
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PUpdBHO
c:\programmi\Enigma Software Group
c:\programmi\ConduitEngine
c:\programmi\uusee
c:\programmi\eBay\eBay Toolbar2
c:\programmi\Babylon\Babylon-Pro

DirLook::
C:\sh4ldr

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UUSEE]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

DDS::
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss ... 966b21be1/
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 02/10/11 13:09

ciao ti invio il log aggiornato:

ComboFix 11-09-30.05 - Giuseppe 02/10/2011 12.22.26.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2815.2365 [GMT 2:00]
Eseguito da: c:\documents and settings\Giuseppe\Desktop\abc.exe
Opzioni usate :: c:\documents and settings\Giuseppe\Desktop\CFScript.txt.txt
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
FILE ::
"c:\documents and settings\Giuseppe\Dati applicazioni\Dourk\oqkoz.exe"
"c:\programmi\Babylon\Babylon-Pro\Babylon.exe"
"c:\programmi\ConduitEngine\ConduitEngine.dll"
"c:\programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe"
"c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys"
"c:\programmi\SSSP_Cccam1.3.1.exe"
"c:\programmi\uusee\UUSeePlayer.exe"
"c:\windows\D3F93A5A7A5D4867B2A16F46500D006C.TMP"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\oP21703LiBmF21703
c:\documents and settings\All Users\Dati applicazioni\oP21703LiBmF21703\oP21703LiBmF21703
c:\documents and settings\Giuseppe\Dati applicazioni\BabylonToolbar
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PUpdBHO
c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PUpdBHO\settings\settings.ini
c:\programmi\ConduitEngine
c:\programmi\ConduitEngine\appContextMenu.xml
c:\programmi\ConduitEngine\ConduitEngine.dll
c:\programmi\ConduitEngine\ConduitEngineHelper.exe
c:\programmi\ConduitEngine\engineContextMenu.xml
c:\programmi\ConduitEngine\EngineSettings.json
c:\programmi\ConduitEngine\toolbar.cfg
c:\programmi\Enigma Software Group
c:\programmi\Enigma Software Group\SpyHunter\Data\dns.dat
c:\programmi\Enigma Software Group\SpyHunter\Defs\cmp_2011092901.def
c:\programmi\Enigma Software Group\SpyHunter\gil.dat
c:\programmi\Enigma Software Group\SpyHunter\INSTALL.LOG
c:\programmi\Enigma Software Group\SpyHunter\Log\SpyHunter4_20110930_164419.log
c:\programmi\Enigma Software Group\SpyHunter\mon\autoexec.bat.bk
c:\programmi\Enigma Software Group\SpyHunter\mon\hosts.bk
c:\programmi\Enigma Software Group\SpyHunter\mon\system.ini.bk
c:\programmi\Enigma Software Group\SpyHunter\mon\win.ini.bk
c:\programmi\Enigma Software Group\SpyHunter\safeol.dat
c:\programmi\Enigma Software Group\SpyHunter\scanlog.log
c:\programmi\Enigma Software Group\SpyHunter\SH4.com
c:\programmi\Enigma Software Group\SpyHunter\supportlog.txt
c:\programmi\Enigma Software Group\SpyHunter\unkcache.dat
c:\programmi\SSSP_Cccam1.3.1.exe
c:\programmi\uusee
c:\programmi\uusee\AD\1\000\index_new.html
c:\programmi\uusee\AD\1\000\uue_new.jpg
c:\programmi\uusee\AD\1\001\index_new.html
c:\programmi\uusee\AD\1\001\uue_new.jpg
c:\programmi\uusee\AD\1\cy\cy.html
c:\programmi\uusee\AD\1\dm\dm.html
c:\programmi\uusee\AD\1\dsj\dsj.html
c:\programmi\uusee\AD\1\dst\dst.html
c:\programmi\uusee\AD\1\dy\dy.html
c:\programmi\uusee\AD\1\jk\jk.html
c:\programmi\uusee\AD\1\ty\ty.html
c:\programmi\uusee\AD\1\uu\uu.html
c:\programmi\uusee\AD\1\yl\yl.html
c:\programmi\uusee\AD\1\yx\yx.html
c:\programmi\uusee\AD\1\zx\zx.html
c:\programmi\uusee\AD\2\100\index.html
c:\programmi\uusee\AD\2\200\index.html
c:\programmi\uusee\AD\2\300\index.html
c:\programmi\uusee\AD\2\400\index.html
c:\programmi\uusee\AD\UUAD_Banner_1.html
c:\programmi\uusee\AD\UUAD_Banner_3.html
c:\programmi\uusee\AD\UUAD_Buffering.html
c:\programmi\uusee\AD\UUAD_Buffering.jpg
c:\programmi\uusee\AD\UUAD_TextLink_0.xml
c:\programmi\uusee\channelid_chatid.txt
c:\programmi\uusee\skins\UUPlayer\About.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Compact_1.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Compact_2.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Compact_3.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_FullScreen_1.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_FullScreen_2.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_FullScreen_3.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_pause_1.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_pause_2.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_pause_3.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_pause_4.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Recording_1.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Recording_2.bmp
c:\programmi\uusee\skins\UUPlayer\Control_Button_Recording_3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_Edit_1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_Edit_4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_PushButton_1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_PushButton_2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_PushButton_3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_PushButton_4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_4.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C1.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C2.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C3.bmp
c:\programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C4.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Back.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Detect.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Frame_1.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Frame_2.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Frame_3.bmp
c:\programmi\uusee\skins\UUPlayer\Dlg_Record_Task_1.bmp
c:\programmi\uusee\skins\UUPlayer\Icon_Information.bmp
c:\programmi\uusee\skins\UUPlayer\Icon_Question.bmp
c:\programmi\uusee\skins\UUPlayer\Icon_Stop.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_1.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_2.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_3.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_ArrowD.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_ArrowU.bmp
c:\programmi\uusee\skins\UUPlayer\ListHeader_SP.bmp
c:\programmi\uusee\skins\UUPlayer\Play_Window_Rec_icon.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_Block_1.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_Block_2.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_Block_3.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_Block_4.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_0.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_1.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_2.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_3.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_4.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_5.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_6.bmp
c:\programmi\uusee\skins\UUPlayer\Progressbar_BM_7.bmp
c:\programmi\uusee\skins\UUPlayer\Resource.h
c:\programmi\uusee\skins\UUPlayer\Setting_Group_1_1.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_1_2.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_1_3.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_2_1.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_2_2.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_2_3.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_3_1.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_3_2.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_3_3.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_4_1.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_4_2.bmp
c:\programmi\uusee\skins\UUPlayer\Setting_Group_4_3.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Button_1_1.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Button_1_2.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Button_1_3.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_1.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_2.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_3.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_x1.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_x2.bmp
c:\programmi\uusee\skins\UUPlayer\Sidebar_Group_x3.bmp
c:\programmi\uusee\skins\UUPlayer\Thumbs.db
c:\programmi\uusee\skins\UUPlayer\Titlebar_button_Res_1.bmp
c:\programmi\uusee\skins\UUPlayer\Titlebar_button_Res_2.bmp
c:\programmi\uusee\skins\UUPlayer\Titlebar_button_Res_3.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_1.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_2.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_3.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_1.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_2.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_3.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_1.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_2.bmp
c:\programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_3.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Browse.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Browse1.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Play.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Play1.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Record.bmp
c:\programmi\uusee\skins\UUPlayer\TopTab_Record1.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_Arrow.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_Collapse.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_Expand.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_Header.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBar_D.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBar_H.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBar_N.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBar_S.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_D.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_H.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_N.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_S.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_SortIconDown.bmp
c:\programmi\uusee\skins\UUPlayer\Tree_SortIconUp.bmp
c:\programmi\uusee\skins\UUPlayer\UUSEE.ui
c:\programmi\uusee\skins\UUPlayer\Volume_Bar_Block_1.bmp
c:\programmi\uusee\skins\UUPlayer\Volume_Bar_Block_2.bmp
c:\programmi\uusee\skins\UUPlayer\Volume_Bar_Block_3.bmp
c:\programmi\uusee\skins\UUPlayer\Volume_Button_2_1.bmp
c:\programmi\uusee\skins\UUPlayer\Volume_Button_2_2.bmp
c:\programmi\uusee\skins\UUPlayer\Volume_Button_2_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Browser_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Browser_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Browser_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_ChannelInfo.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_ChannelInfo_5.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Control_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Control_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Control_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Control_4.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Info.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Main_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Main_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Main_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Main_5.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Play_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Play_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Play_5.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Record_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Record_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Record_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Record_4.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Setting_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Setting_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Setting_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Side_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Side_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Side_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Toolbar_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Toolbar_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Toolbar_3.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Toolbar_4.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Top_1.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Top_2.bmp
c:\programmi\uusee\skins\UUPlayer\Wnd_Top_3.bmp
c:\programmi\uusee\UUPlayer.dll
c:\programmi\uusee\UUPlayer_update.ini
c:\programmi\uusee\UUSee.url
c:\programmi\uusee\UUSeePlayer.exe
c:\programmi\uusee\UUTV_Chat.xml
c:\programmi\uusee\UUTV_MY.xml
c:\programmi\uusee\UUTV_UUPlayer.xml
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Service_esgiguard
.
.
((((((((((((((((((((((((( Files Creati Da 2011-09-02 al 2011-10-02 )))))))))))))))))))))))))))))))))))
.
.
2011-10-01 16:37 . 2011-10-01 16:37 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Malwarebytes
2011-10-01 16:37 . 2011-10-01 16:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-10-01 16:36 . 2011-10-01 16:37 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-10-01 16:36 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-30 14:44 . 2011-09-30 15:32 -------- d-----w- C:\sh4ldr
2011-09-30 14:43 . 2011-09-30 15:32 -------- d-----w- c:\windows\D3F93A5A7A5D4867B2A16F46500D006C.TMP
2011-09-30 14:43 . 2011-09-30 14:43 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2011-09-30 14:13 . 2011-09-30 14:13 -------- d-----r- c:\documents and settings\NetworkService\Preferiti
2011-09-20 17:00 . 2011-09-20 17:00 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Uniblue
2011-09-12 16:07 . 2011-09-18 18:45 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Toolbar4
2011-09-12 14:09 . 2011-09-12 14:09 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Burraconline
2011-09-12 14:04 . 2011-09-12 14:04 -------- d-----w- c:\programmi\Burraconline
2011-09-12 13:56 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-09-12 13:56 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-09-12 13:56 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-09-12 13:56 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-09-09 19:52 . 2011-09-18 18:47 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\PService
2011-09-09 19:52 . 2011-09-10 10:27 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd
2011-09-09 08:44 . 2011-09-09 08:44 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\DVDVideoSoftIEHelpers
2011-09-09 08:43 . 2011-09-18 18:42 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-18 18:39 . 2010-01-09 17:49 47360 -c--a-w- c:\documents and settings\Giuseppe\Dati applicazioni\pcouffin.sys
2011-09-12 16:00 . 2011-02-25 21:52 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-09-12 15:59 . 2011-03-01 13:09 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-09-12 15:59 . 2011-02-25 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-09-10 18:25 . 2011-02-25 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\sh4ldr ----
.
2011-09-30 14:44 . 2011-09-30 14:44 8192 ----a-w- c:\sh4ldr\shldr.mbr
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-01_17.42.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-02 10:36 . 2011-10-02 10:36 16384 c:\windows\temp\Perflib_Perfdata_70c.dat
+ 2009-04-09 06:42 . 2011-10-02 10:35 827424 c:\windows\system32\drivers\fidbox2.dat
- 2009-04-09 06:42 . 2011-10-01 17:40 827424 c:\windows\system32\drivers\fidbox2.dat
+ 2009-04-09 06:42 . 2011-10-02 10:35 3992608 c:\windows\system32\drivers\fidbox.dat
- 2009-04-09 06:42 . 2011-10-01 17:40 3992608 c:\windows\system32\drivers\fidbox.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CheckRubAnniversari"="c:\documents and settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\chkrub_cdi.exe" [2009-08-03 630272]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-17 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-07-21 208616]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^EPSON Status Monitor 3 Environment Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\EPSON Status Monitor 3 Environment Check.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Giuseppe^Menu Avvio^Programmi^Esecuzione automatica^Xfire.lnk]
path=c:\documents and settings\Giuseppe\Menu Avvio\Programmi\Esecuzione automatica\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 -c--a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 -c--a-w- c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-13 17:14 1695232 ------w- c:\programmi\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-31 06:35 86016 -c--a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-31 06:35 1622016 -c--a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 14:26 406016 -c--a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-06-18 16:17 148888 -c--a-w- c:\programmi\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-06-24 14:41 247144 -c--a-w- c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-01-21 10:40 395640 ----a-w- c:\programmi\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\italian\\setup.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
.
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 18.29.38 33808]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [24/06/2010 16.41.38 92008]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 19.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17.06.48 24592]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/02/2011 23.08.10 136176]
S2 PowerOffer Upd Service;ServiceUpd;c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd\ServiceUpd.exe [09/09/2011 21.52.19 26112]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [15/02/2011 23.08.10 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [09/01/2010 19.49.02 47360]
S3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [19/09/2010 17.37.11 627288]
S3 ZD1211BU(SBS);SBS BW254 Wireless Wireless LAN Driver(SBS);c:\windows\system32\drivers\ZD1211BU.sys [21/12/2009 22.25.35 500736]
.
Contenuto della cartella 'Scheduled Tasks'
.
2010-06-29 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8269502706.job
- c:\programmi\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]
.
2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-02-15 21:08]
.
2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-02-15 21:08]
.
2011-08-21 c:\windows\Tasks\NeroLiveEpgUpdate-FAG-65354EA14BE_Giuseppe.job
- c:\programmi\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 11:51]
.
2011-10-02 c:\windows\Tasks\User_Feed_Synchronization-{EC8C2FBE-F613-47B9-A351-2385EE3DA6A4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Scansione supplementare -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: videocoolstreaming.us
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 12:37
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(2128)
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\msls31.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\savedump.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\windows\system32\PnkBstrA.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Ora fine scansione: 2011-10-02 12:40:59 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-10-02 10:40
ComboFix2.txt 2011-10-01 17:46
.
Pre-Run: 26.926.010.368 byte disponibili
Post-Run: 26.897.244.160 byte disponibili
.
- - End Of File - - 0B3687F6E96B08721EB300AB251B0296
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 13:35

Ok

ora finiamo il tutto

adesso
scarica
Glary Utilities
http://www.glarysoft.com/products/utili ... /download/
salvalo sul desktop,
Installalo

aprilo
sulla voce Menu clicca su - Settings
imposta la lingua Italiana e clicca su OK

nella sezione Eliminazione tracce clicca su Opzioni -poi su Seleziona tracce da eliminare
Seleziona tutte le voci che vedi e clicca su OK

sulla voce Manutenzione 1-Click
metti la spunta su tutte le voci,come vedi nell'immagine sotto
e clicca su Ricerca Problemi
Immagine
a fine scansione
clicca su Ripara Problemi
e attendi la fine dell'operazione

poi
scarica HiJackThis da qui
http://www.trendmicro.com/ftp/products/ ... ckThis.msi
salvalo sul Desktop
installa HiJackThis
clicca sul pulsante Do a system scan and save a logfile
alla fine ti apparirà un log in formato documento di testo salvalo sul desktop e postalo qui
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 02/10/11 13:59

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15.06.51, on 02/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\internet explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\internet explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [CheckRubAnniversari] C:\Documents and Settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\chkrub_cdi.exe "C:\Documents and Settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\PB.rub" "I"
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.videocoolstreaming.us
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceUpd (PowerOffer Upd Service) - ServiceUpd - C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd\ServiceUpd.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O24 - Desktop Component 0: (no name) - http://profile.ak.fbcdn.net/hprofile-ak ... 0179_n.jpg

--
End of file - 8492 bytes
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 14:12

Rilancia HijackThis:
e: clicca sul pulsante Do a system scan only
Chiudi tutti i programmi aperti (browser compreso).
Metti la spunta alle voci che vedi sotto
clicca su Fixchecked
Se vengono rilasciati messaggi clicca su Si

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O4 - HKCU\..\Run: [CheckRubAnniversari] C:\Documents and Settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\chkrub_cdi.exe "C:\Documents and Settings\Giuseppe\Documenti\SeatCDItalia\127_0_0_1\PB.rub" "I"

O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O15 - Trusted Zone: http://*.videocoolstreaming.us

O23 - Service: ServiceUpd (PowerOffer Upd Service) - ServiceUpd - C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\ServiceUpd\ServiceUpd.exe

O24 - Desktop Component 0: (no name) - http://profile.ak.fbcdn.net/hprofile-ak ... 0179_n.jpg


e fai sapere come va il pc
e se hai ancora la schermata blu con il riavvio ;)
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 02/10/11 14:35

il pc sembra che va bene, la schermata blu non è più riapparsa dopo i primi passaggi.
l'unico problema rimasto e che all'avvio ci mette molto a caricare l'antivirus(kaspersky internet security 2009 versione di prova)
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 14:43

se non hai intenzione di acquistarlo dopo il periodo di prova,ti consiglio di disinstallarlo ed installarti uno gratuito,leggero e altrettanto efficace

segui qui come disinstallare Kaspersky
http://www.trucchetti.com/2009/02/02/co ... kaspersky/

Installati questo
Microsoft Security Essentials 2
http://www.microsoft.com/it-it/security ... fault.aspx
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 02/10/11 14:57

ok farò come dici, anche se avevo intenzione di installare avira. mi avevano detto che anche questo è un buon antivirus ed è anche leggero. sul portatile ho avg mi consigli di tenerlo o di sostituire anche questo, se lo devo sostituire esiste una procedura da seguire?
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 15:11

Avg ti consiglio di disinstallarlo
scegli Avira o Microsoft security Essentials2
sono i migliori tra quelli free

Microsoft security Essentials2
te lo consiglio per te,e molto leggero e facile da usare e configurare ;)
ed Offre un elevata protezzione in tempo reale soprattutto per le connessioni di rete.quando navighi in internet da virus e Spyware,piu' efficace di avira ;)
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 15:14

Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: security sphere 2012

Postdi torcito » 02/10/11 15:22

per microsoft security essentials2 devi avere per forza windows originale?, se non sbaglio è un prodotto della microsoft.
per avira esiste una procedura di disinstallazione o si disinstalla facilmente?
torcito
Utente Junior
 
Post: 33
Iscritto il: 30/09/11 17:10

Re: security sphere 2012

Postdi COCCOBELLO » 02/10/11 15:27

torcito ha scritto:per microsoft security essentials2 devi avere per forza windows originale?,

si ma non per il tuo sistema operativo, dai vista in su
avira si disinstalla da installazioni applicazioni
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

PrecedenteProssimo

Torna a Sicurezza e Privacy


Topic correlati a "security sphere 2012":

f1 2012
Autore: tommas77
Forum: Software Windows
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti