Condividi:        

risolvere problema system, errore di run-time '6':overflow

Risolvi qui i tuoi problemi legati a Windows '95, '98, ME, NT, 2000, XP, 2003, Vista...

Moderatori: m.paolo, antoo69, -> EleKtrA <-

risolvere problema system, errore di run-time '6':overflow

Postdi pintuloffio » 21/04/10 09:40

Salve a tutti io ho lo stesso problema che si verifica quando utilizzo Sismicad...come sistema operativo ho Vista.
Vi allego il log di Hijack
Codice: Seleziona tutto
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10.23.16, on 21/04/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\PIERAN~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: IE BHO Helper - {b879dc47-7f5a-4973-a570-1e03a60c7c02} - C:\Program Files\ToolbarPorno\adxloader.dll (file missing)
O2 - BHO: (no name) - {cba0ec77-dd2c-4d2a-8853-94e4a8092822} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {9e26c99f-6954-4e1e-80d4-de6dc4777ab3} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [AliceRV_McciTrayApp] C:\Program Files\Alice ti aiuta\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe /tray
O4 - HKCU\..\Run: [cxtad] "c:\users\pierangelo\appdata\local\cxtad.exe" cxtad
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Users\Pierangelo\Desktop\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: SETAUDIO.EXE
O4 - Global Startup: SETRES.EXE
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: BarDiscover Service - Unknown owner - C:\ProgramData\BarDiscover\bardiscover121.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Servizio di Google Update (gupdate1c9b2fc3056d6f0) (gupdate1c9b2fc3056d6f0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12125 bytes
pintuloffio
Newbie
 
Post: 6
Iscritto il: 21/04/10 09:33

Sponsor
 

Re: risolvere problema system, errore di run-time '6':overflow

Postdi -> EleKtrA <- » 22/04/10 12:30

Benvenuto pintuloffio, dal log di hijackthis si vedono delle infezioni.

Disattiva momentaneamente l'antivirus
Scarica Combofix | Tutorial
Tasto destro sull'exe, esegui come amministratore
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.
“Ieri è storia, domani è mistero, ma oggi è un dono... per questo si chiama presente!”.
Avatar utente
-> EleKtrA <-
Moderatore
 
Post: 436
Iscritto il: 11/12/08 12:50

Re: risolvere problema system, errore di run-time '6':overflow

Postdi pintuloffio » 22/04/10 16:00

ecco la risposta.....
Codice: Seleziona tutto
ComboFix 10-04-21.01 - Pierangelo 22/04/2010  16.39.00.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3069.2256 [GMT 2:00]
Eseguito da: c:\users\Pierangelo\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ShoppingReport
c:\program files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll
c:\program files\ShoppingReport\Uninst.exe
c:\users\Pierangelo\AppData\Local\cxtad.dat
c:\users\Pierangelo\AppData\Local\cxtad_nav.dat
c:\users\Pierangelo\AppData\Local\cxtad_navps.dat
c:\users\Pierangelo\AppData\Roaming\.#
c:\windows\system32\lsprst7.dll

.
(((((((((((((((((((((((((   Files Creati Da 2010-03-22 al 2010-04-22  )))))))))))))))))))))))))))))))))))
.

2010-04-22 14:47 . 2010-04-22 14:48   --------   d-----w-   c:\users\Pierangelo\AppData\Local\temp
2010-04-22 14:47 . 2010-04-22 14:47   --------   d-----w-   c:\users\Default\AppData\Local\temp
2010-04-21 17:27 . 2010-04-21 17:27   242696   ----a-w-   c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-21 17:26 . 2010-04-21 17:26   1689952   ----a-w-   c:\programdata\avg9\update\backup\avgupd.dll
2010-04-21 13:12 . 1998-06-17 22:00   89360   ----a-w-   c:\windows\system32\VB5DB.DLL
2010-04-21 08:22 . 2010-04-21 08:22   388096   ----a-r-   c:\users\Pierangelo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-04-21 08:22 . 2010-04-21 08:22   --------   d-----w-   c:\program files\Trend Micro
2010-04-17 18:44 . 2010-04-17 18:44   253952   ------w-   c:\windows\Setup1.exe
2010-04-17 18:44 . 2010-04-17 18:44   74752   ----a-w-   c:\windows\ST6UNST.EXE
2010-04-15 13:52 . 2010-04-14 18:49   61712   ----a-w-   c:\programdata\BarDiscover\bardiscover121.exe
2010-04-14 12:48 . 2010-02-23 11:10   212992   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 12:48 . 2010-02-23 11:10   79360   ----a-w-   c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 12:48 . 2010-02-23 11:10   106496   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 12:48 . 2010-02-18 14:07   3600776   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2010-04-14 12:48 . 2010-02-18 14:07   3548040   ----a-w-   c:\windows\system32\ntoskrnl.exe
2010-04-14 12:48 . 2010-03-05 14:01   420352   ----a-w-   c:\windows\system32\vbscript.dll
2010-04-14 12:47 . 2010-02-18 14:07   904576   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2010-04-14 12:47 . 2010-02-18 13:30   200704   ----a-w-   c:\windows\system32\iphlpsvc.dll
2010-04-14 12:47 . 2010-02-18 11:28   25088   ----a-w-   c:\windows\system32\drivers\tunnel.sys
2010-04-14 12:41 . 2009-12-23 11:33   172032   ----a-w-   c:\windows\system32\wintrust.dll
2010-04-14 12:41 . 2010-01-13 17:34   98304   ----a-w-   c:\windows\system32\cabview.dll
2010-04-10 15:55 . 2010-04-10 15:55   1035032   ----a-w-   c:\programdata\avg9\update\backup\avgupd.exe
2010-03-30 16:41 . 2010-03-30 16:41   --------   d-----w-   c:\program files\eMule
2010-03-30 16:41 . 2010-04-15 21:06   --------   d-----w-   c:\program files\BarDiscover
2010-03-30 16:41 . 2010-04-15 13:52   --------   d-----w-   c:\programdata\BarDiscover
2010-03-30 00:30 . 2010-03-30 00:30   --------   d-----w-   c:\programdata\eMule AdunanzA
2010-03-30 00:29 . 2010-03-30 00:29   --------   d-----w-   c:\users\Pierangelo\AppData\Local\eMule AdunanzA
2010-03-30 00:25 . 2010-03-30 00:25   --------   d-----w-   c:\program files\AnswerWorks 4.0
2010-03-30 00:25 . 2010-03-30 00:25   --------   d-----w-   c:\windows\system32\1040
2010-03-30 00:25 . 2010-03-30 00:25   --------   d-----w-   c:\windows\system32\Common Files
2010-03-30 00:25 . 2010-03-30 00:29   --------   d-----w-   c:\program files\AutoCAD 2004
2010-03-29 19:20 . 2010-03-30 16:42   --------   d-----w-   c:\programdata\eMule
2010-03-29 19:19 . 2010-03-30 16:41   --------   d-----w-   c:\users\Pierangelo\AppData\Local\eMule
2010-03-24 20:21 . 2010-03-24 20:21   --------   d--h--w-   c:\programdata\CanonIJScan
2010-03-24 20:14 . 2010-03-24 20:14   --------   d-----w-   c:\users\Pierangelo\AppData\Local\IE_BHO_Helper
2010-03-24 20:04 . 2010-03-24 20:04   --------   d-----w-   c:\users\Pierangelo\AppData\Local\assembly
2010-03-23 22:35 . 2010-03-23 22:35   --------   d--h--w-   c:\programdata\CanonIJEGV
2010-03-23 22:24 . 2010-03-23 22:24   --------   d--h--w-   c:\programdata\CanonIJEPPEX
2010-03-23 22:24 . 2010-03-23 22:24   --------   d-----w-   c:\programdata\CanonIJ
2010-03-23 22:24 . 2010-03-24 20:21   --------   d-----w-   c:\users\Pierangelo\AppData\Roaming\Canon
2010-03-23 22:22 . 2010-03-23 22:22   --------   d--h--w-   c:\programdata\CanonIJSolutionMenu
2010-03-23 22:22 . 2010-03-23 22:22   --------   d--h--w-   c:\programdata\CanonIJMyPrinter
2010-03-23 22:22 . 2010-04-18 19:34   --------   d-----w-   c:\programdata\CanonIJPLM
2010-03-23 21:28 . 2010-03-23 21:28   --------   d-----w-   c:\program files\Common Files\CANON
2010-03-23 21:24 . 2010-03-23 21:24   --------   d--h--w-   c:\programdata\CanonBJ
2010-03-23 21:24 . 2009-03-17 04:00   70656   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9W.DLL
2010-03-23 21:24 . 2009-03-17 04:00   27648   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9W.DLL
2010-03-23 21:24 . 2010-03-23 21:24   --------   d--h--w-   c:\windows\system32\CanonIJ Uninstaller Information
2010-03-23 21:24 . 2009-04-03 15:00   1310720   ----a-w-   c:\windows\system32\CNC250C.dll
2010-03-23 21:24 . 2009-04-03 14:59   110592   ----a-w-   c:\windows\system32\CNC250I.dll
2010-03-23 21:24 . 2009-04-03 14:57   106496   ----a-w-   c:\windows\system32\CNC250U.dll
2010-03-23 21:24 . 2009-03-11 10:34   303104   ----a-w-   c:\windows\system32\CNC250L.dll
2010-03-23 21:24 . 2008-08-25 17:02   15872   ----a-w-   c:\windows\system32\CNHMCA.dll
2010-03-23 21:23 . 2009-03-17 04:00   272384   ----a-w-   c:\windows\system32\CNMLM9W.DLL
2010-03-23 21:23 . 2009-02-04 13:17   90112   ----a-w-   c:\windows\system32\CNC250O.dll
2010-03-23 21:23 . 2009-03-18 09:09   178176   ----a-w-   c:\windows\system32\CNMIU9W.DLL
2010-03-23 21:23 . 2010-03-23 21:23   --------   d--h--w-   c:\program files\CanonBJ
2010-03-23 21:21 . 2010-03-23 22:22   --------   d-----w-   c:\program files\Canon
2010-03-23 21:16 . 2010-03-23 21:16   1025   ----a-w-   c:\windows\system32\sysprs7.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-22 14:41 . 2008-01-21 06:30   11437288   ----a-w-   c:\windows\system32\perfh010.dat
2010-04-22 14:41 . 2008-01-21 06:30   4019758   ----a-w-   c:\windows\system32\perfc010.dat
2010-04-22 14:32 . 2009-11-18 13:38   --------   d-----w-   c:\programdata\avg9
2010-04-21 16:58 . 2008-09-04 21:53   28314   ----a-w-   c:\users\Pierangelo\AppData\Roaming\nvModes.dat
2010-04-21 13:14 . 2010-02-16 11:12   --------   d-----w-   c:\users\Pierangelo\AppData\Roaming\Concrete
2010-04-21 13:12 . 2010-02-15 21:16   --------   d-----w-   c:\program files\Common Files\Concrete
2010-04-21 13:11 . 2010-03-01 21:27   --------   d-----w-   c:\program files\Concrete
2010-04-21 13:11 . 2008-04-14 20:10   --------   d--h--w-   c:\program files\InstallShield Installation Information
2010-04-21 08:46 . 2010-02-01 16:58   0   ----a-w-   c:\users\Pierangelo\AppData\Local\prvlcl.dat
2010-04-20 22:38 . 2009-04-01 19:00   --------   d-----w-   c:\program files\Google
2010-04-14 13:42 . 2006-11-02 11:18   --------   d-----w-   c:\program files\Windows Mail
2010-04-14 13:17 . 2008-04-14 21:02   --------   d-----w-   c:\programdata\Microsoft Help
2010-04-10 23:11 . 2008-09-04 22:41   319456   ----a-w-   c:\windows\DIFxAPI.dll
2010-03-30 00:43 . 2008-09-03 23:01   137256   ----a-w-   c:\users\Pierangelo\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-30 00:25 . 2008-09-04 15:06   --------   d-----w-   c:\program files\Common Files\Autodesk Shared
2010-03-30 00:25 . 2008-09-04 15:12   --------   d-----w-   c:\programdata\Autodesk
2010-03-19 16:25 . 2010-03-19 15:28   --------   d-----w-   c:\users\Pierangelo\AppData\Roaming\DAEMON Tools Pro
2010-03-19 15:29 . 2010-03-19 15:29   691696   ----a-w-   c:\windows\system32\drivers\sptd.sys
2010-03-19 15:28 . 2010-03-19 15:28   --------   d-----w-   c:\programdata\DAEMON Tools Pro
2010-03-18 21:43 . 2008-11-27 01:21   --------   d-----w-   c:\users\Pierangelo\AppData\Roaming\Orbit
2010-03-17 11:58 . 2010-03-16 19:20   --------   d-----w-   c:\users\Pierangelo\AppData\Roaming\Apple Computer
2010-03-17 11:58 . 2010-03-16 19:18   --------   d-----w-   c:\program files\iTunes
2010-03-16 19:19 . 2010-03-16 19:18   --------   d-----w-   c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-16 19:18 . 2010-03-16 19:18   --------   d-----w-   c:\program files\iPod
2010-03-16 19:18 . 2010-03-16 19:11   --------   d-----w-   c:\program files\Common Files\Apple
2010-03-16 19:18 . 2010-03-16 19:15   --------   d-----w-   c:\programdata\Apple Computer
2010-03-16 19:17 . 2010-03-16 19:15   --------   d-----w-   c:\program files\QuickTime
2010-03-16 19:14 . 2010-03-16 19:14   --------   d-----w-   c:\program files\Apple Software Update
2010-03-16 19:11 . 2010-03-16 19:11   --------   d-----w-   c:\programdata\Apple
2010-03-16 05:27 . 2008-09-03 23:03   --------   d-----w-   c:\program files\Launch Manager
2010-03-08 11:29 . 2010-03-08 11:29   845   ----a-w-   c:\programdata\tmpC8EC.tmp
2010-03-08 11:28 . 2010-03-08 11:28   845   ----a-w-   c:\programdata\tmp235B.tmp
2010-03-04 08:54 . 2010-03-04 08:54   54784   ----a-w-   c:\windows\system32\drivers\CDAC11BA.EXE
2010-03-04 08:54 . 2010-03-04 08:54   12464   ----a-w-   c:\windows\system32\drivers\CDAC15BA.SYS
2010-03-04 08:54 . 2010-03-04 08:54   --------   d-----w-   c:\program files\Common Files\Macrovision Shared
2010-02-26 11:08 . 2010-02-26 11:08   --------   d-----w-   c:\program files\SafeNet Sentinel
2010-02-26 11:08 . 2010-02-26 11:08   --------   d-----w-   c:\program files\Common Files\SafeNet Sentinel
2010-02-23 06:39 . 2010-03-31 18:46   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 18:46   71680   ----a-w-   c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-31 18:46   109056   ----a-w-   c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-31 18:46   133632   ----a-w-   c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-03-11 22:02   24064   ----a-w-   c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 22:02   30720   ----a-w-   c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 22:02   411648   ----a-w-   c:\windows\system32\drivers\http.sys
2010-02-15 17:41 . 2010-02-15 17:41   72488   ----a-w-   c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-14 19:22 . 2009-07-01 15:33   7592   ----a-w-   c:\users\Pierangelo\AppData\Local\d3d9caps.dat
2010-02-12 10:32 . 2010-03-05 13:54   293376   ----a-w-   c:\windows\system32\browserchoice.exe
2010-01-25 12:00 . 2010-02-23 18:07   471552   ----a-w-   c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-23 18:07   152576   ----a-w-   c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-23 18:07   152064   ----a-w-   c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-23 18:07   471552   ----a-w-   c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-23 18:07   332288   ----a-w-   c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-23 18:07   526336   ----a-w-   c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-23 18:07   346624   ----a-w-   c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-23 18:07   518144   ----a-w-   c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-23 18:07   347136   ----a-w-   c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:26 . 2010-02-23 18:07   2048   ----a-w-   c:\windows\system32\tzres.dll
2009-09-25 16:41 . 2009-09-25 16:41   1044480   ----a-w-   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41   200704   ----a-w-   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-06-16 16:22   1144712   ----a-w-   c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 00:00   39472   ----a-w-   c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-09 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-01-24 102400]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-02-25 518656]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-11-22 178712]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-24 4702208]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-03-11 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-11 88608]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-01-02 707080]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-25 45056]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-4 110592]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-14 535336]
SETAUDIO.EXE [2008-4-4 20480]
SETRES.EXE [2008-4-4 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):eb,5d,69,08,2f,35,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-19 691696]
R2 gupdate1c9b2fc3056d6f0;Servizio di Google Update (gupdate1c9b2fc3056d6f0);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 133104]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
S2 BarDiscover Service;BarDiscover Service;c:\programdata\BarDiscover\bardiscover121.exe [2010-04-14 61712]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-24 179712]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
getPlusHelper   REG_MULTI_SZ      getPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'

2010-04-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 14:45]

2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 19:00]

2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 19:00]
.
.
------- Scansione supplementare -------
.
mStart Page = hxxp://it.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = local
FF - ProfilePath - c:\users\Pierangelo\AppData\Roaming\Mozilla\Firefox\Profiles\w1iaaqok.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://it.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:it:official
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Pierangelo\AppData\Roaming\Mozilla\Firefox\Profiles\w1iaaqok.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{b879dc47-7f5a-4973-a570-1e03a60c7c02} - c:\program files\ToolbarPorno\adxloader.dll
BHO-{cba0ec77-dd2c-4d2a-8853-94e4a8092822} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{9e26c99f-6954-4e1e-80d4-de6dc4777ab3} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-BitComet - c:\program files\BitComet\BitComet.exe
HKCU-Run-cxtad - c:\users\pierangelo\appdata\local\cxtad.exe
HKCU-Run-DAEMON Tools Pro Agent - c:\users\Pierangelo\Desktop\DAEMON Tools Pro\DTProAgent.exe
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-AliceRV_McciTrayApp - c:\program files\Alice ti aiuta\McciTrayApp.exe
AddRemove-cxtad - c:\users\pierangelo\appdata\local\cxtad.bat
AddRemove-JAP - c:\program files\JAP\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-22 16:48
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2010-04-22  16:49:46
ComboFix-quarantined-files.txt  2010-04-22 14:49

Pre-Run: 67.642.523.648 byte disponibili
Post-Run: 68.790.353.920 byte disponibili

- - End Of File - - AC21B1D2B560282ECFFF7344E8D6A63B
pintuloffio
Newbie
 
Post: 6
Iscritto il: 21/04/10 09:33

Re: risolvere problema system, errore di run-time '6':overflow

Postdi -> EleKtrA <- » 23/04/10 09:24

Ciao pintuloffio, combofix ha eliminato delle infezioni.

Scarica Malwarebytes, installa il programma ed aggiorna le firme.
Nella scheda scansione, seleziona "scansione completa"
Allega il rapporto.

Esegui una scansione online sul sito Kaspersky ed allega il risultato.

Messaggio di errore: Errore di Runtime '6': overflow
“Ieri è storia, domani è mistero, ma oggi è un dono... per questo si chiama presente!”.
Avatar utente
-> EleKtrA <-
Moderatore
 
Post: 436
Iscritto il: 11/12/08 12:50

Re: risolvere problema system, errore di run-time '6':overflow

Postdi pintuloffio » 23/04/10 15:28

ecco l allegato di MAlwarebytes
Codice: Seleziona tutto
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Versione database: 4024

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

23/04/2010 16.26.15
mbam-log-2010-04-23 (16-26-15).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|)
Elementi esaminati: 221405
Tempo trascorso: 1 ore, 31 minuti, 48 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 2
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 1

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
C:\Qoobox\Quarantine\C\Program Files\ShoppingReport\Bin\2.6.79\ShoppingReport.dll.vir (Adware.SmartShopper) -> No action taken.
pintuloffio
Newbie
 
Post: 6
Iscritto il: 21/04/10 09:33

Re: risolvere problema system, errore di run-time '6':overflow

Postdi pintuloffio » 23/04/10 16:41

la scansione on line nn mi da alcun problema.
pintuloffio
Newbie
 
Post: 6
Iscritto il: 21/04/10 09:33

Re: risolvere problema system, errore di run-time '6':overflow

Postdi -> EleKtrA <- » 23/04/10 20:08

Apri Malwarebytes, a scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.

Scarica TFC by OldTimer sul desktop
chiudi tutti i programmi
avvia TFC, clicca su "star"
al termine della scansione ti chiederà il riavvio, dai ok.

Scarica OTC by OldTimer sul desktop
doppio clic per eseguirlo
clicca su "CleanUP" > "Yes" > "Yes"
riavvia.

Hai provato a disinstallare il software Sismicad e re-installarlo dopo aver ripulito il registro?
In genere un errore di overflow è dovuto al fatto che c'è qualcosa che supera la quantità massima consentita.
http://it.wikipedia.org/wiki/Heap_overflow
“Ieri è storia, domani è mistero, ma oggi è un dono... per questo si chiama presente!”.
Avatar utente
-> EleKtrA <-
Moderatore
 
Post: 436
Iscritto il: 11/12/08 12:50

Re: risolvere problema system, errore di run-time '6':overflow

Postdi pintuloffio » 24/04/10 22:17

Il programma procede regolarmente. Ti ringrazio vivamente di aver risolto il problema... grazie anche per la disponibilità.
Buona serata
pintuloffio
Newbie
 
Post: 6
Iscritto il: 21/04/10 09:33

Re: risolvere problema system, errore di run-time '6':overflow

Postdi -> EleKtrA <- » 25/04/10 16:48

Bene, sono contenta che il problema sia risolto.
“Ieri è storia, domani è mistero, ma oggi è un dono... per questo si chiama presente!”.
Avatar utente
-> EleKtrA <-
Moderatore
 
Post: 436
Iscritto il: 11/12/08 12:50

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 26/07/11 11:34

Ciao a tutti! anch'io utilizzando il Sismicad ho incontrato quest'errore di run-time 6 overflow, ho seguito la procedura indicata ma non riesco a fare la scansione online dal sito indicato....qualcuno mi può aiutare??? grazie
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi Murdekai » 26/07/11 17:02

Ciao. Comincia con il postare i log aggiornati di ComboFix, MalwareBytes e Hijackthis.

Ciao! ;)
Murdekai
 

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 08:32

ok...il problema è che devo aver inviato almeno 3 post prima vi inviare un link :neutral:
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 08:34

questo è il terzo
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 08:35

ok...scusate ancora x l'inconveniente, allora questo è il log di HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9.13.19, on 27/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\Launch Manager\LManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\CAP2RSK.EXE
C:\Programmi\Real\RealPlayer\update\realsched.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP2SWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\DOCUME~1\user\IMPOST~1\Temp\RtkBtMnt.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WI83E4~1\Datamngr\DATAMN~1.EXE
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: jZip Toolbar - {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - C:\PROGRA~1\WI83E4~1\Datamngr\ToolBar\jzipdtx.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: UrlHelper Class - {41C4AA37-1DDD-4345-B8DC-734E4B38414D} - C:\PROGRA~1\WI83E4~1\Datamngr\IEBHO.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: jZip Toolbar - {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - C:\PROGRA~1\WI83E4~1\Datamngr\ToolBar\jzipdtx.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CAP2ON] C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAP2ONN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI83E4~1\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [!jZipDSCR] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\user\IMPOST~1\Temp\SRASSE~1.DLL,_SetChromeAssets http://dts.search-results.com/sr?src=cr ... mid=102&q={searchTerms},Search Results,r,
O4 - HKCU\..\RunOnce: [!jZipCRHP] C:\WINDOWS\system32\RUNDLL32.EXE C:\DOCUME~1\user\IMPOST~1\Temp\INSTAL~1.DLL,_SetChromeHP http://search.jzip.com/,
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Finestra di stato di Canon LASER SHOT LBP-1210.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\WI83E4~1\Datamngr\datamngr.dll C:\PROGRA~1\WI83E4~1\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

--
End of file - 8835 bytes
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 08:37

questo quello di ComboFix:

ComboFix 11-07-26.02 - user 26/07/2011 12.30.54.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3067.2019 [GMT 2:00]
Eseguito da: c:\documents and settings\user\Documenti\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\user\Dati applicazioni\inst.exe
c:\documents and settings\user\Dati applicazioni\pcouffin.sys
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2011-06-26 al 2011-07-26 )))))))))))))))))))))))))))))))))))
.
.
2011-07-25 10:57 . 2011-07-25 10:57 -------- d-----w- c:\documents and settings\user\Impostazioni locali\Dati applicazioni\QuickStores
2011-07-25 10:57 . 2011-07-25 10:57 -------- d-----w- c:\documents and settings\user\Impostazioni locali\Dati applicazioni\optBeruby
2011-07-25 10:57 . 2011-07-25 10:57 -------- d-----w- c:\windows\LastGood
2011-07-25 10:57 . 2011-07-25 10:57 -------- d-----w- c:\programmi\DsNET Corp
2011-07-25 10:51 . 2011-07-25 10:54 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-25 10:44 . 2011-07-25 10:44 -------- d-----w- c:\programmi\File comuni\xing shared
2011-07-25 10:44 . 2011-07-25 10:45 -------- d-----w- c:\programmi\Real
2011-07-24 09:37 . 2011-07-24 09:37 1025 ----a-w- c:\windows\system32\sysprs7.dll
2011-07-24 09:37 . 2011-07-24 09:37 1025 ----a-w- c:\windows\system32\clauth2.dll
2011-07-24 09:37 . 2011-07-24 09:37 1025 ----a-w- c:\windows\system32\clauth1.dll
2011-07-24 08:44 . 1999-06-10 08:34 570128 ----a-w- c:\programmi\File comuni\Microsoft Shared\DAO\DAO350.DLL
2011-07-24 08:44 . 2003-06-13 08:35 885307 ----a-w- c:\windows\system32\Actbar2.ocx
2011-07-24 08:44 . 2000-07-14 23:00 77824 ----a-w- c:\windows\system32\MSBIND.DLL
2011-07-24 08:44 . 1998-06-23 22:00 67376 ----a-w- c:\windows\system32\SYSINFO.OCX
2011-07-24 08:44 . 1998-06-23 22:00 525352 ----a-w- c:\windows\system32\DBGRID32.OCX
2011-07-23 16:05 . 2011-07-23 16:05 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Apple
2011-07-04 16:59 . 2002-04-12 09:00 23232 ----a-w- c:\windows\system32\drivers\CAP2LPT.SYS
2011-07-04 16:59 . 2002-04-12 09:00 61224 ----a-w- c:\windows\system32\CAP2RSK.EXE
2011-07-04 16:59 . 2002-04-12 09:00 53760 ----a-w- c:\windows\system32\CAP2EMN.DLL
2011-07-04 16:59 . 2002-04-12 09:00 23552 ----a-w- c:\windows\system32\CAP2PTMN.DLL
2011-07-04 16:59 . 2002-04-12 09:00 13824 ----a-w- c:\windows\system32\CAP2LMK.DLL
2011-07-04 16:59 . 2002-04-12 09:00 40960 ----a-w- c:\windows\system32\CAP2SMK.DLL
2011-07-04 16:25 . 2011-07-04 16:25 -------- d-----w- c:\documents and settings\user\Impostazioni locali\Dati applicazioni\Help
2011-07-04 14:32 . 2008-04-13 09:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-07-04 14:32 . 2008-04-13 09:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-25 10:44 . 2011-06-20 10:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-07-25 10:44 . 2011-06-20 10:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-06-20 09:52 . 2011-06-20 09:52 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-06-09 09:33 . 2011-06-21 08:02 23376 ----a-w- c:\windows\system32\dopdfmn7.dll
2011-06-09 09:33 . 2011-06-21 08:02 20816 ----a-w- c:\windows\system32\dopdfmi7.dll
2011-06-06 11:35 . 2008-04-13 18:50 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-02 15:31 . 2011-06-20 09:40 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-13 19:13 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 12:17 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-27 . D5E120A3BA164D2E7307A6688FEB26B2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-01-05 413696]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\programmi\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-14 2219184]
"LManager"="c:\programmi\Launch Manager\LManager.exe" [2009-02-18 866824]
"AzMixerSel"="c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-13 17508864]
"CAP2ON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAP2ONN.EXE" [2002-04-12 22528]
"TkBellExe"="c:\programmi\Real\RealPlayer\update\realsched.exe" [2011-07-25 273544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2011-04-25 124928]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Finestra di stato di Canon LASER SHOT LBP-1210.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAP2LAK.EXE [2011-7-4 30720]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programmi\\File comuni\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"=
"c:\\Programmi\\File comuni\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21/12/2010 15.04.06 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21/12/2010 13.47.38 94872]
R2 ekrn;ESET Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [14/01/2011 12.33.16 810144]
R2 SentinelKeysServer;Sentinel Keys Server;c:\programmi\File comuni\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [11/07/2008 1.02.10 328992]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [20/06/2011 19.16.52 229928]
S2 gupdate;Servizio Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [20/06/2011 21.04.35 136176]
S2 RapidPort2;RapidPort2;c:\windows\system32\drivers\CAP2LPT.SYS [04/07/2011 18.59.21 23232]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/06/2011 12.48.49 1684736]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [20/06/2011 21.04.35 136176]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-07-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-06-20 19:04]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-06-20 19:04]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1614895754-1801674531-1003Core.job
- c:\documents and settings\user\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-06-20 15:47]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1614895754-1801674531-1003UA.job
- c:\documents and settings\user\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-06-20 15:47]
.
2011-07-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1614895754-1801674531-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-07-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1614895754-1801674531-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKCU-Run-msnmsgr - c:\programmi\Windows Live\Messenger\msnmsgr.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 12:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Dati applicazioni\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Programmi\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000410
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{67E87475-0B32-47F4-926A-D911C3377379}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.71.3"
"UniqueId"="001648684DFF1E62"
"ScannerBuild"=dword:00002168
"ScannerVersionId"=dword:0000169a
"ScannerVersion"="Locked/open ESET for status."
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2011-07-26 12:35:06
ComboFix-quarantined-files.txt 2011-07-26 10:35
.
Pre-Run: 291.606.736.896 byte disponibili
Post-Run: 292.527.960.064 byte disponibili
.
- - End Of File - - 60E146C1B75B9616BFA832C5A9756C79
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi Riverside » 27/07/11 08:43

Ciao Blondie: per favore, apri un nuovo topic nella sezione del forum più corretta: Sicurezza e Privacy

Descrivi, brevemente i problemi che riscontri, e poi ti spiegherò come procedere.
Riverside
Utente Senior
 
Post: 2001
Iscritto il: 03/06/10 10:35
Località: "Riverside House" Italy

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 08:48

ecco il log di Malwarebytes:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Versione database: 7294

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

27/07/2011 9.52.08
mbam-log-2011-07-27 (09-52-08).txt

Tipo di scansione: Scansione veloce
Elementi esaminati: 158565
Tempo impiegato: 2 minuti, 54 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30

Re: risolvere problema system, errore di run-time '6':overfl

Postdi blondie » 27/07/11 09:14

ok scusami Reverside....fatto! :)
blondie
Utente Junior
 
Post: 10
Iscritto il: 26/07/11 11:30


Torna a Sistemi Operativi Windows


Topic correlati a "risolvere problema system, errore di run-time '6':overflow":


Chi c’è in linea

Visitano il forum: Nessuno e 37 ospiti