orco

Utenti
  • Numero contenuti

    24
  • Iscritto

  • Ultima visita

Su orco

  • Livello
    Iniziato
  1. ho fatto la scansione con ambedue i programmi ed un virus msn virus remover me lo ha trovato. ho cambiato anche la pass, sperem! grazie
  2. ho fatto la scansione, ma non mi ha trovato niente. allego il file di log. il sistema operativo è windows xp home edition con il service pack 3. grazie mille Report_2009_11_12_10.06.25.txt
  3. salve, ho un account hotmail, e da una settimana invia da solo delle mail con degli allegati, a persone che non conosco. gli allegati sono file senza estensione. la mia domanda è: come si chiama il fenomeno? esiste un modo per risolvere il problema? ps: mi è capitato di ricevere delle conversazioni su msn con collegamenti a siti sconosciuti, spero di essere stato chiaro
  4. ho un problema con l'audio.quando chiudo lo schermo, comincio a sentire un fischio, tipo di un microfono che interferisce con le casse audio. il fischio lo sento solo se: il volume delle casse integrate è al massimo (quindi l'audio è attivato). ho pensato che l'interferenza fosse causata dal microfono del pc, l'ho disattivato, ma il problema persiste. che cosa posso fare? grazie in anticipo
  5. premessa: di programmazione non me ne intendo. il mio problema: ho un programma (si tratta solamente di un semplice file eseguibile) che mi permette di accedere ad internet dopo aver inserito il mio nome utente e la pass, soltanto che dopo 60 min mi fa il log-out e mi costringe a reinserire i dati. esiste un modo per fare tutto in automatico? grazie in anticipo per la disponibilità
  6. grazie dinop era da un mese che tentavo di trovare una soluzione...finalmente!
  7. ci sto riuscendo tramite il prompt dei comandi dir indirizzo risorsa di rete >text.txt grazie per la disponibilità
  8. sono riuscito tramite il comando >text.txt . ultimo dubbio...devo eliminare alcuni attributi come la data di creazione dei file e la loro grandezza...sai come posso completare il comando dir per ottenere quello che voglio? grazie
  9. già fatto, ma non riesco a posizionarmi con dos su una risorsa di rete, cioè non riesco ad entrare in una cartella di una risorsa di rete..però l'elenco a schermo riesco ad aprirlo senza entrare nella cartella...non so proprio che fare...l'idea è di salvare il contenuto della schermata, solo che non so il comando e la schermata è incompleta...
  10. salve. tramite dos riesco a vedere l'elenco dei file su una risorsa di rete, solo che non riesco a salvarne l'elenco, sia perchèp non conosco bene il linguaggio dos, sia perchè molte stringhe vengono eliminate dallo schermo...come posso fare? grazie in anticipo
  11. salve, devo salvare su file un elenco di stringhe di ms dos. le stringhe sono numerose e in una sola schermata del prompt non riesco a visualizzare tutte le stringhe. sapete come risolvere i miei dubbi?
  12. ComboFix 09-01-21.04 - luca tagliabue 2009-01-31 12.21.04.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1040.18.3069.1349 [GMT 1:00] Eseguito da: c:\users\luca tagliabue\Desktop\utility\ComboFix.exe Opzioni usate :: c:\users\luca tagliabue\Desktop\utility\CFscript.txt * Creato nuovo punto di ripristino . - MODALITÀ CON FUNZIONALITÀ RIDOTTE - FILE :: c:\users\luca tagliabue\AppData\Roaming\drivers\winupgro.exe . ((((((((((((((((((((((((( Files Creati Da 2008-12-28 al 2009-01-31 ))))))))))))))))))))))))))))))))))) . 2009-01-30 12:20 . 2009-01-30 12:20 1,297 --a------ c:\windows\wininit.ini 2009-01-30 11:44 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2009-01-30 11:44 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2009-01-30 11:44 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2009-01-30 11:44 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2009-01-30 11:44 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2009-01-30 11:44 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2009-01-30 11:44 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2009-01-30 11:44 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2009-01-30 11:37 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2009-01-30 11:37 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2009-01-30 11:37 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2009-01-30 11:37 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll 2009-01-30 11:36 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2009-01-28 03:52 . 2009-01-28 03:52 <DIR> d-------- c:\program files\RadarSync 2009-01-28 03:52 . 2006-07-24 08:56 212,240 --a------ c:\windows\System32\Richtx32.ocx 2009-01-28 03:51 . 2009-01-28 04:12 <DIR> d-------- c:\users\All Users\WeFi 2009-01-28 03:51 . 2009-01-28 03:51 <DIR> d-------- c:\program files\WeFi 2009-01-28 03:51 . 2009-01-28 04:12 <DIR> d-------- c:\progra~2\WeFi 2009-01-28 03:46 . 2009-01-28 03:46 <DIR> d-------- c:\users\luca tagliabue\SystemRequirementsLab 2009-01-28 03:46 . 2009-01-28 03:46 <DIR> d-------- c:\program files\SystemRequirementsLab 2009-01-27 12:30 . 2009-01-27 12:41 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\IObit 2009-01-24 16:49 . 2009-01-24 16:49 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Media Player Classic 2009-01-21 17:37 . 2009-01-21 17:37 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Sierra Entertainment 2009-01-21 17:17 . 2009-01-21 17:17 <DIR> dr-h----- c:\users\luca tagliabue\AppData\Roaming\SecuROM 2009-01-21 17:09 . 2009-01-21 17:09 <DIR> d-------- c:\windows\System32\AGEIA 2009-01-21 17:08 . 2009-01-21 17:08 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2009-01-21 16:53 . 2009-01-21 16:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\InstallShield 2009-01-19 20:14 . 2009-01-19 20:14 <DIR> d-------- c:\users\luca tagliabue\DVD Decrypter 3 2009-01-19 20:11 . 2009-01-19 20:11 <DIR> d-------- c:\users\luca tagliabue\Roxio 2009-01-14 13:19 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2009-01-12 16:42 . 2009-01-30 11:43 <DIR> d-------- c:\users\luca tagliabue\Tracing 2009-01-12 16:28 . 2009-01-12 16:28 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\users\All Users\KONAMI 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\progra~2\KONAMI 2009-01-09 10:19 . 2009-01-09 10:19 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\avidemux 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\All Users\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\progra~2\AVS4YOU 2009-01-09 10:11 . 2009-01-09 12:09 <DIR> d-------- c:\program files\Common Files\AVSMedia 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Pro 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-01-09 09:52 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\progra~2\DAEMON Tools Lite 2009-01-09 09:49 . 2009-01-09 09:48 410,984 --a------ c:\windows\System32\deploytk.dll 2009-01-09 09:43 . 2009-01-09 09:43 <DIR> d-------- c:\program files\Common Files\Adobe 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\progra~2\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:38 . 2009-01-09 09:38 <DIR> d-------- c:\program files\Common Files\xing shared 2009-01-09 09:33 . 2009-01-10 21:33 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\vlc 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\users\All Users\Avira 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\progra~2\Avira 2009-01-05 16:18 . 2009-01-05 16:18 90,112 --a------ c:\windows\System32\QuickTimeVR.qtx 2009-01-05 16:18 . 2009-01-05 16:18 57,344 --a------ c:\windows\System32\QuickTime.qts 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\users\All Users\NtiDvdCopy 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\progra~2\NtiDvdCopy 2008-12-31 17:04 . 2008-12-31 17:04 691,560 --a------ c:\windows\System32\OGACheckControl.dll 2008-12-31 17:04 . 2008-12-31 17:04 528,744 --a------ c:\windows\System32\OGAVerify.exe 2008-12-31 17:04 . 2008-12-31 17:04 502,120 --a------ c:\windows\System32\OGAAddin.dll 2008-12-27 13:36 . 2009-01-30 20:56 <DIR> d-------- c:\users\All Users\Spybot - Search & Destroy 2008-12-27 13:36 . 2009-01-30 20:56 <DIR> d-------- c:\progra~2\Spybot - Search & Destroy 2008-12-21 18:47 . 2008-12-21 18:47 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\OpenOffice.org 2008-12-21 18:36 . 2009-01-25 12:21 <DIR> d--h----- c:\users\luca tagliabue\AppData\Roaming\drivers 2008-12-21 18:27 . 2008-12-21 18:27 <DIR> d-------- c:\program files\Common Files\Java 2008-12-20 00:41 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll 2008-12-20 00:41 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll 2008-12-20 00:41 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll 2008-12-20 00:41 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll 2008-12-20 00:41 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll 2008-12-20 00:41 . 2007-04-04 18:53 81,768 --a------ c:\windows\System32\xinput1_3.dll 2008-12-20 00:41 . 2007-06-20 20:45 18,280 --a------ c:\windows\System32\x3daudio1_2.dll 2008-12-20 00:40 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll 2008-12-20 00:40 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll 2008-12-20 00:40 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\System32\d3dx9_31.dll 2008-12-20 00:40 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\System32\D3DCompiler_33.dll 2008-12-20 00:40 . 2007-03-15 16:57 443,752 --a------ c:\windows\System32\d3dx10_33.dll 2008-12-20 00:40 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll 2008-12-20 00:40 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll 2008-12-20 00:40 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll 2008-12-20 00:40 . 2006-09-28 16:05 237,848 --a------ c:\windows\System32\xactengine2_4.dll 2008-12-20 00:40 . 2006-07-28 09:30 236,824 --a------ c:\windows\System32\xactengine2_3.dll 2008-12-20 00:40 . 2006-07-28 09:30 62,744 --a------ c:\windows\System32\xinput1_2.dll 2008-12-20 00:40 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll 2008-12-19 21:08 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools 2008-12-19 21:08 . 2008-12-19 21:08 717,296 --a------ c:\windows\System32\drivers\sptd.sys 2008-12-11 16:40 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-11 15:45 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-11 15:44 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-11 15:44 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-11 15:44 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-11 15:44 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-11 15:44 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-04 12:39 . 2009-01-26 14:03 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\dvdcss 2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\System32\sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-30 03:36 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-01-27 11:43 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\DNA 2009-01-27 11:43 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\BitTorrent 2009-01-27 11:43 --------- d-----w c:\program files\Windows Live Toolbar 2009-01-27 11:43 --------- d-----w c:\program files\Microsoft Works 2009-01-27 11:43 --------- d-----w c:\program files\McAfee 2009-01-27 11:43 --------- d-----w c:\program files\Acer GameZone 2009-01-27 11:43 --------- d-----w c:\program files\Acer Arcade Deluxe 2009-01-27 11:43 --------- d-----w c:\progra~2\WLInstaller 2009-01-27 11:43 --------- d-----w c:\progra~2\SiteAdvisor 2009-01-27 11:30 --------- d-----w c:\program files\IObit 2009-01-25 11:59 28,694 ----a-w c:\users\luca tagliabue\AppData\Roaming\nvModes.dat 2009-01-25 11:44 --------- d-----w c:\program files\Trend Micro 2009-01-25 11:14 0 ----a-w C:\backup.reg 2009-01-24 16:15 --------- d-----w c:\program files\QuickTime 2009-01-24 16:15 --------- d-----w c:\program files\Microsoft 2009-01-24 16:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-01-23 18:01 --------- d-----w c:\progra~2\McAfee 2009-01-23 14:20 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Skype 2009-01-23 14:12 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\skypePM 2009-01-23 11:38 --------- d-----w c:\program files\Utherverse Digital Inc 2009-01-21 16:09 --------- d-----w c:\program files\AGEIA Technologies 2009-01-21 15:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-21 15:55 --------- d-----w c:\program files\Sierra Entertainment 2009-01-21 15:45 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Orbit 2009-01-19 18:40 --------- d-----w c:\program files\SlySoft 2009-01-15 10:05 911,872 ----a-w c:\windows\System32\wininet.dll 2009-01-15 10:05 43,008 ----a-w c:\windows\System32\licmgr10.dll 2009-01-15 10:04 18,944 ----a-w c:\windows\System32\corpol.dll 2009-01-15 10:04 132,096 ----a-w c:\windows\System32\ieUnatt.exe 2009-01-15 10:04 109,568 ----a-w c:\windows\System32\PDMSetup.exe 2009-01-15 10:04 109,056 ----a-w c:\windows\System32\iesysprep.dll 2009-01-15 10:04 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe 2009-01-15 10:04 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe 2009-01-15 10:04 103,936 ----a-w c:\windows\System32\SetDepNx.exe 2009-01-15 10:03 72,704 ----a-w c:\windows\System32\admparse.dll 2009-01-15 10:03 71,680 ----a-w c:\windows\System32\iesetup.dll 2009-01-15 10:03 66,560 ----a-w c:\windows\System32\wextract.exe 2009-01-15 10:03 420,352 ----a-w c:\windows\System32\vbscript.dll 2009-01-15 10:02 169,472 ----a-w c:\windows\System32\iexpress.exe 2009-01-15 10:01 34,304 ----a-w c:\windows\System32\imgutil.dll 2009-01-15 10:00 48,128 ----a-w c:\windows\System32\mshtmler.dll 2009-01-15 10:00 45,568 ----a-w c:\windows\System32\mshta.exe 2009-01-15 09:50 156,160 ----a-w c:\windows\System32\msls31.dll 2009-01-15 02:04 --------- d-----w c:\program files\Windows Mail 2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-01-12 15:40 --------- d-----w c:\program files\Windows Live 2009-01-12 15:36 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-09 23:22 --------- d-----w c:\program files\Google 2009-01-09 23:04 --------- d-----w c:\program files\KONAMI 2009-01-09 16:10 --------- d-----w c:\program files\YouTube Toolbar 2009-01-09 14:27 --------- d-----w c:\program files\Sveglia 2009-01-09 11:10 --------- d-----w c:\program files\NCH Software 2009-01-09 09:42 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\NCH Software 2009-01-09 09:41 --------- d-----w c:\progra~2\NCH Software 2009-01-09 08:56 --------- d-----w c:\program files\Safari 2009-01-09 08:52 --------- d-----w c:\program files\DAEMON Tools Lite 2009-01-09 08:48 --------- d-----w c:\program files\Java 2009-01-09 08:40 --------- d-----w c:\program files\iTunes 2009-01-09 08:39 --------- d-----w c:\program files\iPod 2009-01-09 08:37 --------- d-----w c:\program files\Common Files\Real 2009-01-09 08:36 --------- d-----w c:\program files\RichFX 2009-01-09 08:19 --------- d-----w c:\program files\filehippo.com 2009-01-08 13:43 --------- d-----w c:\program files\Avira 2009-01-07 21:57 --------- d-----w c:\program files\CCleaner 2009-01-07 16:15 --------- d-----w c:\program files\DNA 2008-12-23 17:20 --------- d-----w c:\program files\Safer Networking 2008-12-21 17:46 2,740 ----a-w c:\users\luca tagliabue\AppData\Roaming\wklnhst.dat 2008-12-21 17:30 --------- d-----w c:\program files\OpenOffice.org 3 2008-12-21 17:30 --------- d-----w c:\program files\JRE 2008-12-11 15:45 --------- d-----w c:\progra~2\Microsoft Help 2008-12-04 21:55 307,560 ----a-w c:\windows\WLXPGSS.SCR 2008-12-01 17:11 --------- d-----w c:\program files\Veoh Networks 2008-11-29 18:49 --------- d-----w c:\program files\BitTorrent 2008-11-28 20:11 --------- d-----w c:\program files\securedie 2008-11-28 20:10 2,560 ----a-w c:\windows\_MSRSTRT.EXE 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll 2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll 2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe 2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll 2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll 2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll 2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll 2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll 2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe 2008-10-04 09:17 56 ---ha-w c:\users\All Users\ezsidmv.dat 2008-10-04 09:17 56 ---ha-w c:\progra~2\ezsidmv.dat 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-01-03 01:00 39472 --a------ c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2008-01-21 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-01-24 102400] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-11-22 178712] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-03-11 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 8534560] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-11 88608] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-09 136600] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-09 185872] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-24 c:\windows\RtHDVCpl.exe] c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-04-14 535336] SETAUDIO.EXE [2008-04-04 20480] SETRES.EXE [2008-04-04 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2009-01-09 09:36 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler "drvsyskit"=c:\users\luca tagliabue\AppData\Roaming\drivers\winupgro.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" "WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2013700888-2578411824-3608626932-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{97CA8B48-19BC-4B94-AE51-F935D6FC545F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{3E62AD61-DBB0-455E-AB7E-42ED940B3C3D}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{D68CB044-2502-4D88-B11A-A2067B1E14B1}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{B99CEF3F-C7EF-4CCA-B3F6-A337A49B608D}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{3DD9CB57-77B5-4965-BA0B-4B5DF0BC5649}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{8280F994-1653-4E76-A5C7-B592332BBA79}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{AFF9E6A0-8BFC-4FE6-B6BB-9258BACF0651}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{296F390E-E67D-42CC-A9B5-C99475FA0426}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{B45AA28F-40B6-4180-8060-C2041CC25C64}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{8267EFDC-396E-4923-A17F-64F1D49235DD}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{E8F7B0B5-F28A-44F2-A596-38E552D3E0FD}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{49EA2F13-995F-4804-B9AD-271B5151E1A3}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{F0504985-B541-42F3-89A8-3E06860951F8}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{6E19FD7D-6D20-4C1B-A2B6-67838A355C40}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{FA1CF1E9-8AB7-43CF-AD43-6210BF13D3EC}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{39B7F446-1488-4B17-9E8E-67CB1719A76D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{7FA5158A-DAA9-4AEA-88BC-2FA12789082F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{5F7C1B41-E7D4-4038-822A-28C2ECF649E2}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{1663A6F3-972A-4471-928F-8CF4C1E6FF3A}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "{EEF87009-21A9-4A5C-8283-314A05865C71}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{38223F8C-2439-4CD1-8B24-2770838105D3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8948DA83-CD90-4CC9-A30D-7CE8590A360A}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{7A0E8038-4C65-4F9A-BAE2-4FB89DA3F39A}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{15A39996-76A3-447E-B23A-B183A7D33015}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{E2D18A2B-7AF0-41B6-9A8A-390D372E20CC}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8E12ED2C-CAB7-48DB-8B87-697D89756B3E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{41B0CA73-117F-4C2B-9716-FEA22553BEF3}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{393E8B1F-45AE-4ECC-9DB9-7896FD80868E}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{B9B48AE6-1A4F-4474-9E5D-43B7566C662B}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{5ADED539-DEAB-44D7-A4FF-A3CABBC775D4}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{5B37BAC9-CB52-4081-902D-4C40C7799BDF}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= UDP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "UDP Query User{32232337-9A9A-4F8E-995B-B96121180279}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= TCP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "{4D2891ED-9F58-41E5-ACBD-B715E78D0FFA}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{B1F2EB8E-27E0-404B-B37D-1D6DC20704C2}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "TCP Query User{34F12A62-AAC1-43BE-AA05-76A833B6160D}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA "UDP Query User{DBD87A2A-559C-4E8E-A027-FFBAF5A00C2C}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA "{CFF9F89D-11C9-4DF6-9031-E36BB61560C0}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{CB10415B-6F28-46AE-8DA2-E3A0867FFE2A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{A9690691-15E7-4072-AF90-8AC8F1243B41}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{F1FFAE5B-8E59-4843-84BB-DE266B75065A}"= UDP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "{73BEB638-81F0-4E69-A617-553C45D132B7}"= TCP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "TCP Query User{6E1E18F6-DA13-4ADA-8311-A0151FA0ACCB}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= UDP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood "UDP Query User{42263BF7-CD4C-4F65-BAD8-4434EBEEEAA5}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= TCP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood "TCP Query User{AD1A912C-3BE5-497B-B0A5-A24269107AFB}c:\\program files\\ares\\chatserver.exe"= UDP:c:\program files\ares\chatserver.exe:Ares Chat Server "UDP Query User{C9161F3F-44BC-412B-9B03-EE2A20645436}c:\\program files\\ares\\chatserver.exe"= TCP:c:\program files\ares\chatserver.exe:Ares Chat Server R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [2008-04-15 43008] R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-07-16 14:10:16 41456] R4 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2008-04-14 51200] R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-12-27 1153368] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-04-15 179712] --- Altri Servizi/Drivers In Memoria --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9551bc57-ee4e-11dd-9cb0-d133e20ab31a}] \shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uInternet Settings,ProxyOverride = *.local IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\LUCATA~1\AppData\Roaming\Mozilla\Firefox\Profiles\jyd1bmwv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\luca tagliabue\Program Files\DNA\plugins\npbtdna.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-31 12:23:33 Windows 6.0.6001 Service Pack 1 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . --------------------- Dlls caricate dai processi in esecuzione --------------------- - - - - - - - > 'Explorer.exe'(3728) c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\acer\Empowering Technology\EPOWER\SysHook.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\System32\audiodg.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\System32\drivers\XAudio.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\IObit\Advanced SystemCare 3\AWC.exe c:\windows\System32\conime.exe c:\windows\System32\rundll32.exe c:\users\LUCATA~1\AppData\Local\Temp\RtkBtMnt.exe c:\windows\System32\rundll32.exe c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\windows\ehome\ehmsas.exe c:\acer\Empowering Technology\eNet\eNMTray.exe c:\acer\Empowering Technology\ePower\ePower_DMC.exe c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe c:\acer\Empowering Technology\eRecovery\eRAgent.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\acer\Empowering Technology\eAudio\eAudio.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\System32\wbem\WMIADAP.exe . ************************************************************************** . Ora fine scansione: 2009-01-31 12:28:47 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2009-01-31 11:28:30 ComboFix2.txt 2009-01-30 20:08:57 ComboFix3.txt 2009-01-30 20:01:05 ComboFix4.txt 2009-01-25 11:29:49 Pre-Run: 6.220.021.760 byte disponibili Post-Run: 6,213,120,000 byte disponibili 389 --- E O F --- 2009-01-30 10:57:00
  13. provato con combofix? a me ha risolto un problema di visualizzazione delle anteprime, l'unico inconveniente è che mi ha cancellato tutte le impostazioni personalizzate...
  14. sei sicura che la tua versione di windows sia aggiornata? che antivirus hai?
  15. eccoti il link alla guida per scaricare e postare un log di hijackthis http://forum.wininizio.it/index.php?showtopic=21584 ti si blocca solo con internet explorer? che succede con mozzila?