orco

Utenti
 Visualizza profilo  Vedi la sua attività

  • Numero contenuti

    24

  • Iscritto

  • Ultima visita

Tutti i contenuti di orco

  1. salve, ho un account hotmail, e da una settimana invia da solo delle mail con degli allegati, a persone che non conosco. gli allegati sono file senza estensione. la mia domanda è: come si chiama il fenomeno? esiste un modo per risolvere il problema? ps: mi è capitato di ricevere delle conversazioni su msn con collegamenti a siti sconosciuti, spero di essere stato chiaro
  2. ho fatto la scansione con ambedue i programmi ed un virus msn virus remover me lo ha trovato. ho cambiato anche la pass, sperem! grazie
  3. ho fatto la scansione, ma non mi ha trovato niente. allego il file di log. il sistema operativo è windows xp home edition con il service pack 3. grazie mille Report_2009_11_12_10.06.25.txt
  4. ho un problema con l'audio.quando chiudo lo schermo, comincio a sentire un fischio, tipo di un microfono che interferisce con le casse audio. il fischio lo sento solo se: il volume delle casse integrate è al massimo (quindi l'audio è attivato). ho pensato che l'interferenza fosse causata dal microfono del pc, l'ho disattivato, ma il problema persiste. che cosa posso fare? grazie in anticipo

  5. Log In, Da Temporaneo A Continuo

    orco ha aggiunto un topic in Progetti

    premessa: di programmazione non me ne intendo. il mio problema: ho un programma (si tratta solamente di un semplice file eseguibile) che mi permette di accedere ad internet dopo aver inserito il mio nome utente e la pass, soltanto che dopo 60 min mi fa il log-out e mi costringe a reinserire i dati. esiste un modo per fare tutto in automatico? grazie in anticipo per la disponibilità
  6. salve. tramite dos riesco a vedere l'elenco dei file su una risorsa di rete, solo che non riesco a salvarne l'elenco, sia perchèp non conosco bene il linguaggio dos, sia perchè molte stringhe vengono eliminate dallo schermo...come posso fare? grazie in anticipo
  7. grazie dinop era da un mese che tentavo di trovare una soluzione...finalmente!
  8. ciao a tutti. sto cercando un modo per creare un elenco dei file presenti su una risorsa di rete. mi servono soltanto i nomi dei files (senza quindi dimensione, nome cartella etc), con la possibilità di salvare l'elenco in un formato di testo. ho pensato a dos, solo che mi dà troppi dettagli sui files. non so proprio vome fare. grazie in anticipo
  9. ci sto riuscendo tramite il prompt dei comandi dir indirizzo risorsa di rete >text.txt grazie per la disponibilità
  10. sono riuscito tramite il comando >text.txt . ultimo dubbio...devo eliminare alcuni attributi come la data di creazione dei file e la loro grandezza...sai come posso completare il comando dir per ottenere quello che voglio? grazie
  11. già fatto, ma non riesco a posizionarmi con dos su una risorsa di rete, cioè non riesco ad entrare in una cartella di una risorsa di rete..però l'elenco a schermo riesco ad aprirlo senza entrare nella cartella...non so proprio che fare...l'idea è di salvare il contenuto della schermata, solo che non so il comando e la schermata è incompleta...

  12. Prompt Dei Comandi-dubbi

    orco ha aggiunto un topic in Windows Vista

    salve, devo salvare su file un elenco di stringhe di ms dos. le stringhe sono numerose e in una sola schermata del prompt non riesco a visualizzare tutte le stringhe. sapete come risolvere i miei dubbi?
  13. ciao a tutti! ho un problema di audio con wmp 11. va a tratti, penso che sia stato un troyan, bagle se non erro, purtroppo la scansione l'ho fatta un mese fa e l'ho eliminato, ma penso che ci siano ancora delle parti da eliminare. qualcuno riesce ad aiutarmi, ho vista
  14. ComboFix 09-01-21.04 - luca tagliabue 2009-01-31 12.21.04.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1040.18.3069.1349 [GMT 1:00] Eseguito da: c:\users\luca tagliabue\Desktop\utility\ComboFix.exe Opzioni usate :: c:\users\luca tagliabue\Desktop\utility\CFscript.txt * Creato nuovo punto di ripristino . - MODALITÀ CON FUNZIONALITÀ RIDOTTE - FILE :: c:\users\luca tagliabue\AppData\Roaming\drivers\winupgro.exe . ((((((((((((((((((((((((( Files Creati Da 2008-12-28 al 2009-01-31 ))))))))))))))))))))))))))))))))))) . 2009-01-30 12:20 . 2009-01-30 12:20 1,297 --a------ c:\windows\wininit.ini 2009-01-30 11:44 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2009-01-30 11:44 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2009-01-30 11:44 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2009-01-30 11:44 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2009-01-30 11:44 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2009-01-30 11:44 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2009-01-30 11:44 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2009-01-30 11:44 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2009-01-30 11:37 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2009-01-30 11:37 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2009-01-30 11:37 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2009-01-30 11:37 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll 2009-01-30 11:36 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2009-01-28 03:52 . 2009-01-28 03:52 <DIR> d-------- c:\program files\RadarSync 2009-01-28 03:52 . 2006-07-24 08:56 212,240 --a------ c:\windows\System32\Richtx32.ocx 2009-01-28 03:51 . 2009-01-28 04:12 <DIR> d-------- c:\users\All Users\WeFi 2009-01-28 03:51 . 2009-01-28 03:51 <DIR> d-------- c:\program files\WeFi 2009-01-28 03:51 . 2009-01-28 04:12 <DIR> d-------- c:\progra~2\WeFi 2009-01-28 03:46 . 2009-01-28 03:46 <DIR> d-------- c:\users\luca tagliabue\SystemRequirementsLab 2009-01-28 03:46 . 2009-01-28 03:46 <DIR> d-------- c:\program files\SystemRequirementsLab 2009-01-27 12:30 . 2009-01-27 12:41 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\IObit 2009-01-24 16:49 . 2009-01-24 16:49 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Media Player Classic 2009-01-21 17:37 . 2009-01-21 17:37 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Sierra Entertainment 2009-01-21 17:17 . 2009-01-21 17:17 <DIR> dr-h----- c:\users\luca tagliabue\AppData\Roaming\SecuROM 2009-01-21 17:09 . 2009-01-21 17:09 <DIR> d-------- c:\windows\System32\AGEIA 2009-01-21 17:08 . 2009-01-21 17:08 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2009-01-21 16:53 . 2009-01-21 16:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\InstallShield 2009-01-19 20:14 . 2009-01-19 20:14 <DIR> d-------- c:\users\luca tagliabue\DVD Decrypter 3 2009-01-19 20:11 . 2009-01-19 20:11 <DIR> d-------- c:\users\luca tagliabue\Roxio 2009-01-14 13:19 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2009-01-12 16:42 . 2009-01-30 11:43 <DIR> d-------- c:\users\luca tagliabue\Tracing 2009-01-12 16:28 . 2009-01-12 16:28 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\users\All Users\KONAMI 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\progra~2\KONAMI 2009-01-09 10:19 . 2009-01-09 10:19 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\avidemux 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\All Users\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\progra~2\AVS4YOU 2009-01-09 10:11 . 2009-01-09 12:09 <DIR> d-------- c:\program files\Common Files\AVSMedia 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Pro 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-01-09 09:52 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\progra~2\DAEMON Tools Lite 2009-01-09 09:49 . 2009-01-09 09:48 410,984 --a------ c:\windows\System32\deploytk.dll 2009-01-09 09:43 . 2009-01-09 09:43 <DIR> d-------- c:\program files\Common Files\Adobe 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\progra~2\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:38 . 2009-01-09 09:38 <DIR> d-------- c:\program files\Common Files\xing shared 2009-01-09 09:33 . 2009-01-10 21:33 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\vlc 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\users\All Users\Avira 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\progra~2\Avira 2009-01-05 16:18 . 2009-01-05 16:18 90,112 --a------ c:\windows\System32\QuickTimeVR.qtx 2009-01-05 16:18 . 2009-01-05 16:18 57,344 --a------ c:\windows\System32\QuickTime.qts 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\users\All Users\NtiDvdCopy 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\progra~2\NtiDvdCopy 2008-12-31 17:04 . 2008-12-31 17:04 691,560 --a------ c:\windows\System32\OGACheckControl.dll 2008-12-31 17:04 . 2008-12-31 17:04 528,744 --a------ c:\windows\System32\OGAVerify.exe 2008-12-31 17:04 . 2008-12-31 17:04 502,120 --a------ c:\windows\System32\OGAAddin.dll 2008-12-27 13:36 . 2009-01-30 20:56 <DIR> d-------- c:\users\All Users\Spybot - Search & Destroy 2008-12-27 13:36 . 2009-01-30 20:56 <DIR> d-------- c:\progra~2\Spybot - Search & Destroy 2008-12-21 18:47 . 2008-12-21 18:47 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\OpenOffice.org 2008-12-21 18:36 . 2009-01-25 12:21 <DIR> d--h----- c:\users\luca tagliabue\AppData\Roaming\drivers 2008-12-21 18:27 . 2008-12-21 18:27 <DIR> d-------- c:\program files\Common Files\Java 2008-12-20 00:41 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll 2008-12-20 00:41 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll 2008-12-20 00:41 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll 2008-12-20 00:41 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll 2008-12-20 00:41 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll 2008-12-20 00:41 . 2007-04-04 18:53 81,768 --a------ c:\windows\System32\xinput1_3.dll 2008-12-20 00:41 . 2007-06-20 20:45 18,280 --a------ c:\windows\System32\x3daudio1_2.dll 2008-12-20 00:40 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll 2008-12-20 00:40 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll 2008-12-20 00:40 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\System32\d3dx9_31.dll 2008-12-20 00:40 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\System32\D3DCompiler_33.dll 2008-12-20 00:40 . 2007-03-15 16:57 443,752 --a------ c:\windows\System32\d3dx10_33.dll 2008-12-20 00:40 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll 2008-12-20 00:40 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll 2008-12-20 00:40 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll 2008-12-20 00:40 . 2006-09-28 16:05 237,848 --a------ c:\windows\System32\xactengine2_4.dll 2008-12-20 00:40 . 2006-07-28 09:30 236,824 --a------ c:\windows\System32\xactengine2_3.dll 2008-12-20 00:40 . 2006-07-28 09:30 62,744 --a------ c:\windows\System32\xinput1_2.dll 2008-12-20 00:40 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll 2008-12-19 21:08 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools 2008-12-19 21:08 . 2008-12-19 21:08 717,296 --a------ c:\windows\System32\drivers\sptd.sys 2008-12-11 16:40 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-11 15:45 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-11 15:44 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-11 15:44 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-11 15:44 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-11 15:44 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-11 15:44 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-04 12:39 . 2009-01-26 14:03 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\dvdcss 2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\System32\sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-30 03:36 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-01-27 11:43 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\DNA 2009-01-27 11:43 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\BitTorrent 2009-01-27 11:43 --------- d-----w c:\program files\Windows Live Toolbar 2009-01-27 11:43 --------- d-----w c:\program files\Microsoft Works 2009-01-27 11:43 --------- d-----w c:\program files\McAfee 2009-01-27 11:43 --------- d-----w c:\program files\Acer GameZone 2009-01-27 11:43 --------- d-----w c:\program files\Acer Arcade Deluxe 2009-01-27 11:43 --------- d-----w c:\progra~2\WLInstaller 2009-01-27 11:43 --------- d-----w c:\progra~2\SiteAdvisor 2009-01-27 11:30 --------- d-----w c:\program files\IObit 2009-01-25 11:59 28,694 ----a-w c:\users\luca tagliabue\AppData\Roaming\nvModes.dat 2009-01-25 11:44 --------- d-----w c:\program files\Trend Micro 2009-01-25 11:14 0 ----a-w C:\backup.reg 2009-01-24 16:15 --------- d-----w c:\program files\QuickTime 2009-01-24 16:15 --------- d-----w c:\program files\Microsoft 2009-01-24 16:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-01-23 18:01 --------- d-----w c:\progra~2\McAfee 2009-01-23 14:20 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Skype 2009-01-23 14:12 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\skypePM 2009-01-23 11:38 --------- d-----w c:\program files\Utherverse Digital Inc 2009-01-21 16:09 --------- d-----w c:\program files\AGEIA Technologies 2009-01-21 15:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-21 15:55 --------- d-----w c:\program files\Sierra Entertainment 2009-01-21 15:45 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Orbit 2009-01-19 18:40 --------- d-----w c:\program files\SlySoft 2009-01-15 10:05 911,872 ----a-w c:\windows\System32\wininet.dll 2009-01-15 10:05 43,008 ----a-w c:\windows\System32\licmgr10.dll 2009-01-15 10:04 18,944 ----a-w c:\windows\System32\corpol.dll 2009-01-15 10:04 132,096 ----a-w c:\windows\System32\ieUnatt.exe 2009-01-15 10:04 109,568 ----a-w c:\windows\System32\PDMSetup.exe 2009-01-15 10:04 109,056 ----a-w c:\windows\System32\iesysprep.dll 2009-01-15 10:04 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe 2009-01-15 10:04 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe 2009-01-15 10:04 103,936 ----a-w c:\windows\System32\SetDepNx.exe 2009-01-15 10:03 72,704 ----a-w c:\windows\System32\admparse.dll 2009-01-15 10:03 71,680 ----a-w c:\windows\System32\iesetup.dll 2009-01-15 10:03 66,560 ----a-w c:\windows\System32\wextract.exe 2009-01-15 10:03 420,352 ----a-w c:\windows\System32\vbscript.dll 2009-01-15 10:02 169,472 ----a-w c:\windows\System32\iexpress.exe 2009-01-15 10:01 34,304 ----a-w c:\windows\System32\imgutil.dll 2009-01-15 10:00 48,128 ----a-w c:\windows\System32\mshtmler.dll 2009-01-15 10:00 45,568 ----a-w c:\windows\System32\mshta.exe 2009-01-15 09:50 156,160 ----a-w c:\windows\System32\msls31.dll 2009-01-15 02:04 --------- d-----w c:\program files\Windows Mail 2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-01-12 15:40 --------- d-----w c:\program files\Windows Live 2009-01-12 15:36 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-09 23:22 --------- d-----w c:\program files\Google 2009-01-09 23:04 --------- d-----w c:\program files\KONAMI 2009-01-09 16:10 --------- d-----w c:\program files\YouTube Toolbar 2009-01-09 14:27 --------- d-----w c:\program files\Sveglia 2009-01-09 11:10 --------- d-----w c:\program files\NCH Software 2009-01-09 09:42 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\NCH Software 2009-01-09 09:41 --------- d-----w c:\progra~2\NCH Software 2009-01-09 08:56 --------- d-----w c:\program files\Safari 2009-01-09 08:52 --------- d-----w c:\program files\DAEMON Tools Lite 2009-01-09 08:48 --------- d-----w c:\program files\Java 2009-01-09 08:40 --------- d-----w c:\program files\iTunes 2009-01-09 08:39 --------- d-----w c:\program files\iPod 2009-01-09 08:37 --------- d-----w c:\program files\Common Files\Real 2009-01-09 08:36 --------- d-----w c:\program files\RichFX 2009-01-09 08:19 --------- d-----w c:\program files\filehippo.com 2009-01-08 13:43 --------- d-----w c:\program files\Avira 2009-01-07 21:57 --------- d-----w c:\program files\CCleaner 2009-01-07 16:15 --------- d-----w c:\program files\DNA 2008-12-23 17:20 --------- d-----w c:\program files\Safer Networking 2008-12-21 17:46 2,740 ----a-w c:\users\luca tagliabue\AppData\Roaming\wklnhst.dat 2008-12-21 17:30 --------- d-----w c:\program files\OpenOffice.org 3 2008-12-21 17:30 --------- d-----w c:\program files\JRE 2008-12-11 15:45 --------- d-----w c:\progra~2\Microsoft Help 2008-12-04 21:55 307,560 ----a-w c:\windows\WLXPGSS.SCR 2008-12-01 17:11 --------- d-----w c:\program files\Veoh Networks 2008-11-29 18:49 --------- d-----w c:\program files\BitTorrent 2008-11-28 20:11 --------- d-----w c:\program files\securedie 2008-11-28 20:10 2,560 ----a-w c:\windows\_MSRSTRT.EXE 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll 2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll 2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe 2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll 2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll 2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll 2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll 2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll 2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe 2008-10-04 09:17 56 ---ha-w c:\users\All Users\ezsidmv.dat 2008-10-04 09:17 56 ---ha-w c:\progra~2\ezsidmv.dat 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-01-03 01:00 39472 --a------ c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2008-01-21 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-01-24 102400] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-11-22 178712] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-03-11 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 8534560] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-11 88608] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-09 136600] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-09 185872] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-24 c:\windows\RtHDVCpl.exe] c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-04-14 535336] SETAUDIO.EXE [2008-04-04 20480] SETRES.EXE [2008-04-04 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2009-01-09 09:36 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler "drvsyskit"=c:\users\luca tagliabue\AppData\Roaming\drivers\winupgro.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" "WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2013700888-2578411824-3608626932-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{97CA8B48-19BC-4B94-AE51-F935D6FC545F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{3E62AD61-DBB0-455E-AB7E-42ED940B3C3D}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{D68CB044-2502-4D88-B11A-A2067B1E14B1}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{B99CEF3F-C7EF-4CCA-B3F6-A337A49B608D}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{3DD9CB57-77B5-4965-BA0B-4B5DF0BC5649}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{8280F994-1653-4E76-A5C7-B592332BBA79}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{AFF9E6A0-8BFC-4FE6-B6BB-9258BACF0651}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{296F390E-E67D-42CC-A9B5-C99475FA0426}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{B45AA28F-40B6-4180-8060-C2041CC25C64}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{8267EFDC-396E-4923-A17F-64F1D49235DD}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{E8F7B0B5-F28A-44F2-A596-38E552D3E0FD}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{49EA2F13-995F-4804-B9AD-271B5151E1A3}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{F0504985-B541-42F3-89A8-3E06860951F8}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{6E19FD7D-6D20-4C1B-A2B6-67838A355C40}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{FA1CF1E9-8AB7-43CF-AD43-6210BF13D3EC}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{39B7F446-1488-4B17-9E8E-67CB1719A76D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{7FA5158A-DAA9-4AEA-88BC-2FA12789082F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{5F7C1B41-E7D4-4038-822A-28C2ECF649E2}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{1663A6F3-972A-4471-928F-8CF4C1E6FF3A}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "{EEF87009-21A9-4A5C-8283-314A05865C71}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{38223F8C-2439-4CD1-8B24-2770838105D3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8948DA83-CD90-4CC9-A30D-7CE8590A360A}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{7A0E8038-4C65-4F9A-BAE2-4FB89DA3F39A}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{15A39996-76A3-447E-B23A-B183A7D33015}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{E2D18A2B-7AF0-41B6-9A8A-390D372E20CC}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8E12ED2C-CAB7-48DB-8B87-697D89756B3E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{41B0CA73-117F-4C2B-9716-FEA22553BEF3}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{393E8B1F-45AE-4ECC-9DB9-7896FD80868E}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{B9B48AE6-1A4F-4474-9E5D-43B7566C662B}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{5ADED539-DEAB-44D7-A4FF-A3CABBC775D4}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{5B37BAC9-CB52-4081-902D-4C40C7799BDF}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= UDP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "UDP Query User{32232337-9A9A-4F8E-995B-B96121180279}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= TCP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "{4D2891ED-9F58-41E5-ACBD-B715E78D0FFA}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{B1F2EB8E-27E0-404B-B37D-1D6DC20704C2}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "TCP Query User{34F12A62-AAC1-43BE-AA05-76A833B6160D}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA "UDP Query User{DBD87A2A-559C-4E8E-A027-FFBAF5A00C2C}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA "{CFF9F89D-11C9-4DF6-9031-E36BB61560C0}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{CB10415B-6F28-46AE-8DA2-E3A0867FFE2A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{A9690691-15E7-4072-AF90-8AC8F1243B41}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{F1FFAE5B-8E59-4843-84BB-DE266B75065A}"= UDP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "{73BEB638-81F0-4E69-A617-553C45D132B7}"= TCP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "TCP Query User{6E1E18F6-DA13-4ADA-8311-A0151FA0ACCB}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= UDP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood "UDP Query User{42263BF7-CD4C-4F65-BAD8-4434EBEEEAA5}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= TCP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood "TCP Query User{AD1A912C-3BE5-497B-B0A5-A24269107AFB}c:\\program files\\ares\\chatserver.exe"= UDP:c:\program files\ares\chatserver.exe:Ares Chat Server "UDP Query User{C9161F3F-44BC-412B-9B03-EE2A20645436}c:\\program files\\ares\\chatserver.exe"= TCP:c:\program files\ares\chatserver.exe:Ares Chat Server R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [2008-04-15 43008] R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-07-16 14:10:16 41456] R4 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2008-04-14 51200] R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-12-27 1153368] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-04-15 179712] --- Altri Servizi/Drivers In Memoria --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9551bc57-ee4e-11dd-9cb0-d133e20ab31a}] \shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uInternet Settings,ProxyOverride = *.local IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\LUCATA~1\AppData\Roaming\Mozilla\Firefox\Profiles\jyd1bmwv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\luca tagliabue\Program Files\DNA\plugins\npbtdna.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-31 12:23:33 Windows 6.0.6001 Service Pack 1 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . --------------------- Dlls caricate dai processi in esecuzione --------------------- - - - - - - - > 'Explorer.exe'(3728) c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\acer\Empowering Technology\EPOWER\SysHook.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\System32\audiodg.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\System32\drivers\XAudio.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\IObit\Advanced SystemCare 3\AWC.exe c:\windows\System32\conime.exe c:\windows\System32\rundll32.exe c:\users\LUCATA~1\AppData\Local\Temp\RtkBtMnt.exe c:\windows\System32\rundll32.exe c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\windows\ehome\ehmsas.exe c:\acer\Empowering Technology\eNet\eNMTray.exe c:\acer\Empowering Technology\ePower\ePower_DMC.exe c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe c:\acer\Empowering Technology\eRecovery\eRAgent.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\acer\Empowering Technology\eAudio\eAudio.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\System32\wbem\WMIADAP.exe . ************************************************************************** . Ora fine scansione: 2009-01-31 12:28:47 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2009-01-31 11:28:30 ComboFix2.txt 2009-01-30 20:08:57 ComboFix3.txt 2009-01-30 20:01:05 ComboFix4.txt 2009-01-25 11:29:49 Pre-Run: 6.220.021.760 byte disponibili Post-Run: 6,213,120,000 byte disponibili 389 --- E O F --- 2009-01-30 10:57:00

  15. Esplora Risorse Ha Smesso Difunzionare

    orco ha risposto a annare nel forum Windows Vista

    provato con combofix? a me ha risolto un problema di visualizzazione delle anteprime, l'unico inconveniente è che mi ha cancellato tutte le impostazioni personalizzate...

  16. Esplora Risorse Ha Smesso Funzionare

    orco ha risposto a enrico3 nel forum Windows Vista

    sei sicura che la tua versione di windows sia aggiornata? che antivirus hai?

  17. Explorer Si Blocca Con Vista

    orco ha risposto a gold24k nel forum Windows Vista

    eccoti il link alla guida per scaricare e postare un log di hijackthis http://forum.wininizio.it/index.php?showtopic=21584 ti si blocca solo con internet explorer? che succede con mozzila?
  18. eccolo ComboFix 09-01-21.04 - luca tagliabue 2009-01-25 12.19.42.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1040.18.3069.1772 [GMT 1:00] Eseguito da: c:\users\luca tagliabue\Downloads\ComboFix.exe * Creato nuovo punto di ripristino . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\InfoSat.txt c:\users\luca tagliabue\AppData\Roaming\.# c:\users\luca tagliabue\AppData\Roaming\drivers\downld c:\users\luca tagliabue\AppData\Roaming\drivers\downld\1127637.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\1129884.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\1130445.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\219415.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\221474.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\222176.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\233907.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\234641.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\234859.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\267775.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\269507.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\270365.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\2996716.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\2998510.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\2999322.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3041738.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3044967.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3047978.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3059008.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3064889.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3067213.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\337414.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3388653.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3396828.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3397218.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3473939.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3479649.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3481068.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3483486.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3495483.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3497339.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\352733.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\354013.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3583483.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3585854.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3586618.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3607195.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3621532.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3626976.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3627179.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3630611.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3631422.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3728377.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3744679.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\3746067.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\407895.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\4201840.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\4210154.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\4211527.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\458237.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\458861.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\459344.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\473151.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\475038.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\475959.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\477643.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\478829.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\479874.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\506051.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\507128.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\507845.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\517080.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\549560.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\583615.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\617061.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\617561.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\617826.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\645500.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\646015.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\646156.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\686700.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\690070.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\690429.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\747010.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\761128.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\762018.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\763375.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\765465.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\767181.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\864885.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\876320.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\881078.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\948189.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\954538.exe c:\users\luca tagliabue\AppData\Roaming\drivers\downld\956114.exe c:\users\luca tagliabue\Documents\My Documents.url c:\users\LUCATA~1\AppData\Roaming\drivers\downld\1127637.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\1129884.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\1130445.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\219415.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\221474.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\222176.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\233907.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\234641.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\234859.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\267775.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\269507.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\270365.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\2996716.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\2998510.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\2999322.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3041738.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3044967.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3047978.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3059008.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3064889.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3067213.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\337414.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3388653.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3396828.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3397218.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3473939.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3479649.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3481068.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3483486.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3495483.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3497339.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\352733.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\354013.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3583483.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3585854.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3586618.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3607195.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3621532.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3626976.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3627179.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3630611.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3631422.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3728377.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3744679.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\3746067.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\407895.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\4201840.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\4210154.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\4211527.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\458237.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\458861.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\459344.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\473151.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\475038.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\475959.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\477643.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\478829.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\479874.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\506051.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\507128.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\507845.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\517080.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\549560.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\583615.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\617061.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\617561.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\617826.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\645500.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\646015.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\646156.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\686700.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\690070.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\690429.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\747010.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\761128.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\762018.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\763375.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\765465.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\767181.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\864885.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\876320.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\881078.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\948189.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\954538.exe c:\users\LUCATA~1\AppData\Roaming\drivers\downld\956114.exe c:\users\LUCATA~1\DOCUME~1\My Documents.url D:\resycled d:\resycled\boot.com.VIR . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((( Files Creati Da 2008-12-25 al 2009-01-25 ))))))))))))))))))))))))))))))))))) . 2009-01-24 17:14 . 2009-01-24 17:15 <DIR> d-------- c:\program files\QuickTime 2009-01-24 16:49 . 2009-01-24 16:49 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\Media Player Classic 2009-01-24 16:49 . 2009-01-24 16:49 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Media Player Classic 2009-01-23 12:38 . 2009-01-23 12:38 <DIR> d-------- c:\program files\Utherverse Digital Inc 2009-01-21 17:37 . 2009-01-21 17:37 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\Sierra Entertainment 2009-01-21 17:37 . 2009-01-21 17:37 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\Sierra Entertainment 2009-01-21 17:17 . 2009-01-21 17:17 <DIR> dr-h----- c:\users\LUCATA~1\AppData\Roaming\SecuROM 2009-01-21 17:17 . 2009-01-21 17:17 <DIR> dr-h----- c:\users\luca tagliabue\AppData\Roaming\SecuROM 2009-01-21 17:09 . 2009-01-21 17:09 <DIR> d-------- c:\program files\AGEIA Technologies 2009-01-21 17:08 . 2009-01-21 17:08 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2009-01-21 16:55 . 2009-01-21 16:55 <DIR> d-------- c:\program files\Sierra Entertainment 2009-01-21 16:53 . 2009-01-21 16:53 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\InstallShield 2009-01-21 16:53 . 2009-01-21 16:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\InstallShield 2009-01-19 20:14 . 2009-01-19 20:14 <DIR> d-------- c:\users\luca tagliabue\DVD Decrypter 3 2009-01-19 20:11 . 2009-01-19 20:11 <DIR> d-------- c:\users\luca tagliabue\Roxio 2009-01-19 19:40 . 2009-01-19 19:40 <DIR> d-------- c:\program files\SlySoft 2009-01-14 13:19 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2009-01-12 16:42 . 2009-01-24 14:46 <DIR> d-------- c:\users\luca tagliabue\Tracing 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-01-12 16:36 . 2009-01-24 17:15 <DIR> d-------- c:\program files\Microsoft 2009-01-12 16:28 . 2009-01-12 16:28 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-10 00:22 . 2009-01-10 00:22 <DIR> d-------- c:\program files\Google 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\users\All Users\KONAMI 2009-01-10 00:09 . 2009-01-10 00:09 <DIR> d-------- c:\progra~2\KONAMI 2009-01-10 00:04 . 2009-01-10 00:04 <DIR> d-------- c:\program files\KONAMI 2009-01-09 17:10 . 2009-01-09 17:10 <DIR> d-------- c:\program files\YouTube Toolbar 2009-01-09 15:27 . 2009-01-09 15:27 <DIR> d-------- c:\program files\Sveglia 2009-01-09 10:19 . 2009-01-09 10:19 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\avidemux 2009-01-09 10:19 . 2009-01-09 10:19 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\avidemux 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\users\All Users\AVS4YOU 2009-01-09 10:13 . 2009-01-09 10:13 <DIR> d-------- c:\progra~2\AVS4YOU 2009-01-09 10:11 . 2009-01-09 12:09 <DIR> d-------- c:\program files\Common Files\AVSMedia 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\DAEMON Tools Pro 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Pro 2009-01-09 09:53 . 2009-01-09 09:53 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-01-09 09:52 . 2009-01-09 09:53 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:53 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\program files\DAEMON Tools Lite 2009-01-09 09:52 . 2009-01-09 09:52 <DIR> d-------- c:\progra~2\DAEMON Tools Lite 2009-01-09 09:43 . 2009-01-09 09:43 <DIR> d-------- c:\program files\Common Files\Adobe 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\program files\iTunes 2009-01-09 09:39 . 2009-01-09 09:39 <DIR> d-------- c:\program files\iPod 2009-01-09 09:39 . 2009-01-09 09:40 <DIR> d-------- c:\progra~2\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-09 09:38 . 2009-01-09 09:38 <DIR> d-------- c:\program files\Common Files\xing shared 2009-01-09 09:36 . 2009-01-09 09:36 <DIR> d-------- c:\program files\RichFX 2009-01-09 09:33 . 2009-01-10 21:33 <DIR> d-------- c:\users\LUCATA~1\AppData\Roaming\vlc 2009-01-09 09:33 . 2009-01-10 21:33 <DIR> d-------- c:\users\luca tagliabue\AppData\Roaming\vlc 2009-01-09 09:19 . 2009-01-09 09:19 <DIR> d-------- c:\program files\filehippo.com 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\users\All Users\Avira 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\program files\Avira 2009-01-08 14:43 . 2009-01-08 14:43 <DIR> d-------- c:\progra~2\Avira 2009-01-07 22:57 . 2009-01-07 22:57 <DIR> d-------- c:\program files\CCleaner 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\users\All Users\NtiDvdCopy 2009-01-04 19:20 . 2009-01-04 19:20 <DIR> d-------- c:\progra~2\NtiDvdCopy 2008-12-27 13:36 . 2009-01-24 17:20 <DIR> d-------- c:\users\All Users\Spybot - Search & Destroy 2008-12-27 13:36 . 2009-01-04 20:38 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-27 13:36 . 2009-01-24 17:20 <DIR> d-------- c:\progra~2\Spybot - Search & Destroy . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-25 11:21 --------- d--h--w c:\users\LUCATA~1\AppData\Roaming\drivers 2009-01-25 11:21 --------- d--h--w c:\users\luca tagliabue\AppData\Roaming\drivers 2009-01-25 11:14 0 ----a-w C:\backup.reg 2009-01-24 19:31 28,694 ----a-w c:\users\LUCATA~1\AppData\Roaming\nvModes.dat 2009-01-24 19:31 28,694 ----a-w c:\users\luca tagliabue\AppData\Roaming\nvModes.dat 2009-01-24 16:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-01-23 18:01 --------- d-----w c:\program files\McAfee 2009-01-23 18:01 --------- d-----w c:\progra~2\McAfee 2009-01-23 14:20 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\Skype 2009-01-23 14:20 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Skype 2009-01-23 14:12 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\skypePM 2009-01-23 14:12 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\skypePM 2009-01-23 01:57 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\DNA 2009-01-23 01:57 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\DNA 2009-01-21 15:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-21 15:45 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\Orbit 2009-01-21 15:45 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\Orbit 2009-01-21 15:45 --------- d-----w c:\program files\Acer GameZone 2009-01-20 14:18 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\dvdcss 2009-01-20 14:18 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\dvdcss 2009-01-15 02:04 --------- d-----w c:\program files\Windows Mail 2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-01-12 15:40 --------- d-----w c:\program files\Windows Live 2009-01-09 11:10 --------- d-----w c:\program files\NCH Software 2009-01-09 09:42 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\NCH Software 2009-01-09 09:42 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\NCH Software 2009-01-09 09:41 --------- d-----w c:\progra~2\NCH Software 2009-01-09 08:56 --------- d-----w c:\program files\Safari 2009-01-09 08:53 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\DAEMON Tools 2009-01-09 08:53 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\DAEMON Tools 2009-01-09 08:48 410,984 ----a-w c:\windows\System32\deploytk.dll 2009-01-09 08:48 --------- d-----w c:\program files\Java 2009-01-09 08:37 --------- d-----w c:\program files\Common Files\Real 2009-01-07 16:15 --------- d-----w c:\program files\DNA 2008-12-23 17:20 --------- d-----w c:\program files\Safer Networking 2008-12-23 09:42 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\BitTorrent 2008-12-23 09:42 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\BitTorrent 2008-12-21 17:47 --------- d-----w c:\users\LUCATA~1\AppData\Roaming\OpenOffice.org 2008-12-21 17:47 --------- d-----w c:\users\luca tagliabue\AppData\Roaming\OpenOffice.org 2008-12-21 17:46 2,740 ----a-w c:\users\LUCATA~1\AppData\Roaming\wklnhst.dat 2008-12-21 17:46 2,740 ----a-w c:\users\luca tagliabue\AppData\Roaming\wklnhst.dat 2008-12-21 17:30 --------- d-----w c:\program files\OpenOffice.org 3 2008-12-21 17:30 --------- d-----w c:\program files\JRE 2008-12-21 17:27 --------- d-----w c:\program files\Common Files\Java 2008-12-19 20:08 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-12-11 15:45 --------- d-----w c:\progra~2\Microsoft Help 2008-12-04 21:55 307,560 ----a-w c:\windows\WLXPGSS.SCR 2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll 2008-12-01 17:11 --------- d-----w c:\program files\Veoh Networks 2008-11-29 18:49 --------- d-----w c:\program files\BitTorrent 2008-11-28 20:11 --------- d-----w c:\program files\securedie 2008-11-28 20:10 2,560 ----a-w c:\windows\_MSRSTRT.EXE 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-04 09:17 56 ---ha-w c:\users\All Users\ezsidmv.dat 2008-10-04 09:17 56 ---ha-w c:\progra~2\ezsidmv.dat 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-01-03 01:00 39472 --a------ c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2008-01-21 1233920] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-01-24 102400] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-11-22 178712] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-03-11 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 8534560] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-11 88608] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-09 136600] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-09 185872] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-24 c:\windows\RtHDVCpl.exe] c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-04-14 535336] SETAUDIO.EXE [2008-04-04 20480] SETRES.EXE [2008-04-04 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2009-01-09 09:36 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler "drvsyskit"=c:\users\luca tagliabue\AppData\Roaming\drivers\winupgro.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" "WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2013700888-2578411824-3608626932-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{97CA8B48-19BC-4B94-AE51-F935D6FC545F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{3E62AD61-DBB0-455E-AB7E-42ED940B3C3D}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{D68CB044-2502-4D88-B11A-A2067B1E14B1}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{B99CEF3F-C7EF-4CCA-B3F6-A337A49B608D}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{3DD9CB57-77B5-4965-BA0B-4B5DF0BC5649}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{8280F994-1653-4E76-A5C7-B592332BBA79}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{AFF9E6A0-8BFC-4FE6-B6BB-9258BACF0651}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{296F390E-E67D-42CC-A9B5-C99475FA0426}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{B45AA28F-40B6-4180-8060-C2041CC25C64}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{8267EFDC-396E-4923-A17F-64F1D49235DD}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{E8F7B0B5-F28A-44F2-A596-38E552D3E0FD}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{49EA2F13-995F-4804-B9AD-271B5151E1A3}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{F0504985-B541-42F3-89A8-3E06860951F8}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{6E19FD7D-6D20-4C1B-A2B6-67838A355C40}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{FA1CF1E9-8AB7-43CF-AD43-6210BF13D3EC}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{39B7F446-1488-4B17-9E8E-67CB1719A76D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{7FA5158A-DAA9-4AEA-88BC-2FA12789082F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{5F7C1B41-E7D4-4038-822A-28C2ECF649E2}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{1663A6F3-972A-4471-928F-8CF4C1E6FF3A}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "{EEF87009-21A9-4A5C-8283-314A05865C71}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{38223F8C-2439-4CD1-8B24-2770838105D3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8948DA83-CD90-4CC9-A30D-7CE8590A360A}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{7A0E8038-4C65-4F9A-BAE2-4FB89DA3F39A}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{15A39996-76A3-447E-B23A-B183A7D33015}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{E2D18A2B-7AF0-41B6-9A8A-390D372E20CC}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{8E12ED2C-CAB7-48DB-8B87-697D89756B3E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{41B0CA73-117F-4C2B-9716-FEA22553BEF3}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{393E8B1F-45AE-4ECC-9DB9-7896FD80868E}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{B9B48AE6-1A4F-4474-9E5D-43B7566C662B}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{5ADED539-DEAB-44D7-A4FF-A3CABBC775D4}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "TCP Query User{5B37BAC9-CB52-4081-902D-4C40C7799BDF}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= UDP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "UDP Query User{32232337-9A9A-4F8E-995B-B96121180279}c:\\users\\luca tagliabue\\program files\\dna\\btdna.exe"= TCP:c:\users\luca tagliabue\program files\dna\btdna.exe:btdna.exe "{4D2891ED-9F58-41E5-ACBD-B715E78D0FFA}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{B1F2EB8E-27E0-404B-B37D-1D6DC20704C2}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "TCP Query User{34F12A62-AAC1-43BE-AA05-76A833B6160D}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA "UDP Query User{DBD87A2A-559C-4E8E-A027-FFBAF5A00C2C}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA "{CFF9F89D-11C9-4DF6-9031-E36BB61560C0}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{CB10415B-6F28-46AE-8DA2-E3A0867FFE2A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{A9690691-15E7-4072-AF90-8AC8F1243B41}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{F1FFAE5B-8E59-4843-84BB-DE266B75065A}"= UDP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "{73BEB638-81F0-4E69-A617-553C45D132B7}"= TCP:c:\program files\Sierra Entertainment\Empire Earth III\EE3.exe:Empire Earth III "TCP Query User{6E1E18F6-DA13-4ADA-8311-A0151FA0ACCB}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= UDP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood "UDP Query User{42263BF7-CD4C-4F65-BAD8-4434EBEEEAA5}c:\\program files\\ubisoft\\gearbox software\\brothersinarmseib\\system\\eib.exe"= TCP:c:\program files\ubisoft\gearbox software\brothersinarmseib\system\eib.exe:Brothers In Arms Earned In Blood R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [2008-04-15 43008] R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-07-16 14:10:16 41456] R4 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2008-04-14 51200] R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-12-27 809296] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-04-15 179712] --- Altri Servizi/Drivers In Memoria --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{097f4ac0-c2bc-11dd-9912-95c2a73b17f8}] \shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b08d4fe-e625-11dd-b4e0-f5231671e9a0}] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bef25310-9f76-11dd-aca2-d5ede61a9ee9}] \shell\AutoRun\command - ceb6eu98.bat \shell\explore\Command - ceb6eu98.bat \shell\open\Command - ceb6eu98.bat . - - - - CHIAVI ORFANE RIMOSSE - - - - HKCU-Run-german.exe - c:\windows\system32\wintems.exe . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uInternet Settings,ProxyOverride = *.local IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\LUCATA~1\AppData\Roaming\Mozilla\Firefox\Profiles\jyd1bmwv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\luca tagliabue\Program Files\DNA\plugins\npbtdna.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: ************************************************************************** . Ora fine scansione: 2009-01-25 12:29:49 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2009-01-25 11:29:47 Pre-Run: 7.811.465.216 byte disponibili Post-Run: 7,406,346,240 byte disponibili 456 --- E O F --- 2009-01-24 16:16:02
  19. come amministratore mi funziona, solo che non riesco ad aprire una risorsa di rete con questo programma. sapresti dirmi come fare? il programma è quello giusto, ho fatto una prova con una cartella generica ed ha funzionato, solo che ho questo problema. grazie
  20. salve! vado subito al sodo: quando chiudo IE, l'applcazione si blocca e devo avviare gestione attivita. lì mi accorgo che i processi legati a IE sono due iexplorer.exe. in più chè anche iuser.exe (in xp non c'era, è normale che ci sia in vista?). a volte, ma non sempre, la cpu va al 100% (ed ho un dual core). non so che fare.Mcafee non mi rileva niente, ma malwarebytes mi rileva un troyan. a stento il troyan l'ho eliminato.vi posto il log di malwarebytes (ante rimozione troyan) e di hijack Malwarebytes' Anti-Malware 1.30 Versione del database: 1373 Windows 6.0.6001 Service Pack 1 08/11/2008 14.51.56 mbam-log-2008-11-08 (14-51-56).txt Tipo di scansione: Scansione completa (C:\|D:\|) Elementi scansionati: 148397 Tempo trascorso: 1 hour(s), 19 minute(s), 1 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 0 Valori di registro infetti: 0 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 1 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: (Nessun elemento malevolo rilevato) Valori di registro infetti: (Nessun elemento malevolo rilevato) Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer (Rogue.WebMediaPlayer) -> Delete on reboot. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17.24.44, on 08/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Windows\System32\rundll32.exe C:\Windows\PLFSetI.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\luca tagliabue\Program Files\DNA\btdna.exe C:\Users\luca tagliabue\AppData\Local\wkoecaw.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\LUCATA~1\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Internet Explorer\IEUser.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Users\luca tagliabue\Desktop\HyperCut.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe C:\Windows\system32\SearchFilterHost.exe D:\EGIS_Drive\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\luca tagliabue\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [wkoecaw] "c:\users\luca tagliabue\appdata\local\wkoecaw.exe" wkoecaw O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: SETAUDIO.EXE O4 - Global Startup: SETRES.EXE O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10638 bytes grazie in anticipo per l'attenzione
  21. grazie, già da tempo avevo risorto il problema installando mozzila e spybot, adesso ho provato combofix e mi ha trovato altri virus, tra l'altro ha risolto anche un problema di visualizzazione delle icone al quale mi ero rassegnato. grazie mille per il programma, è veloce ed efficente
  22. JDirPrinter non mi funziona! ho windows vista e credo che sia incompatibile. ho provato ad eseguirlo in modalità xp, ma niente da fare. cosa posso fare? il programma sembra ideale...
  23. salve, ho un problema con IE.mi carica pagine che poi il mio antivirus, mc afee, mi blocca, sono pagine che non voglio caricare. vi posto il logfile di hijack. ieri mcafee mi rilevava due trojan sul processo conime.exe (non in esecuzione, tra l'altro), trojan che non riusciva a rimuovere. sempre ieri ho provato a eliminare conime.exe da cartella system32, ma non ci sonoriuscito. oggi quei trojan sembrano non essere mai esistiti, il computer sembra pulito. cosa posso fare? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18.33.55, on 22/10/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Windows\PLFSetI.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\luca tagliabue\AppData\Local\wgpybk.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\ehome\ehmsas.exe C:\Users\LUCATA~1\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Internet Explorer\ieuser.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Users\luca tagliabue\Desktop\HyperCut.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\EGIS_Drive\HijackThis.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [wgpybk] "c:\users\luca tagliabue\appdata\local\wgpybk.exe" wgpybk O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: SETAUDIO.EXE O4 - Global Startup: SETRES.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{28DBB6BB-DC31-471F-BF9B-BFA84D3D7F9E}: NameServer = 85.37.17.42 85.38.28.87 O17 - HKLM\System\CS1\Services\Tcpip\..\{28DBB6BB-DC31-471F-BF9B-BFA84D3D7F9E}: NameServer = 85.37.17.42 85.38.28.87 O17 - HKLM\System\CS2\Services\Tcpip\..\{28DBB6BB-DC31-471F-BF9B-BFA84D3D7F9E}: NameServer = 85.37.17.42 85.38.28.87 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10757 bytes
  24. ho installato tutti i programmi, tranne combofix (bloccato dall'antivirus). hanno trovato molte schifezze, ma il problema rimane! il log per adesso ve lo posto qui, anche se so che ci sono delle discussioni dedicate. Malwarebytes' Anti-Malware 1.30 Versione del database: 1311 Windows 6.0.6001 Service Pack 1 24/10/2008 11.15.00 mbam-log-2008-10-24 (11-15-00).txt Tipo di scansione: Scansione completa (C:\|D:\|) Elementi scansionati: 141413 Tempo trascorso: 1 hour(s), 1 minute(s), 55 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 1 Valori di registro infetti: 3 Elementi dato del registro infetti: 0 Cartelle infette: 4 File infetti: 9 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. Valori di registro infetti: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully. Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: C:\Program Files\WebMediaPlayer (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\resources (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\skins (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\updates (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. File infetti: C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\sqlite3.dll (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\uninst.exe (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Program Files\WebMediaPlayer\skins\classic.skn (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully. C:\Users\luca tagliabue\Install.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Users\luca tagliabue\Favorites\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Users\Public\Desktop\WebMediaPlayer.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer (Rogue.WebMediaPlayer) -> Delete on reboot.