Pagina 1 di 1

Vista si blocca senza BlueScreen

MessaggioInviato: lun lug 13, 2009 10:08 am
da Danilo22
Salve a tutti,
da qualche tempo usando Vista (Home premium SP1) mi si blocca e devo riavviare premendo il tastino di Reset.
Avviando in Modalità Provvisoria, provo a disattivare qualche Hardware e disattivando la scheda video (Nvidia GeForce 8400 GS) sembra andare.
Facendo una scansione con l'antivirus (avast) mi rileva qualche Trojan provo a eliminarli e continua la scansione (...e dopo un po' si blocca piantando la scansione sui 30%)
Dopo, tento di avviare qualche programma da far lavorare un po' il computer... avvio un gioco (inkball) e si blocca. Ritento con Media Center e succede la stessa cosa.
Pero', disattivando la scheda dopo un po' (anche in modalità provvisoria) capita sempre la stessa cosa!
La domanda è...

Posso usare Vista senza continui blocchi?

Grazie! [XX(]

Dimenticavo, quando si blocca non lavora piu' niente e non viene mostrato neanche una schermata blu.
Quando va bene... il PC si riavvia.

Grazie! [sadbye]

Re: Vista si blocca senza BlueScreen

MessaggioInviato: lun lug 13, 2009 11:41 am
da Roberto88
se ce la fai prova a scansionare con questo http://www.MegaLab.it/2349/trend-micro-sysclean leggi l'articolo per capire dove scompattare e scaricare gli aggiornamenti e in ogni caso controlla se riesci a postare qui il log di ComboFix (quando lo scarichi rinominalo in altro modo)

Re: Vista si blocca senza BlueScreen

MessaggioInviato: lun lug 13, 2009 3:11 pm
da Danilo22
[grazie] , provo.
Ma se si bloccasse in una delle due scansioni fa danni sul pc oppure posso farlo ripartire tranquillamente?

Re: Vista si blocca senza BlueScreen

MessaggioInviato: mar lug 14, 2009 6:09 pm
da Danilo22
[ciao] , sono riuscito a fare la scansione con ComboFix.
Ecco il Log:

ComboFix 09-07-13.01 - Danilo 14/07/2009 18.50.05.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.3070.1957 [GMT 2:00]
Eseguito da: c:\users\Danilo\Desktop\lalala.exe
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\users\Danilo\AppData\Local\kmmqi.dat
c:\users\Danilo\AppData\Local\kmmqi.exe
c:\users\Danilo\AppData\Local\kmmqi_nav.dat
c:\users\Danilo\AppData\Local\kmmqi_navps.dat
c:\windows\HCWemmon.exe
c:\windows\Installer\7256a.msi
c:\windows\Installer\860e8.msp

.
((((((((((((((((((((((((( Files Creati Da 2009-06-14 al 2009-07-14 )))))))))))))))))))))))))))))))))))
.

2009-07-14 17:01 . 2009-07-14 17:02 -------- d-----w- c:\users\Danilo\AppData\Local\temp
2009-07-14 17:01 . 2009-07-14 17:01 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-07-14 17:01 . 2009-07-14 17:01 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2009-06-30 13:17 . 2009-06-30 13:17 -------- d-----w- c:\users\Administrator\AppData\Roaming\VMware
2009-06-30 12:56 . 2009-06-30 13:16 -------- d-----w- c:\program files\Uniblue
2009-06-30 12:56 . 2009-06-30 12:56 -------- d-----w- c:\users\Danilo\AppData\Roaming\Uniblue
2009-06-17 12:00 . 2009-06-30 14:16 -------- d-----w- c:\programdata\BOINC
2009-06-17 12:00 . 2009-06-17 13:06 -------- d-----w- c:\program files\BOINC

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-14 16:47 . 2008-08-14 17:40 -------- d-----w- c:\programdata\Microsoft Help
2009-07-14 16:41 . 2009-06-01 07:15 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-14 16:38 . 2008-07-12 09:24 1356 ----a-w- c:\users\Danilo\AppData\Local\d3d9caps.dat
2009-07-03 08:13 . 2006-11-06 01:52 668148 ----a-w- c:\windows\system32\perfh010.dat
2009-07-03 08:13 . 2006-11-06 01:52 122306 ----a-w- c:\windows\system32\perfc010.dat
2009-07-03 06:12 . 2008-07-24 07:21 -------- d-----w- c:\programdata\NVIDIA
2009-07-03 06:11 . 2009-03-18 10:45 -------- d-----w- c:\programdata\VMware
2009-07-02 12:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-02 12:02 . 2008-09-17 15:56 -------- d-----w- c:\users\Danilo\AppData\Roaming\vlc
2009-07-02 12:02 . 2009-03-19 19:45 -------- d-----w- c:\users\Danilo\AppData\Roaming\BitTorrent
2009-07-02 12:02 . 2008-09-18 15:39 -------- d-----w- c:\program files\Yahoo!
2009-07-02 12:02 . 2008-10-10 11:38 -------- d-----w- c:\program files\Electronic Arts
2009-07-02 12:02 . 2008-09-05 12:37 -------- d-----w- c:\program files\CamStudio
2009-07-02 11:46 . 2008-08-01 12:30 -------- d-----w- c:\program files\WebSite X5 Evolution
2009-06-30 13:14 . 2009-06-08 18:41 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-06-12 11:29 . 2009-06-12 11:29 94 ----a-w- c:\users\Danilo\AppData\Local\fusioncache.dat
2009-06-12 11:20 . 2008-07-18 10:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-12 11:18 . 2008-07-17 11:23 -------- d-----w- c:\program files\Google
2009-06-11 13:30 . 2008-09-18 15:42 -------- d-----w- c:\programdata\Yahoo!
2009-06-08 19:39 . 2009-06-08 19:32 680 ----a-w- c:\users\Administrator\AppData\Local\d3d9caps.dat
2009-06-06 07:43 . 2009-04-10 08:41 66 ----a-w- c:\users\Danilo\AppData\Roaming\ispro4_1.tmp
2009-06-05 14:55 . 2008-10-10 11:50 -------- d-----w- c:\programdata\Electronic Arts
2009-06-05 14:53 . 2009-06-05 14:53 -------- d-----w- c:\program files\Microsoft WSE
2009-06-02 12:56 . 2009-06-02 12:56 -------- d-----w- c:\program files\Common Files\SourceTec
2009-06-02 12:56 . 2009-06-02 12:56 -------- d-----w- c:\program files\SourceTec
2009-06-01 18:16 . 2008-07-12 09:13 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-01 10:38 . 2009-06-01 10:37 5309373 ----a-w- c:\windows\system32\ts3_scr_01.scr
2009-06-01 10:35 . 2009-06-01 10:35 3336867 ----a-w- c:\windows\system32\ts3_scr_04.scr
2009-06-01 07:23 . 2009-06-01 07:23 -------- d-----w- c:\programdata\Messenger Plus!
2009-05-30 13:47 . 2009-03-18 11:01 -------- d-----w- c:\users\Danilo\AppData\Roaming\VMware
2009-05-30 11:59 . 2009-05-30 11:59 152784 ----a-w- c:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-29 14:15 . 2009-05-26 15:13 -------- d-----w- c:\users\Danilo\AppData\Roaming\Download Manager
2009-05-26 15:50 . 2009-05-26 15:50 -------- d-----w- c:\users\Danilo\AppData\Roaming\Messenger_for_Skype
2009-05-26 15:50 . 2009-05-26 15:50 237568 ----a-w- c:\programdata\Skype\Plugins\Plugins\1738568061F344A1A4CB20704FFEDA01\MessengerForSkype.exe
2009-05-26 15:50 . 2009-05-26 15:50 184320 ----a-w- c:\programdata\Skype\Plugins\Plugins\1738568061F344A1A4CB20704FFEDA01\XihSolutions.DotMSN.dll
2009-05-26 15:50 . 2009-05-26 15:50 176128 ----a-w- c:\programdata\Skype\Plugins\Plugins\1738568061F344A1A4CB20704FFEDA01\Interop.SKYPE4COMLib.dll
2009-05-26 15:47 . 2008-11-23 18:22 -------- d-----w- c:\users\Danilo\AppData\Roaming\Skype
2009-05-26 15:09 . 2009-05-26 15:09 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-05-26 14:28 . 2008-11-23 18:24 -------- d-----w- c:\users\Danilo\AppData\Roaming\skypePM
2009-05-26 13:59 . 2009-04-28 17:52 -------- d-----w- c:\programdata\Kaspersky Lab
2009-04-27 14:58 . 2008-12-27 21:18 10684866 ----a-w- c:\users\Danilo\AppData\Roaming\Azureus\plugins\azump\mplayer.exe
2009-04-18 10:38 . 2009-04-18 10:38 36864 ----a-w- c:\programdata\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
2009-04-18 10:38 . 2009-04-18 10:38 3351812 ----a-w- c:\programdata\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
2009-04-18 10:38 . 2009-04-18 10:38 3181612 ----a-w- c:\programdata\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
2009-04-18 09:42 . 2009-04-18 10:39 24521320 ----a-w- c:\programdata\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_it.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GladinetIconOverlay]
@="{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}"
[HKEY_CLASSES_ROOT\CLSID\{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}]
2009-03-30 22:38 41680 ----a-w- c:\program files\Gladinet\Gladinet Cloud Desktop\GlOverlayIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Ashampoo AntiSpyWare 2 Guard"=c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
"EA Core"=c:\program files\Electronic Arts\EADM\Core.exe -silent
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"Yodm3D"=c:\users\Danilo\Yod'm 3D\Yodm3D.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"kmmqi"="c:\users\danilo\appdata\local\kmmqi.exe" kmmqi
"BitTorrent DNA"="c:\users\Danilo\Program Files\DNA\btdna.exe"
"Google Update"="c:\users\Danilo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HCWemmon"=HCWemmon.exe
"AntiSpyWare2Guard"=c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"Babylon Client"=c:\program files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-30050762-2471864628-2821252809-1000]
"EnableNotificationsRef"=dword:00000006

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{31B26B38-F36E-480E-8CC2-2ECDC739C5FE}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{ECC400FE-7C9A-48E9-932F-640FDC3E4824}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{38D0B2B6-F6DC-4D61-9CFB-CB321FC07991}c:\\program files\\website x5 evolution\\website.exe"= UDP:c:\program files\website x5 evolution\website.exe:WebSite X5
"UDP Query User{DFBB8284-F898-4904-A344-34CE9D035096}c:\\program files\\website x5 evolution\\website.exe"= TCP:c:\program files\website x5 evolution\website.exe:WebSite X5
"TCP Query User{A745DEED-B4CC-4CD5-99AA-7C431B6D631A}c:\\windows\\ehome\\ehexthost.exe"= UDP:c:\windows\ehome\ehexthost.exe:Media Center Extensibility Host
"UDP Query User{CEE32229-A671-4841-90D4-DE8C5261B498}c:\\windows\\ehome\\ehexthost.exe"= TCP:c:\windows\ehome\ehexthost.exe:Media Center Extensibility Host
"{ED9636E6-C6F3-47DD-8AB0-12AD14619964}"= UDP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{2834E089-5796-463D-B439-C482B212B918}"= TCP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{F64CB847-5254-440D-B611-F28618C6A953}"= UDP:5000:AresChatServer
"TCP Query User{48A31C13-069A-434F-9969-8E33F7020EF6}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"UDP Query User{AABFDA9B-7821-413C-AB16-4ABA33180C50}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"{902E10EF-A5DD-4C70-B5AF-770B555EEB9F}"= UDP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{2DCF446A-C34D-4DBB-80B7-BF1B79850AF3}"= TCP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{E74C9796-ED8A-4039-AAC7-CD003AF149A7}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{8DC73E9C-69B7-4D51-A4C9-151651885856}c:\\users\\danilo\\pictures\\tutto per skin xp\\icone\\utorrent.exe"= UDP:c:\users\danilo\pictures\tutto per skin xp\icone\utorrent.exe:utorrent.exe
"UDP Query User{0F7570D7-2A75-4BFE-A35B-1C38F265CB2A}c:\\users\\danilo\\pictures\\tutto per skin xp\\icone\\utorrent.exe"= TCP:c:\users\danilo\pictures\tutto per skin xp\icone\utorrent.exe:utorrent.exe
"TCP Query User{D6C127B3-064A-4E77-BFB3-0A26EBE828AE}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{2EAE5818-C1EA-4DD8-BE48-DAAE0A027450}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{3BFB182D-A09D-4353-9610-EF4F6F5CAECC}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{7C1FDFA8-0D14-4169-AC71-767F9DEF6C98}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{52195E2A-D78E-46B9-B8EE-95C88DFF740F}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{F46FE465-6917-4118-A49F-0717EAF42CA3}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{ED950C0F-74F1-4F92-83BA-FC37BC6928B8}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B5DCCE9A-9E72-43B5-B4BC-A6EEF1A132C7}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{1C66168D-B725-4016-8354-A4A0B553EAA1}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{21A6C170-006E-4B06-B81A-B284E1FCACA7}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{496CBA07-CAC4-4BD1-8E56-3F6FC5734493}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AC996B6D-3F04-4192-A06E-623475D623F7}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{A347AA3D-E40F-40F5-9A94-73BFFCB7B930}"= UDP:c:\program files\VMware\VMware Workstation\vmware-authd.exe:VMware Authd
"{EE4FF057-14E9-41E6-B031-D83E3E05E76A}"= TCP:c:\program files\VMware\VMware Workstation\vmware-authd.exe:VMware Authd
"{0FB4B127-F4F0-47A0-8CF8-39E5C2C6331D}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{CA9B8188-35F0-4102-925F-FA420AC9869A}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"TCP Query User{EEECA409-42F7-4A7F-8732-86929A5D469F}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{C0C26BB5-FD5A-41E5-9DC9-362D3D0F6A04}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2F6A37F0-BF32-477F-8F0B-DD8B8722EE1C}c:\\users\\danilo\\program files\\dna\\btdna.exe"= UDP:c:\users\danilo\program files\dna\btdna.exe:btdna.exe
"UDP Query User{E5C5357B-6A46-4D4E-AAB0-BFFC7F34C215}c:\\users\\danilo\\program files\\dna\\btdna.exe"= TCP:c:\users\danilo\program files\dna\btdna.exe:btdna.exe
"TCP Query User{BE09A888-0141-4A80-9EED-DCB259487918}c:\\users\\danilo\\program files\\dna\\btdna.exe"= UDP:c:\users\danilo\program files\dna\btdna.exe:btdna.exe
"UDP Query User{9D589E7D-4910-4F64-B710-2B90636F2435}c:\\users\\danilo\\program files\\dna\\btdna.exe"= TCP:c:\users\danilo\program files\dna\btdna.exe:btdna.exe
"{ED5C3189-B5FF-4DF1-B57A-D55E7738687D}"= UDP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{A3E941B2-8E64-4AEC-BFFB-C1EFE298FC38}"= TCP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{E59CB3F9-3139-471D-AD59-28046FCA63B7}"= UDP:c:\program files\Microsoft LifeCam\LifeEnC2.exe:LifeEnC2.exe
"{070F73B7-8E39-4A8F-87DC-FD9C5AA06A49}"= TCP:c:\program files\Microsoft LifeCam\LifeEnC2.exe:LifeEnC2.exe
"{D305E2F9-B1E9-4225-96C5-52AA60738051}"= UDP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{9AF95466-D661-4C69-BBD8-72D8F3D5178B}"= TCP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{FC3D169A-B622-4BD5-98D6-3DF76E65B11F}"= UDP:c:\program files\Microsoft LifeCam\LifeTray.exe:LifeTray.exe
"{9CAD9CB6-21D5-447B-A665-1289C166E59E}"= TCP:c:\program files\Microsoft LifeCam\LifeTray.exe:LifeTray.exe
"TCP Query User{B8D1DA57-E672-4FE9-A80E-0B624A319FDF}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{3E7286E3-935B-4773-9491-784120F6AE26}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{158AD479-B085-478B-8AA2-B89FDAA4FB67}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{5BA292FE-ADD0-42BA-9302-B3A6470B4BF8}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{CE1B75BE-E8BF-4423-892C-16F8A933DADA}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{F8F24891-7303-43D8-88CC-1942EFAD79C7}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{E5608909-8596-4E52-9162-B4A257FE6F61}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{4E2714B7-8B13-47A1-84C9-F8B0BB067D11}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{13C9FFF3-209D-419E-B387-6A95D6A6067D}"= UDP:c:\program files\Gladinet\Gladinet Cloud Desktop\GladinetClient.exe:Gladinet Cloud Desktop
"{ACBB63AE-714C-444C-A54F-ECED86588838}"= TCP:c:\program files\Gladinet\Gladinet Cloud Desktop\GladinetClient.exe:Gladinet Cloud Desktop
"TCP Query User{A91A7F5B-8F9A-447B-B65B-8743204FFF5A}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{3437A1B3-BD3C-47D2-B9F5-0F1AE3E6B409}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [26/05/2009 16.03.20 114768]
R1 pctfw2;pctfw2;c:\windows\System32\drivers\pctfw2.sys [03/08/2008 21.26.30 160648]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [26/05/2009 16.03.20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [26/05/2009 16.02.54 51792]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [12/02/2009 16.56.17 603904]
R2 vmci;VMware vmci;c:\windows\System32\drivers\vmci.sys [29/10/2008 0.08.58 54960]
S2 gupdate1c990444083246e;Servizio di Google Update (gupdate1c990444083246e);c:\program files\Google\Update\GoogleUpdate.exe [16/02/2009 16.38.34 133104]
S4 AASW2_Service;Ashampoo AntiSpyWare 2 Service;c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [19/09/2008 15.58.21 730968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-07-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-16 05:36]

2009-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 14:38]

2009-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 14:38]

2009-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30050762-2471864628-2821252809-1000.job
- c:\users\Danilo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-26 07:22]

2009-07-14 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:20]

2009-07-14 c:\windows\Tasks\User_Feed_Synchronization-{E4B4FD53-84BE-4144-BA15-452AC7327637}.job
- c:\windows\system32\msfeedssync.exe [2009-04-09 11:31]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.yahoo.com/
mStart Page = hxxp://it.yahoo.com
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ie/def ... .yahoo.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
TCP: {427F511E-1409-4726-82EE-00E178C501AB} = 62.13.171.4 62.13.171.5
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-14 19:01
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9o"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9p"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9pf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"

[HKEY_USERS\S-1-5-21-30050762-2471864628-2821252809-1000\Software\SecuROM\License information*]
"datasecu"=hex:ee,51,68,42,bb,41,fe,ae,37,40,9e,d1,84,f5,6f,a2,3a,81,fc,ba,1f,
20,34,ff,29,6c,3a,b6,fa,1d,02,e1,4e,38,97,21,3a,76,5a,a7,98,14,a6,d4,fd,1e,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2009-07-14 19.06.25
ComboFix-quarantined-files.txt 2009-07-14 17:05

Pre-Run: 64.362.348.544 byte disponibili
Post-Run: 64.774.000.640 byte disponibili

526 --- E O F --- 2009-07-14 16:47


In attesa di risposte.

[ciao]

Provo a fare la scansione anche con Trend Micro e posto il Log.

P.S.: il problema potrebbe essere dovuto anche agli Spyware?

Re: Vista si blocca senza BlueScreen

MessaggioInviato: dom lug 26, 2009 8:25 pm
da Danilo22
Niente risposte? [...]
[win] Windows Vista continua a bloccarsi.