Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Il mio portatile non si connete più a Internet!!!

Office fa le bizze? Photoshop non funziona più? Forse possiamo darti una mano...

Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » dom apr 19, 2009 8:02 pm

Salve a tutti!!! sono nuovo da queste parti, non so più cosa fare [nonono] .
Da un po' di tempo il mio portatile non si connette piu a internet, ma parlo di explorer, e dei vari programmi che si devono colegare per fare i suoi soliti aggiornamenti (Spybot, Avast antivirus, etc.). Dico portatile perche ho un'altro PC e va benissimo, tant'è vero che vi scrivo da quest'ultimo. Mi collego a internet da una linea fastweb con fibra ottica, e ho notato però che posso leggere e ricevere la posta con outlok.
inoltre se vi può essere di aiutoooo.... sulla barra degli indirizzi di explorer mi apare questa strana scritta "res://ieframe.dll/dnserror.htm#"
potete darmi una mano??? grazie di cuore... [cry]
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda crazy.cat » lun apr 20, 2009 6:28 pm

Se leggi la posta vuol dire che il collegamento esiste.
Che versione di internet hai?
Hai provato con un altro browser?
Puoi fare una scansione con combofix e poi postarne il log che ne esce alla fine?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » mar apr 21, 2009 12:03 pm

Uso internet explorer 7.0.5730.11
e comunque ho gia provato con firefox ma...nulla..... sono disperatoooo [cry+]
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm


Re: Il mio portatile non si connete più a Internet!!!

Messaggioda crazy.cat » mar apr 21, 2009 2:34 pm

Come ti ho detto...
crazy.cat ha scritto:Puoi fare una scansione con combofix e poi postarne il log che ne esce alla fine?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » mar apr 21, 2009 5:05 pm

Ecco il log di Combofix spero ti sia utile!!! Grazie!

ComboFix 09-04-21.A7 - Administrator 21/04/2009 17.55.56.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.503.105 [GMT 2:00]
Eseguito da: E:\ComboFix.exe
AV: avast! antivirus 4.7.892 [VPS 0639-1] *On-access scanning disabled* (Outdated)
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Dati applicazioni\Starware356
c:\documents and settings\Administrator\Dati applicazioni\Starware356\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_4\Button_4Options.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_4\Button_4Options.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_5\Button_5Options.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_5\Button_5Options.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_6\Button_6Options.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Button_6\Button_6Options.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Cerca_ricette\Cerca_ricetteOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Cerca_ricette\Cerca_ricetteOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Configurator\Configurator.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Configurator\Configurator.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ErrorSearch\ErrorSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ErrorSearch\ErrorSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Layouts\ToolbarLayout.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Layouts\ToolbarLayout.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Manager\ManagerOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Manager\ManagerOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Recipe_RSS\Recipe_RSSOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Recipe_RSS\Recipe_RSSOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\RelatedSearch\RelatedSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\RelatedSearch\RelatedSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Toolbar\TBProductsOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\Toolbar\TBProductsOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ToolbarLogo\ToolbarLogoOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ToolbarLogo\ToolbarLogoOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ToolbarSearch\ToolbarSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\ToolbarSearch\ToolbarSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware356\TravelSearch\TravelSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware356\TravelSearch\TravelSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371
c:\documents and settings\Administrator\Dati applicazioni\Starware371\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ErrorSearch\ErrorSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ErrorSearch\ErrorSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Games\GamesOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Games\GamesOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Games\images\active\Games0.bmp
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Layouts\ToolbarLayout.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Layouts\ToolbarLayout.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Lyrics_IT\Lyrics_ITOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Lyrics_IT\Lyrics_ITOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Manager\ManagerOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Manager\ManagerOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Music_Search_IT\Music_Search_ITOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Music_Search_IT\Music_Search_ITOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Radio_IT\Radio_ITOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Radio_IT\Radio_ITOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\RelatedSearch\RelatedSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\RelatedSearch\RelatedSearchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\SearchMatch\SearchMatchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\SearchMatch\SearchMatchOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Toolbar\TBProductsOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\Toolbar\TBProductsOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ToolbarLogo\ToolbarLogoOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ToolbarLogo\ToolbarLogoOptions.xml.backup
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ToolbarSearch\ToolbarSearchOptions.xml
c:\documents and settings\Administrator\Dati applicazioni\Starware371\ToolbarSearch\ToolbarSearchOptions.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware356
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\592_button_1b_def.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\592_button_1b_over.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\598_button_1b_def.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\Button_40.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\Button_50.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\Button_60.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\FindIt.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\FindItHot.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\findithotxp.png
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\finditxp.png
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\logo.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\buttons\logoxp.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware356\contexts\error.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\contexts\Related.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\contexts\Travel.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\ProductMessagingConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\ProductMessagingConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\SimpleUpdateConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\SimpleUpdateConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\TimerManagerConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware356\SimpleUpdate\TimerManagerConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware371
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\findit_music.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\Highlight.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\HighlightHot.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\highlighthotxp.png
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\highlightxp.png
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\logo.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\logoxp.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\lyrics.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\music_search.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\buttons\radio.bmp
c:\documents and settings\All Users\Dati applicazioni\Starware371\contexts\error.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\contexts\related.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\contexts\travel.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\ProductMessagingConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\ProductMessagingConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\SimpleUpdateConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\SimpleUpdateConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\TimerManagerConfig.xml
c:\documents and settings\All Users\Dati applicazioni\Starware371\SimpleUpdate\TimerManagerConfig.xml.backup
c:\documents and settings\All Users\Dati applicazioni\Starware371\U0040B54E.exe
c:\programmi\Starware371
c:\programmi\Starware371\bin\Starware371.dll
c:\programmi\Starware371\brand.bmp
c:\programmi\Starware371\icons\star_16.ico
c:\programmi\Starware371\Starware371Config.xml
c:\programmi\Starware371\Starware371Uninstall.exe
c:\windows\emMON.exe
c:\windows\IE4 Error Log.txt
c:\windows\system32\Cache

.
((((((((((((((((((((((((( Files Creati Da 2009-03-21 al 2009-04-21 )))))))))))))))))))))))))))))))))))
.

2009-04-21 15:53 . 2009-04-21 15:53 -------- d-----w c:\windows\LastGood
2009-04-19 16:17 . 2009-04-19 16:17 -------- d-----w c:\windows\IIS Temporary Compressed Files
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\wamps51.dll
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\iwrps.dll
2009-04-19 16:16 . 2004-08-19 12:00 74240 ----a-w c:\windows\system32\dllcache\w3ext.dll
2009-04-19 16:16 . 2004-08-19 12:00 20992 ----a-w c:\windows\system32\dllcache\permchk.dll
2009-04-19 16:16 . 2004-08-19 12:00 16896 ----a-w c:\windows\system32\dllcache\status.dll
2009-04-19 16:12 . 2009-04-19 16:16 -------- d-----w C:\Inetpub
2009-04-19 14:36 . 2009-04-19 14:36 0 ----a-w c:\windows\nsreg.dat
2009-04-19 14:36 . 2009-04-19 14:36 -------- d-----w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
2009-04-19 12:52 . 2009-04-19 12:55 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-04-16 15:06 . 2009-04-16 15:06 9369 ----a-w c:\windows\FastWeb.rtf
2009-04-16 15:06 . 2009-04-16 15:06 4014 ----a-r c:\windows\FastWeb.ini
2009-04-16 15:06 . 2009-04-16 15:06 1588 ----a-w c:\windows\FWIPConf.out
2009-04-16 15:05 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 15:05 . 2009-03-06 14:19 286208 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 15:05 . 2009-02-09 11:22 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 15:05 . 2009-02-09 10:51 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 15:05 . 2009-02-09 10:51 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 15:05 . 2009-02-09 10:51 683520 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 15:05 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 15:05 . 2009-02-09 10:51 734720 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 15:05 . 2009-02-09 10:51 736256 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 15:05 . 2009-02-09 10:51 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 15:03 . 2009-03-27 06:48 1203922 ------w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 15:03 . 2008-04-21 21:14 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\AVS4YOU
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-04-10 10:54 . 2009-01-28 18:49 974848 ----a-w c:\windows\system32\mfc70.dll
2009-04-10 10:54 . 2009-01-28 18:49 24576 ----a-w c:\windows\system32\msxml3a.dll
2009-04-06 21:50 . 2009-04-12 06:24 -------- d-----w c:\documents and settings\Administrator\Tracing
2009-04-06 21:48 . 2009-04-06 21:48 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Search
2009-04-06 21:40 . 2009-02-06 16:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-06 21:38 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Desktop Search
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\windows\system32\GroupPolicy
2009-04-06 21:25 . 2008-03-07 17:02 98304 ------w c:\windows\system32\dllcache\nlhtml.dll
2009-04-06 21:25 . 2008-03-07 17:02 29696 ------w c:\windows\system32\dllcache\mimefilt.dll
2009-04-06 21:25 . 2008-03-07 17:02 192000 ------w c:\windows\system32\dllcache\offfilt.dll
2009-04-06 21:09 . 2009-01-09 19:19 1090181 ------w c:\windows\system32\dllcache\ntprint.cat
2009-04-06 20:50 . 2009-04-06 20:50 -------- d-----w C:\2f473910b2ebdc89b6fcfe47f5a4f12f

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 15:45 . 2008-03-12 13:03 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\WTablet
2009-04-19 16:17 . 2004-08-30 10:50 571252 ----a-w c:\windows\system32\perfh010.dat
2009-04-19 16:17 . 2004-08-30 10:50 111998 ----a-w c:\windows\system32\perfc010.dat
2009-04-19 12:52 . 2009-04-19 12:52 -------- d-----w c:\programmi\Spybot - Search & Destroy
2009-04-12 09:03 . 2009-04-12 08:08 -------- d-----w c:\programmi\Live_TV
2009-04-12 08:17 . 2009-04-10 10:54 -------- d-----w c:\programmi\AVS4YOU
2009-04-12 08:17 . 2009-04-10 10:55 -------- d-----w c:\programmi\File comuni\AVSMedia
2009-04-11 09:52 . 2007-06-08 23:06 437587 ----a-w C:\DCRawData.LOG
2009-04-10 09:04 . 2007-01-09 22:19 -------- d-----w c:\programmi\AdunanzA
2009-04-06 21:47 . 2005-07-01 08:47 29760 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-06 21:40 . 2008-04-08 05:21 -------- d-----w c:\programmi\Windows Live
2009-04-06 21:39 . 2009-04-06 21:39 -------- d-----w c:\programmi\Microsoft Sync Framework
2009-04-06 21:38 . 2009-04-06 21:38 -------- d-----w c:\programmi\Microsoft SQL Server Compact Edition
2009-04-06 21:34 . 2009-04-06 21:34 -------- d-----w c:\programmi\Microsoft
2009-04-06 21:33 . 2009-04-06 21:33 -------- d-----w c:\programmi\Windows Live SkyDrive
2009-04-06 21:28 . 2009-04-06 21:28 -------- d-----w c:\programmi\File comuni\Windows Live
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\programmi\Microsoft Silverlight
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\programmi\Windows Desktop Search
2009-03-21 14:06 . 2009-03-21 14:06 1033728 ------w c:\windows\system32\dllcache\kernel32.dll
2009-03-10 20:18 . 2006-06-19 14:19 970112 ------w c:\windows\system32\dllcache\WgaTray.exe
2009-03-10 20:18 . 2006-06-19 14:20 265088 ------w c:\windows\system32\dllcache\wgaLogon.dll
2009-03-06 14:19 . 2004-08-19 08:00 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2006-05-10 05:23 826368 ----a-w c:\windows\system32\dllcache\wininet.dll
2009-03-03 00:03 . 2004-08-19 08:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-28 04:54 . 2006-10-17 11:04 636072 ------w c:\windows\system32\dllcache\iexplore.exe
2009-02-20 10:20 . 2007-05-19 16:38 13824 ------w c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 10:20 . 2006-11-07 02:26 70656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 05:14 . 2006-11-07 02:25 161792 ------w c:\windows\system32\dllcache\ieakui.dll
2009-02-10 17:02 . 2008-11-13 06:02 2069760 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-10 17:02 . 2004-08-19 08:00 2069760 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:04 . 2008-11-13 06:02 1846784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 14:04 . 2004-08-19 08:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2008-11-13 06:02 2192768 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-19 08:00 2192768 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2008-11-13 06:02 2027520 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-09 11:22 . 2008-11-13 06:02 2148864 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-09 11:22 . 2004-08-19 08:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:51 . 2004-08-19 08:00 734720 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:51 . 2004-08-19 08:00 683520 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:51 . 2004-08-19 08:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:51 . 2004-08-19 08:00 736256 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 18:01 . 2009-02-06 18:01 308088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 16:52 . 2009-02-06 16:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-19 08:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:57 . 2009-02-03 19:57 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-02-03 19:57 . 2004-08-19 08:00 56832 ----a-w c:\windows\system32\secur32.dll
2007-11-27 23:37 . 2007-11-27 23:37 32 ----a-w c:\documents and settings\All Users\Dati applicazioni\ezsid.dat
2005-04-18 16:57 . 2005-04-18 16:57 142 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-01-16 23:19 . 2009-01-16 23:19 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012009011720090118\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"ISUSPM"="c:\documents and settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"PMCRemote"="c:\programmi\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-01-04 81920]
"WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bit4id store register"="c:\windows\system32\bit4cnsp.dll" [2007-03-02 155648]
"SynTPStart"="c:\programmi\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2007-12-21 185896]
"LVCOMS"="c:\programmi\File comuni\Logitech\QCDriver\LVCOMS.EXE" [2001-09-24 98304]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"GemCSP RegTool"="c:\windows\system32\RegTool.exe" [2002-10-03 45056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2006-09-25 108160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2004-10-26 569405]
Gestione servizi.lnk - c:\programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Motorola Desktop Suite mRouter Config.lnk - c:\programmi\Intuwave Ltd\Shared\mRouterRunTime\mRouterConfig.exe [2007-4-13 159744]
Motorola Desktop Suite.lnk - c:\programmi\Motorola\Motorola Desktop Suite\DesktopSuite.exe [2007-4-13 532480]
siscmon.lnk - c:\windows\system32\siscmon.exe [2008-11-17 147456]
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 1.1.3.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 1.1.3.lnk
backup=c:\windows\pss\OpenOffice.org 1.1.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^DVD Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SCardSvr"=2 (0x2)
"SharedAccess"=2 (0x2)
"srservice"=2 (0x2)
"WmcCdsLs"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [2004-09-10 35336]
R3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 QCAbsee;Logitech QuickCam Web(PID_0801);c:\windows\system32\DRIVERS\LVCA.sys [2001-09-24 31232]
R3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR33X2K.sys [2004-04-06 64088]
R3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2005-12-15 46848]
R3 STC2DFU;STCII DFU Adapter;c:\windows\system32\DRIVERS\Stc2Dfu.SYS [2004-10-24 7796]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [2004-08-25 185611]
S0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
S0 vburner;vburner;c:\windows\system32\DRIVERS\vburner.sys [2007-08-10 15872]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 SeaPort;SeaPort;c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480]
S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2004-05-03 80384]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cb-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cc-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563e4-0fed-11dd-951f-001560b5f419}]
\Shell\1\Command - E:\autorun.pif
\Shell\2\Command - E:\autorun.pif
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2626529-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e262652a-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat
.
Contenuto della cartella 'Scheduled Tasks'

2009-04-13 c:\windows\Tasks\AeX Local Job 1288.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]

2009-04-11 c:\windows\Tasks\AeX Local Job 1290.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-WebCamRT.exe - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.altavista.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 10.1.1.2:3128
uInternet Settings,ProxyOverride = <local>
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.lombardia.it/components/ ... tadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.lombardia.it/components/ ... Update.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.lombardia.it/components/OcxCrsInfo.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 17:59
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


c:\windows\TEMP\Cookies
c:\windows\TEMP\Cookies\index.dat 16384 bytes
c:\windows\TEMP\Cronologia
c:\windows\TEMP\Cronologia\History.IE5
c:\windows\TEMP\Cronologia\History.IE5\desktop.ini 113 bytes
c:\windows\TEMP\Cronologia\History.IE5\index.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_20c.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_580.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_714.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7e0.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7e8.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7f0.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7f4.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7f8.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_7fc.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_828.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_84.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_8c.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_9bc.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_b4.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_c0.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_c4.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_760.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_c8.dat 16384 bytes

Scansione completata con successo
Files nascosti: 24

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,9f,29,b8,f1,5c,
71,d6,43,c8,28,51,af,b0,29,a3,98,24,ab,5a,c7,b4,f9,1d,24,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,db,47,84,2b,3d,
26,0d,47,71,3b,04,66,8b,46,0d,96,ab,c8,4a,8a,a1,56,6c,66,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,3f,f7,21,24,8c,
4a,d4,cb,25,da,ec,7e,55,20,c9,26,31,e7,69,c9,89,0f,c9,e5,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,12,fe,a0,40,a1,
77,56,78,3e,1e,9e,e0,57,5a,93,61,44,53,90,70,23,13,50,2d,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,46,33,95,5a,5e,
85,05,db,cd,44,cd,b9,a6,33,6c,cd,db,60,5e,b6,22,af,93,4a,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,d1,4d,7c,a0,e7,
a9,e5,c5,b0,18,ed,a7,3f,8d,37,a4,68,49,53,8e,69,b0,c3,74,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,40,ea,26,6c,89,
01,f9,23,31,77,e1,ba,b1,f8,68,02,be,67,eb,40,e2,2b,1a,65,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,72,13,00,74,03,
6a,cc,ac,83,6c,56,8b,a0,85,96,ab,9c,11,eb,f1,f9,85,0e,05,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,61,29,ad,d8,cb,
af,cb,02,51,fa,6e,91,28,9e,14,cc,8b,10,8e,62,fa,cf,82,00,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,65,09,cf,6e,d9,
9e,8a,aa,b1,cd,45,5a,a8,c4,f8,b9,a0,ea,f8,7d,d9,d4,07,24,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,1b,88,cc,74,91,
24,d7,08,e3,0e,66,d5,eb,bc,2f,6b,bd,28,e8,63,4a,c4,a2,7a,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,c9,be,8f,9a,a6,
f2,f5,84,fa,ea,66,7f,d4,3b,6b,70,7a,23,d4,d1,63,8b,e7,ec,6c,43,2d,1e,aa,22,\
.
Ora fine scansione: 2009-04-21 18.02.12
ComboFix-quarantined-files.txt 2009-04-21 16:01

Pre-Run: 4.984.922.112 byte disponibili
Post-Run: 6.251.503.616 byte disponibili

426 --- E O F --- 2009-04-16 15:20
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda crazy.cat » mar apr 21, 2009 5:53 pm

Combofix ha rimosso alcune cose, adesso come va?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » mar apr 21, 2009 8:12 pm

nullaaaaaa......dopo che combofix ha eliminato un po di cose ho ricontrollato: La posta e, eMule adunanza vanno benissimo, il resto purtroppo no. Ho notato che nel primo log mi chiedeva di installare LA CONSOLE DI RIPRISTINO DI EMERGENZA perche non era presente sul PC, ho dato OK questa volta e Combofix si è collegato al sito della Microsof e l'ha scaricata e installata, non so se ti può essere d'aiuto???
ti mando il nuovo log

ComboFix 09-04-21.A7 - Administrator 21/04/2009 19.33.29.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.503.144 [GMT 2:00]
Eseguito da: E:\ComboFix.exe
AV: avast! antivirus 4.7.892 [VPS 0639-1] *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((( Files Creati Da 2009-03-21 al 2009-04-21 )))))))))))))))))))))))))))))))))))
.

2009-04-19 16:17 . 2009-04-19 16:17 -------- d-----w c:\windows\IIS Temporary Compressed Files
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\wamps51.dll
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\iwrps.dll
2009-04-19 16:16 . 2004-08-19 12:00 74240 ----a-w c:\windows\system32\dllcache\w3ext.dll
2009-04-19 16:16 . 2004-08-19 12:00 20992 ----a-w c:\windows\system32\dllcache\permchk.dll
2009-04-19 16:16 . 2004-08-19 12:00 16896 ----a-w c:\windows\system32\dllcache\status.dll
2009-04-19 16:12 . 2009-04-19 16:16 -------- d-----w C:\Inetpub
2009-04-19 14:36 . 2009-04-19 14:36 0 ----a-w c:\windows\nsreg.dat
2009-04-19 14:36 . 2009-04-19 14:36 -------- d-----w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
2009-04-19 12:52 . 2009-04-19 12:55 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-04-16 15:06 . 2009-04-16 15:06 9369 ----a-w c:\windows\FastWeb.rtf
2009-04-16 15:06 . 2009-04-16 15:06 4014 ----a-r c:\windows\FastWeb.ini
2009-04-16 15:06 . 2009-04-16 15:06 1588 ----a-w c:\windows\FWIPConf.out
2009-04-16 15:05 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 15:05 . 2009-03-06 14:19 286208 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 15:05 . 2009-02-09 11:22 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 15:05 . 2009-02-09 10:51 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 15:05 . 2009-02-09 10:51 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 15:05 . 2009-02-09 10:51 683520 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 15:05 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 15:05 . 2009-02-09 10:51 734720 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 15:05 . 2009-02-09 10:51 736256 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 15:05 . 2009-02-09 10:51 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 15:03 . 2009-03-27 06:48 1203922 ------w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 15:03 . 2008-04-21 21:14 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\AVS4YOU
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-04-10 10:54 . 2009-01-28 18:49 974848 ----a-w c:\windows\system32\mfc70.dll
2009-04-10 10:54 . 2009-01-28 18:49 24576 ----a-w c:\windows\system32\msxml3a.dll
2009-04-06 21:50 . 2009-04-12 06:24 -------- d-----w c:\documents and settings\Administrator\Tracing
2009-04-06 21:48 . 2009-04-06 21:48 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Search
2009-04-06 21:40 . 2009-02-06 16:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-06 21:38 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Desktop Search
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\windows\system32\GroupPolicy
2009-04-06 21:25 . 2008-03-07 17:02 98304 ------w c:\windows\system32\dllcache\nlhtml.dll
2009-04-06 21:25 . 2008-03-07 17:02 29696 ------w c:\windows\system32\dllcache\mimefilt.dll
2009-04-06 21:25 . 2008-03-07 17:02 192000 ------w c:\windows\system32\dllcache\offfilt.dll
2009-04-06 21:09 . 2009-01-09 19:19 1090181 ------w c:\windows\system32\dllcache\ntprint.cat
2009-04-06 20:50 . 2009-04-06 20:50 -------- d-----w C:\2f473910b2ebdc89b6fcfe47f5a4f12f

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 17:19 . 2008-03-12 13:03 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\WTablet
2009-04-19 16:17 . 2004-08-30 10:50 571252 ----a-w c:\windows\system32\perfh010.dat
2009-04-19 16:17 . 2004-08-30 10:50 111998 ----a-w c:\windows\system32\perfc010.dat
2009-04-19 12:52 . 2009-04-19 12:52 -------- d-----w c:\programmi\Spybot - Search & Destroy
2009-04-12 09:03 . 2009-04-12 08:08 -------- d-----w c:\programmi\Live_TV
2009-04-12 08:17 . 2009-04-10 10:54 -------- d-----w c:\programmi\AVS4YOU
2009-04-12 08:17 . 2009-04-10 10:55 -------- d-----w c:\programmi\File comuni\AVSMedia
2009-04-11 09:52 . 2007-06-08 23:06 437587 ----a-w C:\DCRawData.LOG
2009-04-10 09:04 . 2007-01-09 22:19 -------- d-----w c:\programmi\AdunanzA
2009-04-06 21:47 . 2005-07-01 08:47 29760 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-06 21:40 . 2008-04-08 05:21 -------- d-----w c:\programmi\Windows Live
2009-04-06 21:39 . 2009-04-06 21:39 -------- d-----w c:\programmi\Microsoft Sync Framework
2009-04-06 21:38 . 2009-04-06 21:38 -------- d-----w c:\programmi\Microsoft SQL Server Compact Edition
2009-04-06 21:34 . 2009-04-06 21:34 -------- d-----w c:\programmi\Microsoft
2009-04-06 21:33 . 2009-04-06 21:33 -------- d-----w c:\programmi\Windows Live SkyDrive
2009-04-06 21:28 . 2009-04-06 21:28 -------- d-----w c:\programmi\File comuni\Windows Live
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\programmi\Microsoft Silverlight
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\programmi\Windows Desktop Search
2009-03-21 14:06 . 2009-03-21 14:06 1033728 ------w c:\windows\system32\dllcache\kernel32.dll
2009-03-10 20:18 . 2006-06-19 14:19 970112 ------w c:\windows\system32\dllcache\WgaTray.exe
2009-03-10 20:18 . 2006-06-19 14:20 265088 ------w c:\windows\system32\dllcache\wgaLogon.dll
2009-03-06 14:19 . 2004-08-19 08:00 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2006-05-10 05:23 826368 ----a-w c:\windows\system32\dllcache\wininet.dll
2009-03-03 00:03 . 2004-08-19 08:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-28 04:54 . 2006-10-17 11:04 636072 ------w c:\windows\system32\dllcache\iexplore.exe
2009-02-20 10:20 . 2007-05-19 16:38 13824 ------w c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 10:20 . 2006-11-07 02:26 70656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 05:14 . 2006-11-07 02:25 161792 ------w c:\windows\system32\dllcache\ieakui.dll
2009-02-10 17:02 . 2008-11-13 06:02 2069760 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-10 17:02 . 2004-08-19 08:00 2069760 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:04 . 2008-11-13 06:02 1846784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 14:04 . 2004-08-19 08:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2008-11-13 06:02 2192768 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-19 08:00 2192768 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2008-11-13 06:02 2027520 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-09 11:22 . 2008-11-13 06:02 2148864 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-09 11:22 . 2004-08-19 08:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:51 . 2004-08-19 08:00 734720 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:51 . 2004-08-19 08:00 683520 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:51 . 2004-08-19 08:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:51 . 2004-08-19 08:00 736256 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 18:01 . 2009-02-06 18:01 308088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 16:52 . 2009-02-06 16:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-19 08:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:57 . 2009-02-03 19:57 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-02-03 19:57 . 2004-08-19 08:00 56832 ----a-w c:\windows\system32\secur32.dll
2007-11-27 23:37 . 2007-11-27 23:37 32 ----a-w c:\documents and settings\All Users\Dati applicazioni\ezsid.dat
2005-04-18 16:57 . 2005-04-18 16:57 142 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-01-16 23:19 . 2009-01-16 23:19 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012009011720090118\index.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.59.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-21 17:18 . 2009-04-21 17:18 16384 c:\windows\Temp\Perflib_Perfdata_86c.dat
+ 2009-04-21 17:19 . 2009-04-21 17:19 16384 c:\windows\Temp\Perflib_Perfdata_464.dat
+ 2009-04-19 16:16 . 2009-04-21 17:19 202167 c:\windows\system32\inetsrv\MetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"ISUSPM"="c:\documents and settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"PMCRemote"="c:\programmi\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-01-04 81920]
"WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bit4id store register"="c:\windows\system32\bit4cnsp.dll" [2007-03-02 155648]
"SynTPStart"="c:\programmi\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2007-12-21 185896]
"LVCOMS"="c:\programmi\File comuni\Logitech\QCDriver\LVCOMS.EXE" [2001-09-24 98304]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"GemCSP RegTool"="c:\windows\system32\RegTool.exe" [2002-10-03 45056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2006-09-25 108160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2004-10-26 569405]
Gestione servizi.lnk - c:\programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Motorola Desktop Suite mRouter Config.lnk - c:\programmi\Intuwave Ltd\Shared\mRouterRunTime\mRouterConfig.exe [2007-4-13 159744]
Motorola Desktop Suite.lnk - c:\programmi\Motorola\Motorola Desktop Suite\DesktopSuite.exe [2007-4-13 532480]
siscmon.lnk - c:\windows\system32\siscmon.exe [2008-11-17 147456]
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 1.1.3.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 1.1.3.lnk
backup=c:\windows\pss\OpenOffice.org 1.1.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^DVD Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SCardSvr"=2 (0x2)
"SharedAccess"=2 (0x2)
"srservice"=2 (0x2)
"WmcCdsLs"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [2004-09-10 35336]
R3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 QCAbsee;Logitech QuickCam Web(PID_0801);c:\windows\system32\DRIVERS\LVCA.sys [2001-09-24 31232]
R3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR33X2K.sys [2004-04-06 64088]
R3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2005-12-15 46848]
R3 STC2DFU;STCII DFU Adapter;c:\windows\system32\DRIVERS\Stc2Dfu.SYS [2004-10-24 7796]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [2004-08-25 185611]
S0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
S0 vburner;vburner;c:\windows\system32\DRIVERS\vburner.sys [2007-08-10 15872]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 SeaPort;SeaPort;c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480]
S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2004-05-03 80384]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cb-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cc-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563e4-0fed-11dd-951f-001560b5f419}]
\Shell\1\Command - E:\autorun.pif
\Shell\2\Command - E:\autorun.pif
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2626529-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e262652a-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat
.
Contenuto della cartella 'Scheduled Tasks'

2009-04-11 c:\windows\Tasks\AeX Local Job 1290.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]

2009-04-21 c:\windows\Tasks\AeX Local Job 1355.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.altavista.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 10.1.1.2:3128
uInternet Settings,ProxyOverride = <local>
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.lombardia.it/components/ ... tadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.lombardia.it/components/ ... Update.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.lombardia.it/components/OcxCrsInfo.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 19:38
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,9f,29,b8,f1,5c,
71,d6,43,c8,28,51,af,b0,29,a3,98,24,ab,5a,c7,b4,f9,1d,24,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,db,47,84,2b,3d,
26,0d,47,71,3b,04,66,8b,46,0d,96,ab,c8,4a,8a,a1,56,6c,66,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,3f,f7,21,24,8c,
4a,d4,cb,25,da,ec,7e,55,20,c9,26,31,e7,69,c9,89,0f,c9,e5,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,12,fe,a0,40,a1,
77,56,78,3e,1e,9e,e0,57,5a,93,61,44,53,90,70,23,13,50,2d,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,46,33,95,5a,5e,
85,05,db,cd,44,cd,b9,a6,33,6c,cd,db,60,5e,b6,22,af,93,4a,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,d1,4d,7c,a0,e7,
a9,e5,c5,b0,18,ed,a7,3f,8d,37,a4,68,49,53,8e,69,b0,c3,74,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,40,ea,26,6c,89,
01,f9,23,31,77,e1,ba,b1,f8,68,02,be,67,eb,40,e2,2b,1a,65,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,72,13,00,74,03,
6a,cc,ac,83,6c,56,8b,a0,85,96,ab,9c,11,eb,f1,f9,85,0e,05,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,61,29,ad,d8,cb,
af,cb,02,51,fa,6e,91,28,9e,14,cc,8b,10,8e,62,fa,cf,82,00,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,65,09,cf,6e,d9,
9e,8a,aa,b1,cd,45,5a,a8,c4,f8,b9,a0,ea,f8,7d,d9,d4,07,24,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,1b,88,cc,74,91,
24,d7,08,e3,0e,66,d5,eb,bc,2f,6b,bd,28,e8,63,4a,c4,a2,7a,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,c9,be,8f,9a,a6,
f2,f5,84,fa,ea,66,7f,d4,3b,6b,70,7a,23,d4,d1,63,8b,e7,ec,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3412)
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-04-21 19.43.12
ComboFix-quarantined-files.txt 2009-04-21 17:41
ComboFix2.txt 2009-04-21 16:02

Pre-Run: 6.233.227.264 byte disponibili
Post-Run: 6.203.383.808 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

307 --- E O F --- 2009-04-16 15:20
Ultima modifica di ba_61 il mar apr 21, 2009 8:52 pm, modificato 1 volta in totale.
Motivazione: Tag Log
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda ba_61 » mar apr 21, 2009 8:52 pm

tiburon ha scritto:ti mando il nuovo log

Vedi come postare il LOG.
Avatar utente
ba_61
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 6290
Iscritto il: lun gen 10, 2005 11:36 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » mar apr 21, 2009 9:30 pm

vi chiedo scusa per habereincollato il Log come prima. non sapevo, un po' di pazienza sono nuovo da queste parti, grazie!!!

ComboFix 09-04-21.A7 - Administrator 21/04/2009 19.33.29.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.503.144 [GMT 2:00]
Eseguito da: E:\ComboFix.exe
AV: avast! antivirus 4.7.892 [VPS 0639-1] *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((( Files Creati Da 2009-03-21 al 2009-04-21 )))))))))))))))))))))))))))))))))))
.

2009-04-19 16:17 . 2009-04-19 16:17 -------- d-----w c:\windows\IIS Temporary Compressed Files
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\wamps51.dll
2009-04-19 16:16 . 2004-08-19 12:00 9216 ----a-w c:\windows\system32\dllcache\iwrps.dll
2009-04-19 16:16 . 2004-08-19 12:00 74240 ----a-w c:\windows\system32\dllcache\w3ext.dll
2009-04-19 16:16 . 2004-08-19 12:00 20992 ----a-w c:\windows\system32\dllcache\permchk.dll
2009-04-19 16:16 . 2004-08-19 12:00 16896 ----a-w c:\windows\system32\dllcache\status.dll
2009-04-19 16:12 . 2009-04-19 16:16 -------- d-----w C:\Inetpub
2009-04-19 14:36 . 2009-04-19 14:36 0 ----a-w c:\windows\nsreg.dat
2009-04-19 14:36 . 2009-04-19 14:36 -------- d-----w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
2009-04-19 12:52 . 2009-04-19 12:55 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-04-16 15:06 . 2009-04-16 15:06 9369 ----a-w c:\windows\FastWeb.rtf
2009-04-16 15:06 . 2009-04-16 15:06 4014 ----a-r c:\windows\FastWeb.ini
2009-04-16 15:06 . 2009-04-16 15:06 1588 ----a-w c:\windows\FWIPConf.out
2009-04-16 15:05 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 15:05 . 2009-03-06 14:19 286208 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 15:05 . 2009-02-09 11:22 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 15:05 . 2009-02-09 10:51 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 15:05 . 2009-02-09 10:51 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 15:05 . 2009-02-09 10:51 683520 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 15:05 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 15:05 . 2009-02-09 10:51 734720 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 15:05 . 2009-02-09 10:51 736256 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 15:05 . 2009-02-09 10:51 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 15:03 . 2009-03-27 06:48 1203922 ------w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 15:03 . 2008-04-21 21:14 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\AVS4YOU
2009-04-10 10:58 . 2009-04-10 10:58 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-04-10 10:54 . 2009-01-28 18:49 974848 ----a-w c:\windows\system32\mfc70.dll
2009-04-10 10:54 . 2009-01-28 18:49 24576 ----a-w c:\windows\system32\msxml3a.dll
2009-04-06 21:50 . 2009-04-12 06:24 -------- d-----w c:\documents and settings\Administrator\Tracing
2009-04-06 21:48 . 2009-04-06 21:48 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Search
2009-04-06 21:40 . 2009-02-06 16:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-06 21:38 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\Windows Desktop Search
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\windows\system32\GroupPolicy
2009-04-06 21:25 . 2008-03-07 17:02 98304 ------w c:\windows\system32\dllcache\nlhtml.dll
2009-04-06 21:25 . 2008-03-07 17:02 29696 ------w c:\windows\system32\dllcache\mimefilt.dll
2009-04-06 21:25 . 2008-03-07 17:02 192000 ------w c:\windows\system32\dllcache\offfilt.dll
2009-04-06 21:09 . 2009-01-09 19:19 1090181 ------w c:\windows\system32\dllcache\ntprint.cat
2009-04-06 20:50 . 2009-04-06 20:50 -------- d-----w C:\2f473910b2ebdc89b6fcfe47f5a4f12f

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 17:19 . 2008-03-12 13:03 -------- d-----w c:\documents and settings\Administrator\Dati applicazioni\WTablet
2009-04-19 16:17 . 2004-08-30 10:50 571252 ----a-w c:\windows\system32\perfh010.dat
2009-04-19 16:17 . 2004-08-30 10:50 111998 ----a-w c:\windows\system32\perfc010.dat
2009-04-19 12:52 . 2009-04-19 12:52 -------- d-----w c:\programmi\Spybot - Search & Destroy
2009-04-12 09:03 . 2009-04-12 08:08 -------- d-----w c:\programmi\Live_TV
2009-04-12 08:17 . 2009-04-10 10:54 -------- d-----w c:\programmi\AVS4YOU
2009-04-12 08:17 . 2009-04-10 10:55 -------- d-----w c:\programmi\File comuni\AVSMedia
2009-04-11 09:52 . 2007-06-08 23:06 437587 ----a-w C:\DCRawData.LOG
2009-04-10 09:04 . 2007-01-09 22:19 -------- d-----w c:\programmi\AdunanzA
2009-04-06 21:47 . 2005-07-01 08:47 29760 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-06 21:40 . 2008-04-08 05:21 -------- d-----w c:\programmi\Windows Live
2009-04-06 21:39 . 2009-04-06 21:39 -------- d-----w c:\programmi\Microsoft Sync Framework
2009-04-06 21:38 . 2009-04-06 21:38 -------- d-----w c:\programmi\Microsoft SQL Server Compact Edition
2009-04-06 21:34 . 2009-04-06 21:34 -------- d-----w c:\programmi\Microsoft
2009-04-06 21:33 . 2009-04-06 21:33 -------- d-----w c:\programmi\Windows Live SkyDrive
2009-04-06 21:28 . 2009-04-06 21:28 -------- d-----w c:\programmi\File comuni\Windows Live
2009-04-06 21:27 . 2009-04-06 21:27 -------- d-----w c:\programmi\Microsoft Silverlight
2009-04-06 21:26 . 2009-04-06 21:26 -------- d-----w c:\programmi\Windows Desktop Search
2009-03-21 14:06 . 2009-03-21 14:06 1033728 ------w c:\windows\system32\dllcache\kernel32.dll
2009-03-10 20:18 . 2006-06-19 14:19 970112 ------w c:\windows\system32\dllcache\WgaTray.exe
2009-03-10 20:18 . 2006-06-19 14:20 265088 ------w c:\windows\system32\dllcache\wgaLogon.dll
2009-03-06 14:19 . 2004-08-19 08:00 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2006-05-10 05:23 826368 ----a-w c:\windows\system32\dllcache\wininet.dll
2009-03-03 00:03 . 2004-08-19 08:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-28 04:54 . 2006-10-17 11:04 636072 ------w c:\windows\system32\dllcache\iexplore.exe
2009-02-20 10:20 . 2007-05-19 16:38 13824 ------w c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 10:20 . 2006-11-07 02:26 70656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 05:14 . 2006-11-07 02:25 161792 ------w c:\windows\system32\dllcache\ieakui.dll
2009-02-10 17:02 . 2008-11-13 06:02 2069760 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-10 17:02 . 2004-08-19 08:00 2069760 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:04 . 2008-11-13 06:02 1846784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 14:04 . 2004-08-19 08:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2008-11-13 06:02 2192768 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-19 08:00 2192768 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2008-11-13 06:02 2027520 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-09 11:22 . 2008-11-13 06:02 2148864 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-09 11:22 . 2004-08-19 08:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:51 . 2004-08-19 08:00 734720 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:51 . 2004-08-19 08:00 683520 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:51 . 2004-08-19 08:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:51 . 2004-08-19 08:00 736256 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 18:01 . 2009-02-06 18:01 308088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 16:52 . 2009-02-06 16:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-19 08:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:57 . 2009-02-03 19:57 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-02-03 19:57 . 2004-08-19 08:00 56832 ----a-w c:\windows\system32\secur32.dll
2007-11-27 23:37 . 2007-11-27 23:37 32 ----a-w c:\documents and settings\All Users\Dati applicazioni\ezsid.dat
2005-04-18 16:57 . 2005-04-18 16:57 142 ----a-w c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-01-16 23:19 . 2009-01-16 23:19 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012009011720090118\index.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-04-21_15.59.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-21 17:18 . 2009-04-21 17:18 16384 c:\windows\Temp\Perflib_Perfdata_86c.dat
+ 2009-04-21 17:19 . 2009-04-21 17:19 16384 c:\windows\Temp\Perflib_Perfdata_464.dat
+ 2009-04-19 16:16 . 2009-04-21 17:19 202167 c:\windows\system32\inetsrv\MetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"ISUSPM"="c:\documents and settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"PMCRemote"="c:\programmi\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-01-04 81920]
"WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bit4id store register"="c:\windows\system32\bit4cnsp.dll" [2007-03-02 155648]
"SynTPStart"="c:\programmi\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2007-12-21 185896]
"LVCOMS"="c:\programmi\File comuni\Logitech\QCDriver\LVCOMS.EXE" [2001-09-24 98304]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"GemCSP RegTool"="c:\windows\system32\RegTool.exe" [2002-10-03 45056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2006-09-25 108160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2004-10-26 569405]
Gestione servizi.lnk - c:\programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Motorola Desktop Suite mRouter Config.lnk - c:\programmi\Intuwave Ltd\Shared\mRouterRunTime\mRouterConfig.exe [2007-4-13 159744]
Motorola Desktop Suite.lnk - c:\programmi\Motorola\Motorola Desktop Suite\DesktopSuite.exe [2007-4-13 532480]
siscmon.lnk - c:\windows\system32\siscmon.exe [2008-11-17 147456]
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 1.1.3.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 1.1.3.lnk
backup=c:\windows\pss\OpenOffice.org 1.1.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^DVD Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SCardSvr"=2 (0x2)
"SharedAccess"=2 (0x2)
"srservice"=2 (0x2)
"WmcCdsLs"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [2004-09-10 35336]
R3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 QCAbsee;Logitech QuickCam Web(PID_0801);c:\windows\system32\DRIVERS\LVCA.sys [2001-09-24 31232]
R3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR33X2K.sys [2004-04-06 64088]
R3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2005-12-15 46848]
R3 STC2DFU;STCII DFU Adapter;c:\windows\system32\DRIVERS\Stc2Dfu.SYS [2004-10-24 7796]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [2004-08-25 185611]
S0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
S0 vburner;vburner;c:\windows\system32\DRIVERS\vburner.sys [2007-08-10 15872]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 SeaPort;SeaPort;c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480]
S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2004-05-03 80384]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cb-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563cc-0fed-11dd-951f-001560b5f419}]
\Shell\AutoRun\command - E:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a42563e4-0fed-11dd-951f-001560b5f419}]
\Shell\1\Command - E:\autorun.pif
\Shell\2\Command - E:\autorun.pif
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2626529-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e262652a-b1c9-11dd-9547-001560b5f419}]
\Shell\AutoRun\command - 6.bat
\Shell\explore\Command - 6.bat
\Shell\open\Command - 6.bat
.
Contenuto della cartella 'Scheduled Tasks'

2009-04-11 c:\windows\Tasks\AeX Local Job 1290.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]

2009-04-21 c:\windows\Tasks\AeX Local Job 1355.job
- c:\programmi\Altiris\eXpress\Client Recovery Agent\AeXCmd.exe [2004-11-23 13:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.altavista.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 10.1.1.2:3128
uInternet Settings,ProxyOverride = <local>
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.lombardia.it/components/ ... tadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.lombardia.it/components/ ... Update.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.lombardia.it/components/OcxCrsInfo.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 19:38
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,9f,29,b8,f1,5c,
71,d6,43,c8,28,51,af,b0,29,a3,98,24,ab,5a,c7,b4,f9,1d,24,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,db,47,84,2b,3d,
26,0d,47,71,3b,04,66,8b,46,0d,96,ab,c8,4a,8a,a1,56,6c,66,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,3f,f7,21,24,8c,
4a,d4,cb,25,da,ec,7e,55,20,c9,26,31,e7,69,c9,89,0f,c9,e5,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,12,fe,a0,40,a1,
77,56,78,3e,1e,9e,e0,57,5a,93,61,44,53,90,70,23,13,50,2d,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,46,33,95,5a,5e,
85,05,db,cd,44,cd,b9,a6,33,6c,cd,db,60,5e,b6,22,af,93,4a,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,d1,4d,7c,a0,e7,
a9,e5,c5,b0,18,ed,a7,3f,8d,37,a4,68,49,53,8e,69,b0,c3,74,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,40,ea,26,6c,89,
01,f9,23,31,77,e1,ba,b1,f8,68,02,be,67,eb,40,e2,2b,1a,65,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,72,13,00,74,03,
6a,cc,ac,83,6c,56,8b,a0,85,96,ab,9c,11,eb,f1,f9,85,0e,05,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,61,29,ad,d8,cb,
af,cb,02,51,fa,6e,91,28,9e,14,cc,8b,10,8e,62,fa,cf,82,00,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,65,09,cf,6e,d9,
9e,8a,aa,b1,cd,45,5a,a8,c4,f8,b9,a0,ea,f8,7d,d9,d4,07,24,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,1b,88,cc,74,91,
24,d7,08,e3,0e,66,d5,eb,bc,2f,6b,bd,28,e8,63,4a,c4,a2,7a,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,c9,be,8f,9a,a6,
f2,f5,84,fa,ea,66,7f,d4,3b,6b,70,7a,23,d4,d1,63,8b,e7,ec,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3412)
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-04-21 19.43.12
ComboFix-quarantined-files.txt 2009-04-21 17:41
ComboFix2.txt 2009-04-21 16:02

Pre-Run: 6.233.227.264 byte disponibili
Post-Run: 6.203.383.808 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

307 --- E O F --- 2009-04-16 15:20
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda ba_61 » mar apr 21, 2009 10:52 pm

tiburon ha scritto:un po' di pazienza

Non era imperativo: solo per conoscere i comandi a disposizione [std]
Avatar utente
ba_61
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 6290
Iscritto il: lun gen 10, 2005 11:36 pm

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda piro » mer apr 22, 2009 7:42 am

Suggerimento del mio amico Bomber: LSPfix

Ciao
Avatar utente
piro
Aficionado
Aficionado
 
Messaggi: 74
Iscritto il: mar mar 11, 2008 4:30 pm
Località: Ravenna

Re: Il mio portatile non si connete più a Internet!!!

Messaggioda tiburon » gio apr 23, 2009 7:15 pm

funzionaaaaaaaa. grazie mille!!! siete grandi [applauso+]
Avatar utente
tiburon
Aficionado
Aficionado
 
Messaggi: 82
Iscritto il: dom apr 19, 2009 7:34 pm


Torna a Software

Chi c’è in linea

Visitano il forum: Nessuno e 21 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising