Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

icone non si vedono

Problemi con i sistemi operativi di casa Microsoft? Questa è la sezione che fa per te!

icone non si vedono

Messaggioda ivan92 » mer apr 29, 2009 2:09 pm

Oggi accendendo il mio computer ho notato che alcune icone del desktop non si vedevano...e le icone dentro le cartelle nemmeno...poi il mio antivirus mcafee ho fatto il suo aggiornamento quotidiano e da un paio di volte ormai mi dice dovo aver aggiornato che il sistema non è protetto...così fixo i vari problemi e si risolve tutto ( a volte invece non riece a fixare i problemi)
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer apr 29, 2009 2:23 pm

ciao

non e' che ho capito piu' di tanto [;)]

Scarica e installa http://www.malwarebytes.org/mbam/program/mbam-setup.exe Aggiornalo e fai una scansione completa del computer. Posta il rapporto ottenuto e non eliminare niente, per adesso
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » gio apr 30, 2009 5:19 pm

scusa il ritardo ecco la scansione...non ha trovato niente

Malwarebytes' Anti-Malware 1.36
Versione del database: 2061
Windows 6.0.6001 Service Pack 1

30/04/2009 18.20.20
mbam-log-2009-04-30 (18-20-20).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|)
Elementi scansionati: 239315
Tempo trascorso: 3 hour(s), 14 minute(s), 57 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)


Re: icone non si vedono

Messaggioda stevens » gio apr 30, 2009 7:38 pm

apri il registro di sistema (start\esegui\regedit)

segui il percorso di questa chiave

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

quando sei su Winlogon col tasto destro vai su ''esporta'' - salva sul destkop il file .reg e postalo

caricalo qui www.wikisend.com
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » ven mag 01, 2009 8:46 am

ecco qui:
winlogon.reg
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » ven mag 01, 2009 10:02 am

postami un log di hijackthis
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » dom mag 03, 2009 9:22 am

scusa il ritardo ma non mi è arrivata la mail di notifica:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.22.59, on 03/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Hp\Digital Imaging\bin\HpqSRmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Users\Utente\Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Woopra] C:\Program Files\Woopra\Woopra.exe -startup
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{035A7A39-03E6-4522-9147-59CAF8CF44C6}: NameServer = 85.37.17.6 85.38.28.89
O17 - HKLM\System\CS1\Services\Tcpip\..\{035A7A39-03E6-4522-9147-59CAF8CF44C6}: NameServer = 85.37.17.6 85.38.28.89
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Servizio di Google Update (gupdate1c9a3f1bdcd0f3e) (gupdate1c9a3f1bdcd0f3e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 11805 bytes
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » dom mag 03, 2009 10:36 am

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Digita 1 premi Invio e segui le indicazioni.
Al termine, verrà creato un file log chiamato C:\ComboFix.txt. Postalo qui.
Durante l'operazione di scansione è importante non usare il PC e attendere pazientemente la fine delle operazioni.

Durante la scansione non toccare mouse e tastiera
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » lun mag 04, 2009 3:39 pm

ecco il report:

ComboFix 09-05-03.4 - Utente 04/05/2009 16.19.51.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.2046.1108 [GMT 2:00]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Creati Da 2009-04-04 al 2009-05-04 )))))))))))))))))))))))))))))))))))
.

2009-05-01 13:13 . 2009-05-01 13:15 -------- d-----w c:\program files\EasyPHP 3.0
2009-05-01 10:14 . 2009-05-01 10:14 -------- d-----w c:\program files\Common Files\DivX Shared
2009-04-30 20:53 . 2009-04-30 20:53 -------- d-----w c:\programdata\Media Center Programs
2009-04-30 20:53 . 2009-04-30 20:53 -------- d-----w c:\users\All Users\Media Center Programs
2009-04-21 13:13 . 2009-04-21 13:13 -------- d-----w c:\users\Utente\Woopra
2009-04-16 14:17 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-16 14:17 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-16 14:17 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-14 12:17 . 2009-04-16 16:09 -------- d-----w c:\users\Utente\AppData\Local\Adobe
2009-04-14 12:12 . 2009-04-14 12:12 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-12 18:03 . 2009-04-12 18:03 -------- d-----w c:\programdata\is-QKOVQ
2009-04-12 18:03 . 2009-04-12 18:03 -------- d-----w c:\users\All Users\is-QKOVQ
2009-04-12 18:00 . 2008-07-08 12:54 148496 ----a-w c:\windows\system32\drivers\10947585.sys
2009-04-12 17:55 . 2008-07-08 12:54 148496 ----a-w c:\windows\system32\drivers\63692176.sys
2009-04-12 09:53 . 2009-04-12 11:25 -------- d-----w c:\program files\a-squared Free
2009-04-11 15:59 . 2009-04-11 15:59 -------- d-----w c:\program files\IObit
2009-04-10 09:19 . 2009-04-14 12:22 -------- d-----w c:\program files\Lavasoft
2009-04-10 09:19 . 2009-04-14 12:22 -------- d-----w c:\programdata\Lavasoft
2009-04-10 09:19 . 2009-04-14 12:22 -------- d-----w c:\users\All Users\Lavasoft
2009-04-09 14:54 . 2009-04-09 14:54 -------- d-----w c:\users\Utente\AppData\Roaming\live-player
2009-04-09 14:54 . 2009-04-14 06:46 89 ----a-w c:\users\Utente\AppData\Local\mqekm.bat
2009-04-09 11:03 . 2009-04-10 14:24 -------- d-----w c:\program files\MegaLink

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-04 14:32 . 2009-02-26 15:03 259051552 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-04 14:28 . 2009-03-13 15:38 882 ----a-w c:\windows\Tasks\GoogleUpdateTaskMachine.job
2009-05-04 14:28 . 2009-03-24 14:05 1054 ----a-w c:\windows\Tasks\Google Software Updater.job
2009-05-04 14:28 . 2006-11-02 13:01 6 ---ha-w c:\windows\Tasks\SA.DAT
2009-05-04 14:27 . 2009-02-26 15:03 3034964 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-04 14:26 . 2008-11-26 19:10 12 ----a-w c:\windows\bthservsdp.dat
2009-05-04 14:06 . 2008-10-29 15:42 89246 ----a-w c:\users\All Users\nvModes.dat
2009-05-04 14:06 . 2008-10-29 15:42 89246 ----a-w c:\programdata\nvModes.dat
2009-05-04 12:33 . 2009-03-18 18:20 860 ----a-w c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-603610610-2782796317-2799079916-1000.job
2009-05-03 19:20 . 2006-11-06 01:52 662846 ----a-w c:\windows\system32\perfh010.dat
2009-05-03 19:20 . 2006-11-06 01:52 120326 ----a-w c:\windows\system32\perfc010.dat
2009-05-01 10:14 . 2008-09-02 13:40 -------- d-----w c:\program files\DivX
2009-05-01 09:19 . 2009-04-10 09:20 460 ----a-w c:\windows\Tasks\Ad-Aware Update (Weekly).job
2009-04-30 20:36 . 2008-09-09 12:02 -------- d-----w c:\program files\Ubisoft
2009-04-30 20:36 . 2007-07-20 10:43 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-29 11:53 . 2008-09-01 09:01 8268 ----a-w c:\users\Utente\AppData\Local\d3d9caps.dat
2009-04-23 16:41 . 2008-09-02 08:14 -------- d-----w c:\program files\Spyware Doctor
2009-04-19 12:46 . 2009-04-19 12:46 -------- d-----w c:\program files\EASEUS
2009-04-18 13:40 . 2008-09-04 09:06 -------- d-----w c:\program files\Ashampoo
2009-04-17 11:54 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-16 11:53 . 2008-09-04 08:27 -------- d-----w c:\program files\McAfee
2009-04-14 12:12 . 2007-07-20 11:35 -------- d-----w c:\program files\Java
2009-04-12 06:23 . 2008-10-31 15:06 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-07 14:49 . 2008-09-02 13:33 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-06 13:32 . 2008-10-31 15:06 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 . 2008-10-31 15:06 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-05 11:52 . 2009-01-31 13:30 -------- d-----w c:\program files\FileZilla FTP Client
2009-04-04 11:34 . 2009-04-04 11:34 -------- d-----w c:\program files\PoivY.com
2009-04-04 11:31 . 2009-04-04 11:29 -------- d-----w c:\program files\AutoLyrix
2009-04-03 13:11 . 2007-07-20 11:18 -------- d-----w c:\program files\Google
2009-04-02 12:49 . 2009-04-02 12:49 -------- d-----w c:\program files\Unity
2009-03-25 19:24 . 2009-03-25 19:24 -------- d-----w c:\program files\SEGA
2009-03-25 17:54 . 2009-03-25 17:54 -------- d-----r c:\program files\Skype
2009-03-25 09:06 . 2008-09-04 08:27 40552 ----a-w c:\windows\system32\drivers\mfesmfk.sys
2009-03-25 09:06 . 2008-09-04 08:27 79880 ----a-w c:\windows\system32\drivers\mfeavfk.sys
2009-03-25 09:06 . 2008-09-04 08:27 35272 ----a-w c:\windows\system32\drivers\mfebopk.sys
2009-03-25 09:06 . 2008-06-27 04:08 214024 ----a-w c:\windows\system32\drivers\mfehidk.sys
2009-03-25 09:05 . 2008-09-04 08:26 34216 ----a-w c:\windows\system32\drivers\mferkdk.sys
2009-03-22 10:41 . 2009-03-22 09:36 -------- d-----w c:\program files\Empire Total War
2009-03-21 22:13 . 2009-03-21 14:06 -------- d-----w c:\program files\Common Files\Steam
2009-03-17 03:38 . 2009-04-16 14:16 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-16 14:16 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 14:16 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-11 14:17 . 2009-02-02 18:15 -------- d-----w c:\program files\Opera
2009-03-09 12:53 . 2008-09-01 09:10 88280 ----a-w c:\users\Utente\AppData\Local\GDIPFONTCACHEV1.DAT
2009-03-03 04:46 . 2009-04-16 14:16 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 14:16 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-16 14:16 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-16 14:16 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 14:16 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 14:16 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 14:16 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-16 14:16 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 14:16 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 04:37 . 2009-04-16 14:16 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 03:04 . 2009-04-16 14:16 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 14:16 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-16 14:16 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-02-13 08:49 . 2009-04-16 14:16 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-16 14:16 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-11 13:37 2033152 ----a-w c:\windows\system32\win32k.sys
2009-02-06 19:01 . 2009-02-06 19:01 308088 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 17:08 . 2009-02-22 15:15 55280 ----a-w c:\windows\system32\drivers\fssfltr.sys
2008-09-06 12:33 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w c:\program files\opera\program\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Google Update"="c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-18 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-11 24095528]
"PoivY"="c:\program files\PoivY.com\PoivY\PoivY.exe" [2008-09-26 9102112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-12-04 46704]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-14 148888]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-08 645328]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-01-09 1176808]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-19 468264]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-01 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM\~\startupfolder\C:^Users^Utente^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AutoLyrix.lnk]
path=c:\users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoLyrix.lnk
backup=c:\windows\pss\AutoLyrix.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Utente^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9BA697B1-915C-4D61-A4FD-4A685A2B695F}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{45E9392E-1E22-424B-A50C-E49D9433C510}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{AF8CF5BE-8FC3-47B4-A050-F0A54D8DE1D1}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{8DECF182-E4F8-4A7F-91A5-872FFFE6A6C4}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{CB53E6C5-95DE-4EBE-81C7-D8022B21E053}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{018A8A45-657B-43C2-BD0F-AA78AB1ED596}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{ADDDF97D-1BB8-43AA-9A19-08C2C1AF7DD5}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{CB8CF604-16C7-47BC-A3B7-794083351E29}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{5A349D5F-7813-49B5-BBB9-F0F23A6E31D5}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{64CBA301-5FDA-4850-A29F-ED26F4FF4964}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{BAFB88BA-5BFB-49BD-AE71-793AB59CC9D1}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{66B929BD-8124-44E9-8A5C-3E3752952FA0}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{A24CF1F3-9446-4041-88D0-5E8F23690881}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{D3863EFA-D539-4E33-A727-22399C01D96E}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{23412EA0-E5CC-492B-8B7E-C501076F464A}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{6A423948-CFF2-412C-A96F-10ED6F17EB81}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{EA44934B-1F47-4CC3-9FE1-FCBDCF3E0C50}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{813C92B2-705B-4000-868A-32CF2EB9F219}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{6D872ACC-E90F-4DA4-A7CE-CD9466A03960}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{125AEC90-117F-462D-8545-D70D55144697}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X
"{538E6507-533C-4E01-ACCD-B086623C956F}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X
"{470D2922-CA8C-4095-A3F2-CE01712C155C}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X
"{0EC91057-2450-440A-BD2B-95A2FCB4CA3E}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\xchat\\xchat.exe"= c:\program files\xchat\xchat.exe:*:Enabled:XChat IRC Client

R0 Lbd;Lbd; [x]
R2 gupdate1c9a3f1bdcd0f3e;Servizio di Google Update (gupdate1c9a3f1bdcd0f3e);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2008-11-25 9728]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2008-11-25 3072]
R3 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
R3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
S1 is-8LH1Gdrv;is-8LH1Gdrv;c:\windows\system32\DRIVERS\63692176.sys [2008-07-08 148496]
S1 is-PDJFDdrv;is-PDJFDdrv;c:\windows\system32\DRIVERS\10947585.sys [2008-07-08 148496]
S2 ASBroker;Operatore della sessione di accesso;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ASChannel;Canale di comunicazione locale;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2008-10-02 482176]


--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
bthsvcs REG_MULTI_SZ BthServ
.
Contenuto della cartella 'Scheduled Tasks'

2009-05-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-02 14:05]

2009-05-04 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 15:37]

2009-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-603610610-2782796317-2799079916-1000.job
- c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-18 18:20]

2008-09-04 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-25 09:53]

2008-09-04 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-25 09:53]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-Woopra - c:\program files\Woopra\Woopra.exe


.
------- Scansione supplementare -------
.
uStart Page = www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\danhltyj.default\
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Utente\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-04 16:32
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-603610610-2782796317-2799079916-1000\Software\SecuROM\License information*]
"datasecu"=hex:d4,64,30,fe,f1,06,01,11,21,97,24,99,60,47,25,c2,5b,7f,56,3f,a4,
6c,22,25,93,2c,4f,56,13,31,1c,e2,9d,df,6d,13,63,87,68,e4,41,2d,02,ad,7c,e1,\
"rkeysecu"=hex:7d,9a,36,f9,97,f7,5a,18,dd,82,e4,3e,61,55,92,01

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'lsass.exe'(704)
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll

- - - - - - - > 'Explorer.exe'(4792)
c:\program files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\a-squared Free\a2service.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\windows\System32\rundll32.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\System32\IoctlSvc.exe
c:\program files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\Bioscrypt\VeriSoft\Bin\asghost.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Ora fine scansione: 2009-05-04 16.37.46 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-05-04 14:37

Pre-Run: 22.093.041.664 byte disponibili
Post-Run: 21.869.854.720 byte disponibili

308 --- E O F --- 2009-05-04 14:15
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mar mag 05, 2009 8:44 am

abilita la visualizzazione dei file nascosti (apri una cartella qualsiasi, vai su Strumenti--> Opzioni cartella--> Visualizzazione e spunta Visualizza file e cartelle nascosti


analizza su virustotal questi due file evidenziati in rosso

c:\users\Utente\AppData\Local\d3d9caps.dat

c:\windows\bthservsdp.dat

ci sono tracce del bagle
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » mar mag 05, 2009 2:04 pm

il primo no ha trovato niente,e il secondo mi diceva che non potevo caricarlo perche non avevo le autorizzazioni
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer mag 06, 2009 10:16 am

Scarica Avenger
http://swandog46.geekstogo.com/avenger.zip

Estrailo in una cartella a tua scelta
Esegui il file avenger.exe
Ora incolla queste righe in rosso nella box bianco che si è aperta:


files to delete:
c:\users\Utente\AppData\Local\d3d9caps.dat
c:\windows\system32\drivers\63692176.sys
c:\windows\system32\DRIVERS\63692176.sys
c:\windows\system32\drivers\10947585.sys
c:\windows\bthservsdp.dat



Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » mer mag 06, 2009 2:56 pm

ho fatto come hai detto tu ma quando faccio execute mi da un messaggio di errore con scritto: "Error: invalid script. A valid script must begin with a command directive. aborting execution!"
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer mag 06, 2009 3:14 pm

eseguilo come amministratore

tasto dx su avenger ed esegui di nuovo l'operazione
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » mer mag 06, 2009 3:45 pm

neanche con amministratore funziona ...mi da lo stesso errore
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer mag 06, 2009 3:48 pm

vai in C:\ e vedi se c'e' il log di avenger, anche quell'errore potrebbe significare che i file non sono piu' nel tuo pc
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » mer mag 06, 2009 4:15 pm

ho trovato solo questo:

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 15:54:37 2009

15:54:37: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 15:54:57 2009

15:54:57: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 15:58:07 2009

15:58:07: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 16:43:54 2009

16:43:54: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 16:44:26 2009

16:44:26: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Wed May 06 16:45:06 2009

16:45:06: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer mag 06, 2009 5:54 pm

probabilmente avenger non capisce la codifica dei caratteri

prova a rimuoverli a mano

visualizza i file nascosti

clicca sul tasto “organizza” presente in ogni cartella. In seguito seleziona la voce “opzioni ricerca e cartella” dal menu.Si aprirà una finestra in cui dovrai selezionare la tabella “Visualizza” e a questo punto clicca all’interno del cerchio presente di fianco a “Mostra file e cartelle noscoste”,clicca su OK e a questo punto sia le cartelle che i file nascosti presenti sul PC saranno visibili.


vai in modalita' provvisoria ed elimina manualmente i file che ti ho postato
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Re: icone non si vedono

Messaggioda ivan92 » mer mag 06, 2009 7:36 pm

ho fatto come hai detto tu ma niente ...
Avatar utente
ivan92
Senior Member
Senior Member
 
Messaggi: 285
Iscritto il: mer gen 09, 2008 4:48 pm
Località: orsago( tv)

Re: icone non si vedono

Messaggioda stevens » mer mag 06, 2009 8:34 pm

ho fatto come hai detto tu ma niente ...


non ho capito....non li hai trovati ?
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm

Prossimo

Torna a Sistema Operativo

Chi c’è in linea

Visitano il forum: Nessuno e 19 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising