Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Windows Firewall

Problemi con i sistemi operativi di casa Microsoft? Questa è la sezione che fa per te!

Windows Firewall

Messaggioda sclensis » gio lug 09, 2009 12:02 pm

Salve a tutti. io ho windows Vista nel mio PC e tra ieri e oggi ho seguito un sacco di guide per sistemarlo perché era attaccato da un sacco di bagle a altrei virus strani, sono riuscito a riattivare il centro sicurezza PC, da tempo disattivato..Solo che ora l'unico problema è il Firewall.... quando apro le opzioni x attivarlo dice che è impossibile attivarlo, non mi fa scaricare gli aggoirnamenti richiesti e dice che è da attivare manualmente, anche se dopo averlo fatto non ho risolto niente....Ho fatto anche uca cosa per resettarlo (sempre letta da unha guida) ma non funziona nemmeno quello...Vi prego aiutatemii!!Grazie
Avatar utente
sclensis
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: mer lug 08, 2009 5:53 pm

Re: Windows Firewall

Messaggioda riise90 » gio lug 09, 2009 12:58 pm

sclensis ha scritto:Salve a tutti. io ho windows Vista nel mio PC e tra ieri e oggi ho seguito un sacco di guide per sistemarlo perché era attaccato da un sacco di bagle a altrei virus strani

Sicuro che sia stato eliminato tutto? Che programmi hai usato per la scansione? Comunque il firewall di Windows lo puoi disattivare definitivamente.
L'albero della libertà deve essere rinvigorito di tanto in tanto con il sangue dei patrioti e dei tiranni. Esso ne rappresenta il concime naturale.
Avatar utente
riise90
Bronze Member
Bronze Member
 
Messaggi: 826
Iscritto il: mar lug 01, 2008 3:48 pm
Località: Roma

Re: Windows Firewall

Messaggioda ste_95 » gio lug 09, 2009 1:18 pm

Si dai, per sicurezza facciamo ancora qualche controllo...

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am


Re: Windows Firewall

Messaggioda sclensis » sab lug 11, 2009 1:54 pm

ecco qui il risultato :

ComboFix 09-07-08.A0 - Matteo_2 09/07/2009 23.28.51.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.39.1040.18.2047.1145 [GMT 2:00]
Eseguito da: c:\users\Matteo_2.PC-Matteo\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {002A0148-0053-0078-0000-000000002A00}
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: AntiVir Desktop *disabled* (Outdated) {002A0148-0053-0078-0000-000000002A00}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1183912856-3019111323-3057316918-500
c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\$recycle.bin\S-1-5-21-372612208-3294270740-2322141399-1002
c:\$recycle.bin\S-1-5-21-372612208-3294270740-2322141399-1003
c:\$recycle.bin\S-1-5-21-372612208-3294270740-2322141399-1004
C:\InfoSat.txt
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\chrome.manifest
c:\program files\RelevantKnowledge\install.rdf
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlph.dll
c:\program files\RelevantKnowledge\rlxf.dll
c:\program files\RelevantKnowledge\sporder.dll
c:\users\Matteo_2.PC-Matteo\AppData\Roaming\esentutl.exe
c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\comrepl.exe
c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\rsvp.exe
c:\users\Matteo_2.PC-Matteo\AppData\Roaming\mstinit.exe
c:\users\Matteo_2.PC-Matteo\AppData\Roaming\spoolsv.exe
c:\users\MATTEO~1.PC-\AppData\Roaming\esentutl.exe
c:\users\MATTEO~1.PC-\AppData\Roaming\Microsoft\comrepl.exe
c:\users\MATTEO~1.PC-\AppData\Roaming\Microsoft\rsvp.exe
c:\users\MATTEO~1.PC-\AppData\Roaming\mstinit.exe
c:\users\MATTEO~1.PC-\AppData\Roaming\spoolsv.exe
c:\windows\Installer\110e5c.msi
c:\windows\Installer\1e0982.msi
c:\windows\Installer\62a8f92.msi
c:\windows\system\cisvc.exe
c:\windows\system\comrepl.exe
c:\windows\system\dllhst3g.exe
c:\windows\system\esentutl.exe
c:\windows\system\rsvp.exe
c:\windows\system\spoolsv.exe
c:\windows\system32\bf57f0e8.dll
c:\windows\system32\drivers\clipsrv.exe
c:\windows\system32\drivers\mqtgsvc.exe
c:\windows\system32\kr_done1

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_RelevantKnowledge


((((((((((((((((((((((((( Files Creati Da 2009-06-09 al 2009-07-09 )))))))))))))))))))))))))))))))))))
.

2009-07-09 14:56 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-09 10:22 . 2009-07-09 10:22 -------- d-----w- C:\a51e228e425e981a92b5e2278465
2009-07-09 09:28 . 2009-07-09 09:28 -------- d-----w- c:\program files\CCleaner
2009-07-09 09:16 . 2009-07-09 09:16 1464 ----a-w- C:\avexport.bat
2009-07-08 22:34 . 2008-07-27 18:00 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-07-08 22:33 . 2008-07-27 18:00 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-07-08 22:33 . 2008-07-27 18:00 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-07-08 22:28 . 2008-07-27 18:00 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-07-08 22:28 . 2008-07-27 18:00 83968 ----a-w- c:\windows\system32\mscories.dll
2009-07-08 21:13 . 2009-04-24 16:14 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-07-08 21:13 . 2009-04-24 16:14 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-08 21:13 . 2009-04-24 16:11 72704 ----a-w- c:\windows\system32\admparse.dll
2009-07-08 21:13 . 2009-04-24 13:53 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-08 21:13 . 2009-04-24 12:25 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-07-08 21:12 . 2009-04-23 12:56 696832 ----a-w- c:\windows\system32\localspl.dll
2009-07-08 21:05 . 2009-04-23 13:01 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-07-08 20:34 . 2009-07-08 20:34 6243 ----a-w- C:\backup.reg
2009-07-08 20:33 . 2009-07-09 09:16 574 ----a-w- C:\cleanup.bat
2009-07-08 20:33 . 2009-07-09 09:16 135168 ----a-w- C:\zip.exe
2009-07-08 20:02 . 2009-07-08 20:53 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Local\VirtualStore
2009-07-08 20:02 . 2009-07-08 20:53 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Local\VirtualStore
2009-07-08 19:59 . 2009-07-08 20:43 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-08 19:59 . 2009-07-08 20:43 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-08 19:56 . 2009-07-09 21:44 169729312 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-08 19:56 . 2009-07-09 21:19 -------- d-----w- c:\progra~2\Kaspersky Lab
2009-07-08 19:56 . 2009-07-08 19:56 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-08 19:55 . 2009-07-08 19:55 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2009-07-08 17:50 . 2009-07-08 19:34 -------- d-----w- C:\FindyKill
2009-07-08 10:13 . 2009-07-08 10:42 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Local\WinZip
2009-07-08 10:13 . 2009-07-08 10:42 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Local\WinZip
2009-07-07 23:05 . 2009-07-07 23:10 -------- d-----w- c:\program files\Windows Live
2009-07-07 23:02 . 2009-07-08 09:40 -------- d-----w- C:\MSNCleaner
2009-07-07 22:53 . 2009-07-07 22:53 -------- d-----w- C:\BackUpMSNCleaner
2009-07-07 22:46 . 2009-07-07 22:46 -------- d-----w- c:\program files\AxBx
2009-07-07 21:13 . 2009-07-07 21:13 -------- d-----w- c:\users\Matteo_2.PC-Matteo\Tracing
2009-07-07 21:10 . 2009-07-07 21:10 -------- d-----w- c:\program files\Microsoft
2009-07-07 21:00 . 2009-07-07 21:00 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-29 14:33 . 2009-06-29 14:33 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-06-29 14:33 . 2009-06-29 14:33 2117632 ----a-w- c:\windows\system32\python25.dll
2009-06-29 14:33 . 2009-06-29 14:33 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-06-29 14:32 . 2008-09-16 16:26 1332197 ----a-w- c:\windows\system32\pythondll.zip
2009-06-29 14:30 . 2009-06-29 14:30 -------- d-----w- c:\progra~2\AGI
2009-06-29 14:30 . 2009-06-29 14:32 -------- d-----w- c:\program files\AGI
2009-06-29 12:32 . 2009-06-29 12:32 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\DivX
2009-06-29 12:32 . 2009-06-29 12:32 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\DivX
2009-06-26 18:40 . 2009-06-26 18:40 -------- d-----w- c:\program files\AC3Filter
2009-06-26 13:53 . 2009-06-26 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-26 13:02 . 2009-06-26 13:02 9446 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{77614EA5-B521-4604-9AF3-1ACF10826DD3}\_6FEFF9B68218417F98F549.exe
2009-06-26 13:02 . 2009-06-26 13:02 9446 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{77614EA5-B521-4604-9AF3-1ACF10826DD3}\_42AA15C43A133293CFA1B4.exe
2009-06-26 13:02 . 2009-06-26 13:02 9446 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{77614EA5-B521-4604-9AF3-1ACF10826DD3}\_33FF69054B5E861AD501ED.exe
2009-06-26 12:56 . 2009-06-26 12:56 -------- d-----w- c:\program files\Caricature Software
2009-06-25 19:30 . 2009-06-25 19:30 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\Media Player Classic
2009-06-25 19:30 . 2009-06-25 19:30 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Media Player Classic
2009-06-25 15:25 . 2009-06-25 15:25 -------- d-----w- c:\progra~2\2935E
2009-06-25 14:19 . 2009-07-08 15:46 -------- d-----w- c:\program files\vghd
2009-06-25 14:19 . 2009-06-25 14:19 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\vghd
2009-06-25 14:19 . 2009-06-25 14:19 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\vghd
2009-06-16 12:09 . 2001-05-07 10:56 19805 ----a-w- c:\windows\system32\drivers\usbio.sys
2009-06-16 09:55 . 2009-06-16 09:55 -------- d-----w- c:\progra~2\B248
2009-06-15 16:47 . 2009-06-15 16:47 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\acccore
2009-06-15 16:47 . 2009-06-15 16:47 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\acccore
2009-06-15 16:46 . 2009-06-15 16:46 -------- d-----w- c:\progra~2\AOL OCP
2009-06-15 16:46 . 2009-06-15 16:46 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Local\AOL OCP
2009-06-15 16:46 . 2009-06-15 16:46 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Local\AOL OCP
2009-06-15 16:46 . 2009-06-15 16:46 -------- d-----w- c:\progra~2\AOL
2009-06-15 16:45 . 2009-06-15 16:45 -------- d-----w- c:\program files\Common Files\AOL
2009-06-15 16:44 . 2009-06-15 16:46 -------- d-----w- c:\program files\AIM6
2009-06-14 19:16 . 2009-06-14 19:16 -------- d-----w- c:\progra~2\Electronic Arts
2009-06-14 19:11 . 2009-06-14 19:11 10134 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-06-14 19:11 . 2009-06-14 19:11 -------- d-----w- c:\program files\Microsoft WSE
2009-06-14 18:58 . 2009-06-25 19:41 -------- d-----w- c:\program files\Electronic Arts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-09 21:40 . 2009-07-08 19:56 2273300 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-09 19:07 . 2009-03-14 22:51 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\uTorrent
2009-07-09 19:07 . 2009-03-14 22:51 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\uTorrent
2009-07-09 19:03 . 2008-10-05 12:04 -------- d-----w- c:\progra~2\Avg8
2009-07-09 14:45 . 2008-10-20 16:09 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-07-09 14:09 . 2008-11-27 22:44 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-09 14:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-09 13:32 . 2009-03-08 15:48 -------- d-----w- c:\progra~2\Microsoft Help
2009-07-09 09:05 . 2008-07-02 11:25 -------- d-----w- c:\program files\eMule
2009-07-08 20:44 . 2007-10-31 11:41 112144 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-08 16:15 . 2008-10-01 13:00 -------- d-----w- c:\progra~2\WinZip
2009-07-07 23:18 . 2008-10-06 19:45 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-07 23:10 . 2008-10-06 19:40 -------- d-----w- c:\program files\Windows Live Toolbar
2009-07-07 23:04 . 2008-07-01 16:59 -------- d-----w- c:\progra~2\WLInstaller
2009-07-05 15:34 . 2008-10-06 11:22 -------- d-----w- c:\program files\Common Files\PAC207
2009-06-30 13:26 . 2009-05-18 23:05 -------- d-----w- c:\program files\AV WebCam Morpher
2009-06-26 13:53 . 2008-09-05 10:54 -------- d-----w- c:\program files\DivX
2009-06-26 12:55 . 2009-04-12 20:45 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\GetRightToGo
2009-06-26 12:55 . 2009-04-12 20:45 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\GetRightToGo
2009-06-26 12:03 . 2008-09-29 20:08 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-06-25 22:31 . 2008-11-13 11:54 -------- d-----w- c:\program files\Common Files\Apple
2009-06-25 22:23 . 2009-02-16 21:34 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\SoundSpectrum
2009-06-25 22:23 . 2009-02-16 21:34 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\SoundSpectrum
2009-06-25 19:45 . 2007-01-07 17:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-25 19:42 . 2009-05-28 15:35 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\Atari
2009-06-25 19:42 . 2009-05-28 15:35 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Atari
2009-06-25 19:31 . 2008-07-01 13:10 -------- d-----w- c:\progra~2\LightScribe
2009-06-25 14:59 . 2009-01-05 11:14 152904 ----a-w- c:\windows\system32\vghd.scr
2009-06-13 14:11 . 2009-01-15 20:56 230432 ----a-w- C:\PA207.DAT
2009-06-08 22:18 . 2009-06-08 22:18 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\U3
2009-06-08 22:18 . 2009-06-08 22:18 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\U3
2009-06-08 20:41 . 2007-01-08 00:59 691958 ----a-w- c:\windows\system32\perfh010.dat
2009-06-08 20:41 . 2007-01-08 00:59 119350 ----a-w- c:\windows\system32\perfc010.dat
2009-06-06 21:34 . 2009-06-06 21:34 -------- d-----w- c:\program files\Datel
2009-06-04 12:49 . 2009-06-04 12:49 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\MoioSMS
2009-06-04 12:49 . 2009-06-04 12:49 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\MoioSMS
2009-05-28 16:20 . 2009-05-28 15:53 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-05-28 15:39 . 2009-05-28 15:39 -------- d-----w- c:\program files\Atari
2009-05-26 15:49 . 2009-05-23 14:06 680 ----a-w- c:\users\MATTEO~1.PC-\AppData\Local\d3d9caps.dat
2009-05-26 15:49 . 2009-05-23 14:06 680 ----a-w- c:\users\Matteo_2.PC-Matteo\AppData\Local\d3d9caps.dat
2009-05-25 14:34 . 2009-05-25 14:33 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-05-25 10:54 . 2009-05-25 10:54 194560 ----a-w- c:\windows\system32\oc_screensaver.scr
2009-05-20 12:18 . 2009-05-18 20:25 8 ----a-w- C:\temp.dat
2009-05-19 21:07 . 2009-02-11 13:50 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\Screenshot Sender
2009-05-19 21:07 . 2009-02-11 13:50 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Screenshot Sender
2009-05-19 10:38 . 2009-05-19 10:38 -------- d-----w- c:\progra~2\32101
2009-05-19 00:20 . 2009-05-19 00:20 -------- d-----w- c:\progra~2\272DE
2009-05-18 22:43 . 2009-05-18 22:43 -------- d-----w- c:\program files\QuickTime
2009-05-18 16:35 . 2007-01-07 17:24 -------- d-----w- c:\progra~2\CyberLink
2009-05-18 16:35 . 2009-05-18 16:35 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\CyberLink
2009-05-18 16:35 . 2009-05-18 16:35 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\CyberLink
2009-05-18 13:36 . 2009-02-13 20:58 -------- d-----w- c:\users\MATTEO~1.PC-\AppData\Roaming\Download Manager
2009-05-18 13:36 . 2009-02-13 20:58 -------- d-----w- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Download Manager
2009-05-18 10:34 . 2009-05-18 10:34 -------- d-----w- c:\progra~2\1AB7
2009-05-15 18:25 . 2009-05-15 18:25 -------- d-----w- c:\program files\Hasbro Interactive
2009-05-11 09:36 . 2009-05-11 09:36 -------- d-----w- c:\program files\VirtualDJ
2009-05-10 22:00 . 2009-02-10 21:50 54904 ----a-w- c:\users\MATTEO~1.PC-\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-10 22:00 . 2009-02-10 21:50 54904 ----a-w- c:\users\Matteo_2.PC-Matteo\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-07 12:55 . 2009-05-07 12:55 13094 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{BD8D42DC-02C9-47D0-99A3-7BF92E809D9C}\_2cd672ae.exe
2009-05-07 12:55 . 2009-05-07 12:55 13094 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{BD8D42DC-02C9-47D0-99A3-7BF92E809D9C}\_16496df1.exe
2009-05-07 12:55 . 2009-05-07 12:55 1078 ----a-r- c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Microsoft\Installer\{BD8D42DC-02C9-47D0-99A3-7BF92E809D9C}\_69525f90.exe
2009-04-24 16:22 . 2009-07-08 21:14 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-21 12:04 . 2009-07-08 21:14 2028032 ----a-w- c:\windows\system32\win32k.sys
2009-06-25 13:55 . 2007-01-07 17:11 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2009-06-25 13:55 . 2007-01-07 17:11 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2009-06-25 13:55 . 2007-01-07 17:11 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2009-06-25 13:55 . 2007-01-07 17:11 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2009-06-25 13:55 . 2007-01-07 17:11 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2007-01-08 01:40 . 2007-01-08 01:06 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2009-01-19 20:31 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-01-08 1232896]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"Aim6"="c:\program files\AIM6\aim6.exe" [2007-12-17 50528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-06 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-06 81920]
"PCMService"="c:\program files\Powercinema\PCMService.exe" [2007-02-14 159744]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2009-07-08 319488]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-25 148888]
"LXCECATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [2007-02-22 73728]
"lxcemon.exe"="c:\program files\Lexmark 4300 Series\lxcemon.exe" [2007-05-17 205744]
"EzPrint"="c:\program files\Lexmark 4300 Series\ezprint.exe" [2007-05-17 103344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-05-10 4468736]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-07 1826816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-372612208-3294270740-2322141399-1002]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [16/10/2007 11.05.28 20496]
R2 dvdmmg;dvdmmg;c:\windows\System32\drivers\dvdmmg.sys [06/09/2007 13.15.22 5504]
R2 WebCamHelper;WebCamHelper;c:\progra~1\AVWEBC~1\WebCamHelper.sys [19/05/2009 1.05.21 2688]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\System32\drivers\PFC027.SYS [14/05/2007 10.26.10 508288]
S2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\System32\drivers\avwebcam.sys [17/05/2009 23.24.39 215552]
S2 gupdate1c98e11e57e9586;Servizio di Google Update (gupdate1c98e11e57e9586);c:\program files\Google\Update\GoogleUpdate.exe [13/02/2009 21.33.04 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{905502AB-1987-46cd-9EC5-42B1E087D319} - c:\program files\EasyPrediction\2.0\ltie.dll
HKLM-Explorer_Run-ClipSrv - c:\windows\System\clipsrv.exe
HKLM-Explorer_Run-MstInit - c:\windows\mstinit.exe
HKLM-Explorer_Run-Esent Utl - c:\users\Matteo_2.PC-Matteo\LOCALS~1\APPLIC~1\MICROS~1\esentutl.exe
HKLM-Explorer_Run-DllHst - c:\users\MATTEO~1.PC-\AppData\Roaming\dllhst3g.exe
HKLM-Explorer_Run-rsvp - c:\users\MATTEO~1.PC-\AppData\Roaming\rsvp.exe
HKLM-Explorer_Run-IEudinit - c:\windows\System32\drivers\ieudinit.exe
HKLM-Explorer_Run-MqtgSVC - c:\windows\mqtgsvc.exe
HKLM-Explorer_Run-CmSTP - c:\windows\System32\drivers\cmstp.exe
HKLM-Explorer_Run-ComRepl - c:\windows\System32\drivers\comrepl.exe
HKLM-Explorer_Run-Cisvc - c:\users\Matteo_2.PC-Matteo\LOCALS~1\APPLIC~1\cisvc.exe
HKLM-Explorer_Run-Mstsc - c:\users\MATTEO~1.PC-\AppData\Roaming\mstsc.exe
HKLM-Explorer_Run-Logman - c:\windows\System\logman.exe
HKCU-Explorer_Run-MqtgSVC - c:\users\MATTEO~1.PC-\AppData\Roaming\mqtgsvc.exe
HKU-Default-Explorer_Run-Cisvc - c:\windows\System32\drivers\cisvc.exe


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://www.forospyware.com
mWindow Title =
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
FF - ProfilePath - c:\users\MATTEO~1.PC-\AppData\Roaming\Mozilla\Firefox\Profiles\6ep31dcw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF - prefs.js: browser.search.selectedEngine - PHPNukeEN Customized Web Search
FF - prefs.js: browser.startup.homepage - http://www.google.it
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}\components\FFAlert.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}\components\FFAlert.dll
FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
FF - component: c:\users\Matteo_2.PC-Matteo\AppData\Roaming\Mozilla\Firefox\Profiles\6ep31dcw.default\extensions\{3DB3D228-A2E9-4581-B400-CE1331C5269E}\components\LTff.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.
.
------- Associazioni dei file -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-09 23:42
Windows 6.0.6000 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCECATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'Explorer.exe'(3780)
c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Powercinema\Kernel\TV\PCMRM2Splter.ax
c:\program files\Powercinema\Kernel\TV\PCMBM2Splter.ax
c:\program files\Powercinema\Kernel\TV\PCMBM1Splter.ax
c:\program files\Powercinema\Kernel\VideoProcessor\MDTLM1Splter.ax
c:\program files\Powercinema\Kernel\VideoProcessor\MDTLM2Splter.ax
c:\program files\common files\ahead\dsfilter\nevideo.ax
c:\program files\Common Files\Ahead\Lib\AdvrCntr2.dll
c:\program files\Common Files\Ahead\DSFilter\NeMP4Splitter.ax
c:\program files\Common Files\Ahead\DSFilter\NeFLVSplitter.ax
c:\program files\Common Files\Ahead\DSFilter\NeSplitter.ax
c:\program files\Powercinema\Kernel\Movie\CLDemuxer.ax
c:\program files\Common Files\Ahead\DSFilter\NeOggSplitter.ax
c:\program files\Common Files\Ahead\DSFilter\NeSubpicture.ax
c:\program files\Common Files\Ahead\DSFilter\NeResize.ax
c:\program files\common files\ahead\dsfilter\nevideohd.ax
c:\program files\Powercinema\Kernel\Video\CLMedia.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
c:\program files\Powercinema\Kernel\TV\CLCapSvc.exe
c:\windows\System32\lxcecoms.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Powercinema\Kernel\TV\CLSched.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Ora fine scansione: 2009-07-09 23.54.12 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-07-09 21:53

Pre-Run: 93.318.844.416 byte disponibili
Post-Run: 94.791.000.064 byte disponibili

Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7
385 --- E O F --- 2009-07-09 15:39
Avatar utente
sclensis
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: mer lug 08, 2009 5:53 pm

Re: Windows Firewall

Messaggioda ste_95 » sab lug 11, 2009 1:58 pm

ComboFix ha cancellato un sacco di schifezze, e ora non si vedono più anomalie. Tu riscontri gli stessi problemi?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Windows Firewall

Messaggioda sclensis » sab lug 11, 2009 4:33 pm

bè ora mm parte più emule..non ci credo....l'ho disinstallato e rinstallato..ma non ci sono server, kad, niente..se può essere utile quando ho acceso il computer oggi si è avviato un controllo del disco C...e comunque il firewall non parte lo stesso...
Avatar utente
sclensis
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: mer lug 08, 2009 5:53 pm

Re: Windows Firewall

Messaggioda riise90 » sab lug 11, 2009 9:06 pm

sclensis ha scritto:ma non ci sono server, kad, niente

Li puoi aggiungere da qua.
Che firewall usi?
L'albero della libertà deve essere rinvigorito di tanto in tanto con il sangue dei patrioti e dei tiranni. Esso ne rappresenta il concime naturale.
Avatar utente
riise90
Bronze Member
Bronze Member
 
Messaggi: 826
Iscritto il: mar lug 01, 2008 3:48 pm
Località: Roma


Torna a Sistema Operativo

Chi c’è in linea

Visitano il forum: Nessuno e 10 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising