Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

WMP non riproduce mp3 e apre pagina web

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

WMP non riproduce mp3 e apre pagina web

Messaggioda kegia20 » mer ott 14, 2009 7:23 pm

E' da oggi che sia WMP che VLC danno lo stesso problema, apro una canzone in mp3 e non la riproduce, cioè appare una roba che dice qualcosa in inglese che non si riesce a leggere perché scompare subito ma mi sembra di aver visto qualcosa di questo genere: "vuoi ascoltare mp3? scarica f2player ecc." e mi si apre internet in automatico alla seguente pagina:

http://free.f2player.com/?r=wmp&title=a ... dded=false

io ho vista sp2 protetto da avira free aggiornato ad oggi, comodo firewall aggiornato ad oggi.

Ps. itunes va serenamente bene, nessun problema!
Pps. Ho fatto una pulizia con combofix, e a seguire ccleaner, tutto andava, dopo la prima canzone di nuovo stesso problema. Può essere un mp3 infetto? perché è successo alla seconda canzone...allego comunque un log hijackthis e il log precedente di combofix seguente alla pulizia

ComboFix 09-10-13.04 - Giacche 14/10/2009 19.20.21.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.3068.1779 [GMT 2:00]
Eseguito da: c:\users\Giacche\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2819230314-2931954167-2198905787-500
c:\$recycle.bin\S-1-5-21-4196399640-581621383-2964364836-500
c:\windows\Installer\1ebac.msi
c:\windows\Installer\1ebb0.msi
c:\windows\Installer\1ebb4.msi
c:\windows\Installer\1ebb8.msi
c:\windows\Installer\1ebbc.msi
c:\windows\Installer\1f6d58.msi
c:\windows\system32\oem11.inf

.
((((((((((((((((((((((((( Files Creati Da 2009-09-14 al 2009-10-14 )))))))))))))))))))))))))))))))))))
.

2009-10-14 17:28 . 2009-10-14 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-08 14:50 . 2009-10-08 14:50 -------- d-----w- c:\program files\Microsoft
2009-10-05 00:33 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-26 17:38 . 2009-09-26 17:39 -------- d-----w- c:\program files\VirtualDJ
2009-09-26 16:52 . 2009-09-26 16:52 -------- d-----w- c:\program files\uTorrent
2009-09-26 16:50 . 2009-10-14 17:01 -------- d-----w- c:\users\Giacche\AppData\Roaming\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 17:02 . 2008-12-01 12:32 662846 ----a-w- c:\windows\system32\perfh010.dat
2009-10-14 17:02 . 2008-12-01 12:32 120326 ----a-w- c:\windows\system32\perfc010.dat
2009-10-14 16:56 . 2009-06-27 10:36 32061 ----a-w- c:\programdata\nvModes.dat
2009-10-14 12:31 . 2008-12-16 01:35 2140 ----a-w- c:\windows\bthservsdp.dat
2009-10-14 11:13 . 2009-07-04 11:31 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-10-14 11:10 . 2009-07-04 11:31 179792 ----a-w- c:\windows\system32\guard32.dll
2009-10-14 11:10 . 2009-07-04 11:31 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-10-14 11:10 . 2009-07-04 11:31 128888 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-10-12 05:18 . 2008-12-01 05:30 -------- d-----w- c:\programdata\Microsoft Help
2009-10-12 00:13 . 2009-07-05 23:50 -------- d-----w- c:\users\Giacche\AppData\Roaming\Skype
2009-10-11 22:04 . 2009-06-28 11:34 -------- d-----w- c:\users\Giacche\AppData\Roaming\skypePM
2009-10-05 09:15 . 2009-06-27 12:30 -------- d-----w- c:\users\Giacche\AppData\Roaming\Apple Computer
2009-10-05 09:04 . 2009-06-27 12:19 -------- d-----w- c:\programdata\Apple
2009-10-01 17:33 . 2009-06-27 15:25 -------- d-----w- c:\programdata\pdf995
2009-10-01 17:33 . 2009-06-27 15:25 60 ----a-w- c:\windows\wpd99.drv
2009-09-29 21:28 . 2009-07-01 10:51 -------- d-----w- c:\program files\Windows Live Safety Center
2009-09-27 22:49 . 2009-07-17 14:23 -------- d-----w- c:\program files\PokerStars.IT
2009-09-27 12:54 . 2009-06-27 10:25 127152 ----a-w- c:\users\Giacche\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-22 10:13 . 2009-06-27 11:15 -------- d-----w- c:\program files\Avira
2009-09-19 18:54 . 2009-09-19 18:54 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-09-17 13:36 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-12 16:40 . 2009-09-12 16:40 -------- d-----w- c:\program files\SopCast
2009-09-06 12:12 . 2009-07-03 18:06 -------- d-----w- c:\users\Giacche\AppData\Roaming\Nokia
2009-09-06 12:10 . 2009-07-03 18:06 -------- d-----w- c:\users\Giacche\AppData\Roaming\PC Suite
2009-09-01 15:43 . 2009-09-01 15:43 -------- d-----w- c:\program files\mp3DirectCut
2009-08-29 15:06 . 2009-08-29 15:06 -------- d-----w- c:\program files\Veetle
2009-08-29 15:01 . 2009-08-29 15:01 -------- d-----w- c:\programdata\TVU Networks
2009-08-29 15:01 . 2009-08-29 14:51 -------- d-----w- c:\program files\TVUPlayer
2009-08-28 12:39 . 2009-09-02 22:07 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-02 22:07 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-26 22:09 . 2008-12-01 05:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-26 16:36 . 2009-08-26 16:36 -------- d-----w- c:\programdata\WindowsSearch
2009-08-20 16:42 . 2009-06-27 11:15 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-14 17:07 . 2009-09-12 14:12 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 16:29 . 2009-09-12 14:12 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-14 16:29 . 2009-09-12 14:12 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 14:16 . 2009-09-12 14:12 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 14:16 . 2009-09-12 14:12 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 14:16 . 2009-09-12 14:12 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 14:16 . 2009-09-12 14:12 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 14:16 . 2009-09-12 14:12 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 14:16 . 2009-09-12 14:12 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 14:16 . 2009-09-12 14:12 10240 ----a-w- c:\windows\system32\finger.exe
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-22 13:51 . 2009-07-22 13:50 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-21 21:52 . 2009-07-29 10:41 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 10:41 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 10:41 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 10:41 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-20 16:49 71680 ----a-w- c:\windows\system32\atl.dll
2008-12-01 12:58 . 2008-12-01 12:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-12 1414144]
"Google Update"="c:\users\Giacche\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-16 133104]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-09-26 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-19 13593120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-19 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-09-23 912688]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-04-22 206120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-10 148888]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-10-14 1799952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
Server di rete.lnk - c:\program files\WIBUKEY\Server\WkSvMgr.exe [2009-6-27 3768320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6A081106-5B59-4B9E-8D49-DE9C879B53EE}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{1D8E40C4-6DC3-4476-9290-346B74386594}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe:HP TouchSmart Music
"{1B1C33B4-6F69-4C1E-B1FE-2267B501E97D}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{E346EC81-EC96-46A0-9203-A7FED0FC9F34}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe:HP TouchSmart Video
"{37DAE1CC-4562-4533-A2A4-FB7F177ED13C}"= c:\program files\Hewlett-Packard\Media\DVD\TSMAgent.exe:HP TouchSmart Media Resident Program
"{73EF670C-B064-4990-9C19-87FEA0BD3EEB}"= c:\program files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"{DCE83139-A87F-4B2A-B448-0F393423808E}"= c:\program files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe:HP MediaSmart DVD
"{2D910B5A-A45A-4DF9-B43F-25F1EC2331BC}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe:HP TouchSmart Music
"{AC52FB79-2BF8-4DD8-B5A8-C31BC995B187}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{F97375A3-E76B-41C1-A9E1-97644A40DA77}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe:HP TouchSmart Video
"{915A622A-FAB4-4ACD-826C-F5D90C16FE89}"= c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe:HP TouchSmart Media Resident Program
"{8EEEF539-3F19-4034-A1A8-910DC9A9F548}"= c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"{456403F6-30F2-4FDC-AC44-6BBC45925E44}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{822211E0-CD13-41A5-83C4-0139377390F3}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DB14D1F5-5C45-4A5E-B547-7F4BD6E28EC8}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{D947C8E3-DF31-4417-8FD5-29A0520EB78A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{C2DE0FFB-7A05-4375-805F-48CC53D1A31E}c:\\program files\\graphisoft\\archicad 12\\archicad.exe"= UDP:c:\program files\graphisoft\archicad 12\archicad.exe:ArchiCAD 12.0.0 Component
"UDP Query User{A87C0D6A-1A4B-4D3C-B625-F1B2482C2009}c:\\program files\\graphisoft\\archicad 12\\archicad.exe"= TCP:c:\program files\graphisoft\archicad 12\archicad.exe:ArchiCAD 12.0.0 Component
"TCP Query User{D8293029-D8EA-4078-B59F-BBFE7BE874E7}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{B5744EE0-D7C4-4183-9FF7-F2889CAD0261}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{FF8A572E-1221-4D5F-9EFD-30B42C46697F}"= c:\program files\Hewlett-Packard\Media\TV\QP.exe:Quick Play
"{FECFEB14-6E74-4316-B849-0CD96E35105D}"= c:\program files\Hewlett-Packard\Media\TV\QPService.exe:Quick Play Resident Program
"TCP Query User{50BC026F-21C4-4522-BDCE-2B1D4123F742}c:\\program files\\google\\google sketchup 7\\sketchup.exe"= UDP:c:\program files\google\google sketchup 7\sketchup.exe:SketchUp Application
"UDP Query User{8A7856CC-EE59-4DE8-9703-FEA5D7BDE80F}c:\\program files\\google\\google sketchup 7\\sketchup.exe"= TCP:c:\program files\google\google sketchup 7\sketchup.exe:SketchUp Application
"{38ACE4EF-A020-4650-86E5-B148994D2F58}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F59CBDF3-957A-4EC2-93DB-C5CC3FCE2BE3}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{2BD86E0E-7CE4-4922-B2C7-F5E76C7B484C}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{9952C3B5-37DF-40D5-A574-85313AA0D51D}"= UDP:c:\giochi\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{4FAD9BE7-92B7-4EFC-B305-F0F0227EB54E}"= TCP:c:\giochi\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{AF798D2A-3410-4262-A330-12ABCAA18C61}"= UDP:c:\giochi\Gta 4\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{2B247E24-AEE7-4A9B-8F3D-4D8D1048E785}"= TCP:c:\giochi\Gta 4\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"TCP Query User{A180B1F5-AC1F-4EA3-8686-F8EF9675B7AB}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{1784AE98-4E8A-4856-BCE0-AC3F61B8F626}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{33BC2A4A-ABB0-41A0-ADF2-D91718184520}c:\\giochi\\guitar hero\\gh3.exe"= UDP:c:\giochi\guitar hero\gh3.exe:Guitar Hero III
"UDP Query User{8E760DF9-7670-4432-9E31-E816C9E3E394}c:\\giochi\\guitar hero\\gh3.exe"= TCP:c:\giochi\guitar hero\gh3.exe:Guitar Hero III
"{E82C6EE2-DF8D-4D6D-B6DF-29949BBDA943}"= UDP:5353:Adobe CSI CS4
"{D31D799A-4E14-483D-B62F-A52BD7C9038D}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{145FF8DF-D958-4242-B418-F95B19F1CC61}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"TCP Query User{474EA8CC-FD2F-422D-973D-1F09CA4190A0}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{304997E5-47BE-4B67-BBC0-3D59EC4E1E84}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{1B334C09-E93D-4BE7-BC5A-2FBE01C3969D}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{BFFE7BCD-0B8A-4788-B999-93199A140DD8}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{86226355-2F91-4096-A6BE-DECD67A0EDCE}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{6D1F669C-78F8-4693-A98C-3CAF255AB0A4}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{97A4C267-C1F0-4877-8956-8D71E47B4530}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{E38523AA-785B-4BB9-BBD6-0A4CF86F7253}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"{84BE11C8-4072-434E-B326-BDA46726E532}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{12EDCB33-7F72-495A-B1B2-086082FC1679}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [04/07/2009 13.31.00 128888]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [04/07/2009 13.31.00 29520]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [26/09/2008 3.36.34 59376]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [02/03/2009 18.43.08 81920]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 4.23.43 21504]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18/03/2008 17.24.58 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [01/12/2008 7.56.01 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [22/04/2009 22.53.22 296320]
R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [22/04/2009 22.53.22 116104]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [01/12/2008 6.58.49 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [04/09/2008 19.47.00 54784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 22.55.12 66080]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [07/08/2008 19.01.44 97536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-14 08:54]

2009-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819230314-2931954167-2198905787-1000Core.job
- c:\users\Giacche\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-16 13:53]

2009-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2819230314-2931954167-2198905787-1000UA.job
- c:\users\Giacche\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-16 13:53]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uInternet Settings,ProxyOverride = *.local
IE: Aggiungi a PDF esistente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Aggiungi destinazione link a PDF esistente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti destinazione link in Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti in Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\program files\PokerStars.IT\PokerStarsUpdate.exe
FF - ProfilePath - c:\users\Giacche\AppData\Roaming\Mozilla\Firefox\Profiles\sh92s4sn.default\
FF - prefs.js: browser.startup.homepage - http://www.google.it
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\users\Giacche\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\Giacche\AppData\Roaming\Mozilla\Firefox\Profiles\sh92s4sn.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-14 19:29
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2819230314-2931954167-2198905787-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,41,85,f9,76,80,26,ab,f5,c7,7f,76,0c,f2,ee,af,62,07,b9,f9,df,
72,de,a0,1e,76,a4,ba,59,54,89,89,88,a5,a2,15,ab,52,94,97,93,e8,d9,f6,e6,f7,\
"rkeysecu"=hex:e9,04,9b,ce,3e,08,cc,c9,e2,9a,d8,98,dc,b9,9a,3b

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1168)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(732)
c:\windows\system32\guard32.dll
.
Ora fine scansione: 2009-10-14 19.32.07
ComboFix-quarantined-files.txt 2009-10-14 17:32

Pre-Run: 150.773.698.560 byte disponibili
Post-Run: 156.814.860.288 byte disponibili

267 --- E O F --- 2009-10-12 05:19


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.29.57, on 14/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Explorer.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files\DIALux\DLXShellExtension.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Google Update] "C:\Users\Giacche\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Server di rete.lnk = C:\Program Files\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Aggiungi destinazione link a PDF esistente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll C:\Windows\System32\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

--
End of file - 11836 bytes
Avatar utente
kegia20
Aficionado
Aficionado
 
Messaggi: 78
Iscritto il: ven feb 04, 2005 2:09 pm
Località: Verona, Milano, Firenze

Re: WMP non riproduce mp3 e apre pagina web

Messaggioda Seba:-) » mer ott 14, 2009 7:37 pm

kegia20 ha scritto:http://free.f2player.com/?r=wmp&title=a%20MP3%20song&embedded=false

Quel download è segnalato pericoloso solo da Microsoft (su VirusTotal), ma credo proprio sia un malware molto nuovo: guarda questa pagina (scritta il 12 ottobre)
At the time of writing Wimad.CO contacts the website 'free.f2player.com' and downloads a file detected as TrojanDownloader:Win32/Swizzor.gen!L.

Probabilmente hai aperto un MP3 infetto, prova a vedere se VLC e WMP riescono ad aprire altre canzoni...
Grazie Zane!
Avatar utente
Seba:-)
Silver Member
Silver Member
 
Messaggi: 1739
Iscritto il: ven nov 07, 2008 7:16 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 24 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising