Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

COMPUTER BLOCCATO

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » mer set 16, 2009 12:16 pm

Salve,
ieri sera stavo scaricando LIVE PLAYER per vedere le partite in streaming e durante il download il mio antivirus Antivir lo ha bloccato.
Questa mattina ho acceso il computer e dopo un po' si è bloccato!
Ho fatto anche la scansione con Antivir ma si è bloccata; ed anche la connessione ad internet è blocccata: infatti sto usando un altro computer per inviare il messaggio.

Che devo fare?
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » mer set 16, 2009 12:24 pm

http://www.MegaLab.it/4037/live-player- ... n-sorpresa

Vedi se riesci ad avviare il pc in modalità provvisoria ed eseguire la scansione con Combofix.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » mer set 16, 2009 5:58 pm

L'ho fatta la scansione...adesso che devo fare?
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm


Re: COMPUTER BLOCCATO

Messaggioda Amantide » mer set 16, 2009 6:55 pm

Postami il contenuto del file di report C:\combofix.txt, inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
, così vediamo se c'è dell'altro.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » gio set 17, 2009 11:16 am

Ciao,
sono riuscito a far ripartire internet, ma le pagine web ci mettono molto tempo per aprirsi e Antivir non si riesce ad aggioranre....che devo fare?

ComboFix 09-09-14.02 - AUGUSTO 16.09.2009 16:03.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.1015.207 [GMT 2:00]
Eseguito da: c:\users\AUGUSTO\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00613500-077F-0000-0000-000000006100}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00310034-0034-0034-6300-630066003100}
SP: AntiVir Desktop *disabled* (Outdated) {00613500-077F-0000-0000-000000006100}
SP: AntiVir Desktop *enabled* (Updated) {00310034-0034-0034-6300-630066003100}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\windows\system32\gatherWirelessInfo.vbs

.
((((((((((((((((((((((((( Files Creati Da 2009-08-16 al 2009-09-16 )))))))))))))))))))))))))))))))))))
.

2009-09-16 14:11 . 2009-09-16 14:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-16 14:11 . 2009-09-16 14:11 -------- d-----w- c:\users\AUGUSTO\AppData\Local\temp
2009-09-15 18:13 . 2009-09-15 18:13 131018 ----a-w- c:\users\AUGUSTO\AppData\Local\frcdoars.exe
2009-09-15 09:57 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-09-15 09:57 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-09-14 15:32 . 2009-09-14 15:32 -------- d-----w- c:\windows\Sun
2009-09-14 14:36 . 2009-09-14 15:17 -------- d-----w- c:\users\AUGUSTO\AppData\Roaming\dvdcss
2009-09-14 13:29 . 2009-09-14 13:29 -------- d-----w- c:\programdata\WindowsSearch
2009-09-14 10:26 . 2009-09-14 10:27 -------- d-----w- c:\users\AUGUSTO\AppData\Local\Adobe
2009-09-13 10:58 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-09-13 10:40 . 2008-01-19 07:36 1541120 ----a-w- c:\windows\system32\onex.dll
2009-09-13 10:39 . 2008-01-19 07:37 866816 ----a-w- c:\windows\system32\wmpmde.dll
2009-09-13 10:38 . 2008-01-19 07:37 26624 ----a-w- c:\windows\system32\wtsapi32.dll
2009-09-13 10:37 . 2008-01-19 07:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2009-09-13 10:37 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-09-13 10:37 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-09-13 10:37 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-09-13 10:37 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-09-13 10:37 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2009-09-13 10:37 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-09-13 10:37 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2009-09-13 10:37 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-09-13 10:36 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2009-09-13 10:36 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2009-09-13 10:36 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2009-09-13 10:36 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-09-13 10:36 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-09-13 10:35 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2009-09-13 10:35 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-09-13 10:35 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-09-13 10:35 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2009-09-13 10:35 . 2006-11-02 09:39 6656 ----a-w- c:\windows\system32\kbd106.dll
2009-09-12 13:16 . 2009-09-12 13:16 269312 ----a-w- c:\windows\system32\es.dll
2009-09-11 12:21 . 2009-09-11 12:21 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-11 12:18 . 2009-09-11 12:18 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-09-11 12:18 . 2009-09-11 12:18 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-09-11 12:18 . 2009-09-11 12:18 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-09-11 12:18 . 2009-09-11 12:18 272896 ----a-w- c:\windows\system32\polstore.dll
2009-09-11 12:16 . 2009-09-11 12:16 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-09-11 12:16 . 2009-09-11 12:16 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-09-11 12:16 . 2009-09-11 12:16 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-09-11 12:13 . 2009-09-11 12:13 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-09-11 12:13 . 2009-09-11 12:13 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-09-11 12:09 . 2009-09-11 12:09 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-11 12:09 . 2009-09-11 12:09 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-11 12:09 . 2009-09-11 12:09 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-11 12:09 . 2009-09-11 12:09 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-11 12:09 . 2009-09-11 12:09 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-11 12:09 . 2009-09-11 12:09 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-11 12:09 . 2009-09-11 12:09 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-11 12:09 . 2009-09-11 12:09 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-11 12:09 . 2009-09-11 12:09 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-11 12:09 . 2009-09-11 12:09 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-11 12:05 . 2009-09-11 12:05 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-11 12:05 . 2009-09-11 12:05 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-09-11 12:05 . 2009-09-11 12:05 64512 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-11 12:05 . 2009-09-11 12:05 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-11 12:05 . 2009-09-11 12:05 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-11 12:05 . 2009-09-11 12:05 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-11 12:03 . 2009-09-11 12:03 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-09-11 12:02 . 2009-09-11 12:02 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-09-11 12:02 . 2009-09-11 12:02 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-09-11 12:02 . 2009-09-11 12:02 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-09-11 12:02 . 2009-09-11 12:02 23552 ----a-w- c:\windows\system32\lpk.dll
2009-09-11 12:02 . 2009-09-11 12:02 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-09-11 12:02 . 2009-09-11 12:02 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-09-11 11:59 . 2009-09-11 11:59 98816 ----a-w- c:\windows\system32\mfps.dll
2009-09-11 11:59 . 2009-09-11 11:59 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-09-11 11:59 . 2009-09-11 11:59 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-11 11:59 . 2009-09-11 11:59 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-09-11 11:59 . 2009-09-11 11:59 2048 ----a-w- c:\windows\system32\mferror.dll
2009-09-11 11:55 . 2009-09-11 11:55 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-09-11 11:54 . 2009-09-11 11:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-09-11 11:52 . 2009-09-11 11:52 -------- d-----w- c:\program files\Babylon
2009-09-11 11:50 . 2009-09-11 11:50 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-09-11 11:46 . 2009-09-11 11:46 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-09-11 11:44 . 2009-09-11 11:44 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-09-11 11:44 . 2009-09-11 11:44 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-09-11 11:42 . 2009-09-11 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-09-11 11:41 . 2009-09-11 11:41 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-09-11 11:41 . 2009-09-11 11:41 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-09-11 11:41 . 2009-09-11 11:41 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-09-11 11:39 . 2009-09-11 11:39 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-09-11 11:37 . 2009-09-11 11:37 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-09-11 11:37 . 2009-09-11 11:37 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-09-11 11:27 . 2009-09-11 11:27 636928 ----a-w- c:\windows\system32\localspl.dll
2009-09-11 11:26 . 2009-09-11 11:26 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-09-11 11:26 . 2009-09-11 11:26 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-09-11 11:26 . 2009-09-11 11:26 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-09-11 11:26 . 2009-09-11 11:26 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-09-11 11:26 . 2009-09-11 11:26 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-09-11 11:26 . 2009-09-11 11:26 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-09-11 11:20 . 2009-09-11 11:20 2927104 ----a-w- c:\windows\explorer.exe
2009-09-11 11:17 . 2008-01-19 07:34 15872 ----a-w- c:\windows\system32\hcrstco.dll
2009-09-11 11:17 . 2006-11-02 09:46 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-09-11 11:15 . 2009-09-11 11:15 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-11 11:15 . 2009-09-11 11:15 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-11 11:15 . 2009-09-11 11:15 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 11:15 . 2009-09-11 11:15 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-11 11:15 . 2009-09-11 11:15 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-11 11:15 . 2009-09-11 11:15 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-11 11:15 . 2009-09-11 11:15 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-11 11:15 . 2009-09-11 11:15 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-11 11:03 . 2009-09-11 11:03 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-09-11 11:03 . 2009-09-11 11:03 988216 ----a-w- c:\windows\system32\winload.exe
2009-09-11 11:03 . 2009-09-11 11:03 927288 ----a-w- c:\windows\system32\winresume.exe
2009-09-11 11:03 . 2009-09-11 11:03 40960 ----a-w- c:\windows\system32\srclient.dll
2009-09-11 11:03 . 2009-09-11 11:03 318464 ----a-w- c:\windows\system32\rstrui.exe
2009-09-11 11:03 . 2009-09-11 11:03 378368 ----a-w- c:\windows\system32\srcore.dll
2009-09-11 11:03 . 2009-09-11 11:03 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2009-09-11 11:03 . 2009-09-11 11:03 19000 ----a-w- c:\windows\system32\kd1394.dll
2009-09-11 11:03 . 2009-09-11 11:03 14848 ----a-w- c:\windows\system32\srdelayed.exe
2009-09-11 11:02 . 2009-09-11 11:02 615992 ----a-w- c:\windows\system32\ci.dll
2009-09-11 10:54 . 2009-09-11 10:54 24064 ----a-w- c:\windows\system32\amxread.dll
2009-09-11 10:54 . 2009-09-11 10:54 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-09-11 10:52 . 2009-09-11 10:52 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-11 10:52 . 2009-09-11 10:52 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-11 10:52 . 2009-09-11 10:52 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-11 10:47 . 2009-09-11 10:47 37888 ----a-w- c:\windows\system32\printcom.dll
2009-09-11 10:47 . 2009-09-11 10:47 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-09-11 10:46 . 2009-09-11 10:46 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-09-11 10:46 . 2009-09-11 10:46 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-09-11 10:45 . 2009-09-11 10:45 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-09-11 10:45 . 2009-09-11 10:45 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-09-11 10:45 . 2009-09-11 10:45 4096 ----a-w- c:\windows\system32\dxmasf.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-16 13:47 . 2006-11-06 01:52 662608 ----a-w- c:\windows\system32\perfh010.dat
2009-09-16 13:47 . 2006-11-06 01:52 120120 ----a-w- c:\windows\system32\perfc010.dat
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-09-14 10:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-14 10:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-09-14 09:40 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-14 09:40 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-09-11 10:59 . 2009-09-11 10:59 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\programdata\Preferiti
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\programdata\Modelli
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\programdata\Menu Avvio
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\programdata\Documenti
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\programdata\Dati applicazioni
2009-09-09 07:18 . 2009-09-09 07:18 -------- d-sh--we c:\program files\File comuni
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-21 21:52 . 2009-09-13 11:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-09-13 11:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-09-13 11:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-09-13 11:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^AUGUSTO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\users\AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup
backupExtension=.Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9EAB5AA4-FC5D-433E-96A2-4D31F98FA921}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{0CFFAD46-4F3A-434D-9682-66651DBE9DD5}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{CCC3642E-925E-4C1C-9763-57727DE76E50}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{E148C46F-2D9A-49DA-A634-BA74C86590D6}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{49E47AEA-F56F-4C2C-8BE4-B36508D2B9C5}c:\\program files\\emule048extreme\\emule0.49b-xtreme7.1\\emule.exe"= UDP:c:\program files\emule048extreme\emule0.49b-xtreme7.1\emule.exe:eMule
"UDP Query User{D042E8FA-ADC9-4081-BCD1-71E21C4EE62E}c:\\program files\\emule048extreme\\emule0.49b-xtreme7.1\\emule.exe"= TCP:c:\program files\emule048extreme\emule0.49b-xtreme7.1\emule.exe:eMule
"TCP Query User{EC001565-E2AA-4841-A9BC-01A04E66C657}c:\\program files\\emule048extreme\\emule0.49b-xtreme7.1\\emule.exe"= UDP:c:\program files\emule048extreme\emule0.49b-xtreme7.1\emule.exe:eMule
"UDP Query User{CF5AB6C2-42F1-49CB-8DCD-2E24A5D659A8}c:\\program files\\emule048extreme\\emule0.49b-xtreme7.1\\emule.exe"= TCP:c:\program files\emule048extreme\emule0.49b-xtreme7.1\emule.exe:eMule
"TCP Query User{66DD8269-A146-4A70-8D10-B67E414A1129}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{415F8797-057B-4010-AD7F-E24A665315BC}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-04-22 9728]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-04-22 3072]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2008-04-15 29184]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-16 16:11
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Ora fine scansione: 2009-09-16 16:15
ComboFix-quarantined-files.txt 2009-09-16 14:15

Pre-Run: 457'106'284'544 byte disponibili
Post-Run: 456'731'963'392 byte disponibili

263 --- E O F --- 2009-09-15 14:30
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » gio set 17, 2009 4:08 pm

La scansione con Combofix hai eseguito solo una volta? Se è così, allora dal log sembrerebbe che non è stato rimosso tutto il virus.
Intanto fai una scansione con Malwarebytes Antimalware, magari dalla modalità provvisoria, e se ancora non va, allora prova anche a reinstallare Avira ed eseguire la scansione anche con questo.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » ven set 18, 2009 11:52 am

Ciao, grazie per l'attenzione che mi stai dando.

Ho cancellato Avirantivie e poi ho fatto la scansione con Malwarebytes Antimalware e ha rilevato un Trojan Banker e ho proceduto con la eliminazione.
Poi ho fatto la scansione con ComboFIx ma non posso postarlo perché contiene parecchi caratteri.
comunque le pagine web si aprono con molta difficoltà e ci vuole parecchi tempo per aprirle...perché?
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » ven set 18, 2009 11:57 am

Per iniziare dovresti reinstallare l'antivirus ed eseguire la scansione completa. Fai anche la pulizia con CCleaner.
Hai provato a vedere se con altro browser la situazione è diversa?
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » ven set 18, 2009 4:46 pm

Ciao,
ho scaricato Firefox come nuovo browser ma l'apertura delle pagine web è sempre lenta...
allora sono andato nel router Alice Gate VoiP e nella schermata iniziale ho visto
SERVIZIO ADSL = ATTIVO
TELEGESTIONE= CONNESSIONE IN CORSO

Che devo fare?
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » ven set 18, 2009 5:33 pm

Ho cancellato Avira antivir e ho scaricato l'utlima versione; ma comunque non si riesce ad aggiornarsi....
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » ven set 18, 2009 7:40 pm

Per quanto riguarda Avira, il problema potrebbe essere questo, per la lentezza nell'apertura delle pagine web invece [uhm] prova ad usareLSP-Fix e WinSock XP Fix.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » sab set 19, 2009 12:55 pm

Non sono riuscito a risolvere il problema della lentezza delle pagine web.

Non potrebbe essere colpa dei javascript....
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » sab set 19, 2009 2:59 pm

LegioneFelix17 ha scritto:Non sono riuscito a risolvere il problema della lentezza delle pagine web.

Non potrebbe essere colpa dei javascript....

E chi lo sa [uhm]
Puoi provare anche a disinstallare Java ed installare l'ultima versione disponibile [boh]
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » dom set 20, 2009 1:41 pm

Ho disitallato JAVA script6...ma comunque le pagine si aprono lentamente....che posso fare?
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » dom set 20, 2009 1:59 pm

LegioneFelix17 ha scritto:Ho disinstallato JAVA script6...ma comunque le pagine si aprono lentamente....che posso fare?

Postami il log di Hijackthis, così vedo meglio la configurazione del tuo sistema operativo.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda Roberto88 » dom set 20, 2009 2:06 pm

potresti provare anche a scaricare TuneUpUtilities 2009, ha una sezione dedicata alla risoluzione dei problemi che riguardano connessioni e browser
se decidi di utilizzarlo aggiornalo prima tramite il pulsantino "smart update"(credo) in alto a destra, e sappi che è a pagamento quindi potrai utilizzarlo per un periodo di max 30 gg (se non ricordo male)
perdonami per le indicazioni un po' generiche ma non ho il programma sottomano in questo momento
within the truth of evil and good there's more than you see
....much more than you should
Avatar utente
Roberto88
Bronze Member
Bronze Member
 
Messaggi: 968
Iscritto il: mar nov 11, 2008 11:17 pm

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » dom set 20, 2009 6:58 pm

Grazie per l'attenzione ecco la scansione di HiijackThise!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:09, on 20.09.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\emule048extreme\emule0.49b-Xtreme7.1\emule.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 76.76.101.212 006.free-counter.co.uk
O1 - Hosts: 76.76.101.212 006.freecounters.co.uk
O1 - Hosts: 76.76.101.212 06272002-dbase.hitcountz.net
O1 - Hosts: 76.76.101.212 0stats.com
O1 - Hosts: 76.76.101.212 123counter.mycomputer.com
O1 - Hosts: 76.76.101.212 123counter.superstats.com
O1 - Hosts: 76.76.101.212 1ca.cqcounter.com
O1 - Hosts: 76.76.101.212 1uk.cqcounter.com
O1 - Hosts: 76.76.101.212 1us.cqcounter.com
O1 - Hosts: 76.76.101.212 1xxx.cqcounter.com
O1 - Hosts: 76.76.101.212 2001-007.com
O1 - Hosts: 76.76.101.212 3bc3fd26-91cf-46b2-8ec6-b1559ada0079.statcamp.net
O1 - Hosts: 76.76.101.212 4-counter.com
O1 - Hosts: 76.76.101.212 a796faee-7163-4757-a34f-e5b48cada4cb.statcamp.net
O1 - Hosts: 76.76.101.212 abscbn.spinbox.net
O1 - Hosts: 76.76.101.212 activity.serving-sys.com
O1 - Hosts: 76.76.101.212 ad-logics.com
O1 - Hosts: 76.76.101.212 adclient.rottentomatoes.com
O1 - Hosts: 76.76.101.212 adcodes.aim4media.com
O1 - Hosts: 76.76.101.212 adcounter.globeandmail.com
O1 - Hosts: 76.76.101.212 adcounter.theglobeandmail.com
O1 - Hosts: 76.76.101.212 addfreestats.com
O1 - Hosts: 76.76.101.212 ademails.com
O1 - Hosts: 76.76.101.212 adlog.com.com
O1 - Hosts: 76.76.101.212 admanmail.com
O1 - Hosts: 76.76.101.212 adopt.specificclick.net
O1 - Hosts: 76.76.101.212 ads.tiscali.com
O1 - Hosts: 76.76.101.212 ads.tiscali.it
O1 - Hosts: 76.76.101.212 adult.foxcounter.com
O1 - Hosts: 76.76.101.212 ai062.insightexpress.com
O1 - Hosts: 76.76.101.212 ai078.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai087.insightexpress.com
O1 - Hosts: 76.76.101.212 ai113.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai125.insightexpressai.com
O1 - Hosts: 76.76.101.212 alpha.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 amateur.xxxcounter.com
O1 - Hosts: 76.76.101.212 analytics.prx.org
O1 - Hosts: 76.76.101.212 anm.intelli-direct.com
O1 - Hosts: 76.76.101.212 arbo.hit.gemius.pl
O1 - Hosts: 76.76.101.212 au.track.decideinteractive.com
O1 - Hosts: 76.76.101.212 au052.insightexpress.com
O1 - Hosts: 76.76.101.212 banner.0catch.com
O1 - Hosts: 76.76.101.212 banners.webcounter.com
O1 - Hosts: 76.76.101.212 be.sitestat.com
O1 - Hosts: 76.76.101.212 best-search.cc
O1 - Hosts: 76.76.101.212 beta.easy-hit-counter.com
O1 - Hosts: 76.76.101.212 beta.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 beta.easyhitcounters.com
O1 - Hosts: 76.76.101.212 bilbo.counted.com
O1 - Hosts: 76.76.101.212 birta.stats.is
O1 - Hosts: 76.76.101.212 bluekai.com
O1 - Hosts: 76.76.101.212 bluestreak.com
O1 - Hosts: 76.76.101.212 bookproplus.com
O1 - Hosts: 76.76.101.212 broadcastpc.tv
O1 - Hosts: 76.76.101.212 report.broadcastpc.tv
O1 - Hosts: 76.76.101.212 www.broadcastpc.tv
O1 - Hosts: 76.76.101.212 bserver.blick.com
O1 - Hosts: 76.76.101.212 c.thecounter.de
O1 - Hosts: 76.76.101.212 c1.statcounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.de
O1 - Hosts: 76.76.101.212 c1.xxxcounter.com
O1 - Hosts: 76.76.101.212 c10.statcounter.com
O1 - Hosts: 76.76.101.212 c11.statcounter.com
O1 - Hosts: 76.76.101.212 c12.statcounter.com
O1 - Hosts: 76.76.101.212 c13.statcounter.com
O1 - Hosts: 76.76.101.212 c14.statcounter.com
O1 - Hosts: 76.76.101.212 c15.statcounter.com
O1 - Hosts: 76.76.101.212 c16.statcounter.com
O1 - Hosts: 76.76.101.212 c17.statcounter.com
O1 - Hosts: 76.76.101.212 c2.gostats.com
O1 - Hosts: 76.76.101.212 c2.thecounter.com
O1 - Hosts: 76.76.101.212 c2.thecounter.de
O1 - Hosts: 76.76.101.212 c2.xxxcounter.com
O1 - Hosts: 76.76.101.212 c3.gostats.com
O1 - Hosts: 76.76.101.212 c3.statcounter.com
O1 - Hosts: 76.76.101.212 c3.thecounter.com
O1 - Hosts: 76.76.101.212 c3.xxxcounter.com
O1 - Hosts: 76.76.101.212 c4.myway.com
O1 - Hosts: 76.76.101.212 c4.statcounter.com
O1 - Hosts: 76.76.101.212 c5.statcounter.com
O1 - Hosts: 76.76.101.212 c6.statcounter.com
O1 - Hosts: 76.76.101.212 c7.statcounter.com
O1 - Hosts: 76.76.101.212 c8.statcounter.com
O1 - Hosts: 76.76.101.212 c9.statcounter.com
O1 - Hosts: 76.76.101.212 ca.cqcounter.com
O1 - Hosts: 76.76.101.212 cashcounter.com
O1 - Hosts: 76.76.101.212 cb1.counterbot.com
O1 - Hosts: 76.76.101.212 cdxbin.vulnerap.com
O1 - Hosts: 76.76.101.212 cgi.hotstat.nl
O1 - Hosts: 76.76.101.212 cgi.sexlist.com
O1 - Hosts: 76.76.101.212 cgicounter.onlinehome.de
O1 - Hosts: 76.76.101.212 cgicounter.puretec.de
O1 - Hosts: 76.76.101.212 citrix.tradedoubler.com
O1 - Hosts: 76.76.101.212 cjt1.net
O1 - Hosts: 76.76.101.212 click.atdmt.com
O1 - Hosts: 76.76.101.212 click.fivemtn.com
O1 - Hosts: 76.76.101.212 click.investopedia.com
O1 - Hosts: 76.76.101.212 click.payserve.com
O1 - Hosts: 76.76.101.212 click.silvercash.com
O1 - Hosts: 76.76.101.212 clickauditor.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

--
End of file - 8374 bytes
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » dom set 20, 2009 7:29 pm

Hai modificato tu il file host? Se non l'hai fatto tu - allora seleziona queste voci e clicca su Fix checked:

O1 - Hosts: 76.76.101.212 006.free-counter.co.uk
O1 - Hosts: 76.76.101.212 006.freecounters.co.uk
O1 - Hosts: 76.76.101.212 06272002-dbase.hitcountz.net
O1 - Hosts: 76.76.101.212 0stats.com
O1 - Hosts: 76.76.101.212 123counter.mycomputer.com
O1 - Hosts: 76.76.101.212 123counter.superstats.com
O1 - Hosts: 76.76.101.212 1ca.cqcounter.com
O1 - Hosts: 76.76.101.212 1uk.cqcounter.com
O1 - Hosts: 76.76.101.212 1us.cqcounter.com
O1 - Hosts: 76.76.101.212 1xxx.cqcounter.com
O1 - Hosts: 76.76.101.212 2001-007.com
O1 - Hosts: 76.76.101.212 3bc3fd26-91cf-46b2-8ec6-b1559ada0079.statcamp.net
O1 - Hosts: 76.76.101.212 4-counter.com
O1 - Hosts: 76.76.101.212 a796faee-7163-4757-a34f-e5b48cada4cb.statcamp.net
O1 - Hosts: 76.76.101.212 abscbn.spinbox.net
O1 - Hosts: 76.76.101.212 activity.serving-sys.com
O1 - Hosts: 76.76.101.212 ad-logics.com
O1 - Hosts: 76.76.101.212 adclient.rottentomatoes.com
O1 - Hosts: 76.76.101.212 adcodes.aim4media.com
O1 - Hosts: 76.76.101.212 adcounter.globeandmail.com
O1 - Hosts: 76.76.101.212 adcounter.theglobeandmail.com
O1 - Hosts: 76.76.101.212 addfreestats.com
O1 - Hosts: 76.76.101.212 ademails.com
O1 - Hosts: 76.76.101.212 adlog.com.com
O1 - Hosts: 76.76.101.212 admanmail.com
O1 - Hosts: 76.76.101.212 adopt.specificclick.net
O1 - Hosts: 76.76.101.212 ads.tiscali.com
O1 - Hosts: 76.76.101.212 ads.tiscali.it
O1 - Hosts: 76.76.101.212 adult.foxcounter.com
O1 - Hosts: 76.76.101.212 ai062.insightexpress.com
O1 - Hosts: 76.76.101.212 ai078.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai087.insightexpress.com
O1 - Hosts: 76.76.101.212 ai113.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai125.insightexpressai.com
O1 - Hosts: 76.76.101.212 alpha.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 amateur.xxxcounter.com
O1 - Hosts: 76.76.101.212 analytics.prx.org
O1 - Hosts: 76.76.101.212 anm.intelli-direct.com
O1 - Hosts: 76.76.101.212 arbo.hit.gemius.pl
O1 - Hosts: 76.76.101.212 au.track.decideinteractive.com
O1 - Hosts: 76.76.101.212 au052.insightexpress.com
O1 - Hosts: 76.76.101.212 banner.0catch.com
O1 - Hosts: 76.76.101.212 banners.webcounter.com
O1 - Hosts: 76.76.101.212 be.sitestat.com
O1 - Hosts: 76.76.101.212 best-search.cc
O1 - Hosts: 76.76.101.212 beta.easy-hit-counter.com
O1 - Hosts: 76.76.101.212 beta.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 beta.easyhitcounters.com
O1 - Hosts: 76.76.101.212 bilbo.counted.com
O1 - Hosts: 76.76.101.212 birta.stats.is
O1 - Hosts: 76.76.101.212 bluekai.com
O1 - Hosts: 76.76.101.212 bluestreak.com
O1 - Hosts: 76.76.101.212 bookproplus.com
O1 - Hosts: 76.76.101.212 broadcastpc.tv
O1 - Hosts: 76.76.101.212 report.broadcastpc.tv
O1 - Hosts: 76.76.101.212 www.broadcastpc.tv
O1 - Hosts: 76.76.101.212 bserver.blick.com
O1 - Hosts: 76.76.101.212 c.thecounter.de
O1 - Hosts: 76.76.101.212 c1.statcounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.de
O1 - Hosts: 76.76.101.212 c1.xxxcounter.com
O1 - Hosts: 76.76.101.212 c10.statcounter.com
O1 - Hosts: 76.76.101.212 c11.statcounter.com
O1 - Hosts: 76.76.101.212 c12.statcounter.com
O1 - Hosts: 76.76.101.212 c13.statcounter.com
O1 - Hosts: 76.76.101.212 c14.statcounter.com
O1 - Hosts: 76.76.101.212 c15.statcounter.com
O1 - Hosts: 76.76.101.212 c16.statcounter.com
O1 - Hosts: 76.76.101.212 c17.statcounter.com
O1 - Hosts: 76.76.101.212 c2.gostats.com
O1 - Hosts: 76.76.101.212 c2.thecounter.com
O1 - Hosts: 76.76.101.212 c2.thecounter.de
O1 - Hosts: 76.76.101.212 c2.xxxcounter.com
O1 - Hosts: 76.76.101.212 c3.gostats.com
O1 - Hosts: 76.76.101.212 c3.statcounter.com
O1 - Hosts: 76.76.101.212 c3.thecounter.com
O1 - Hosts: 76.76.101.212 c3.xxxcounter.com
O1 - Hosts: 76.76.101.212 c4.myway.com
O1 - Hosts: 76.76.101.212 c4.statcounter.com
O1 - Hosts: 76.76.101.212 c5.statcounter.com
O1 - Hosts: 76.76.101.212 c6.statcounter.com
O1 - Hosts: 76.76.101.212 c7.statcounter.com
O1 - Hosts: 76.76.101.212 c8.statcounter.com
O1 - Hosts: 76.76.101.212 c9.statcounter.com
O1 - Hosts: 76.76.101.212 ca.cqcounter.com
O1 - Hosts: 76.76.101.212 cashcounter.com
O1 - Hosts: 76.76.101.212 cb1.counterbot.com
O1 - Hosts: 76.76.101.212 cdxbin.vulnerap.com
O1 - Hosts: 76.76.101.212 cgi.hotstat.nl
O1 - Hosts: 76.76.101.212 cgi.sexlist.com
O1 - Hosts: 76.76.101.212 cgicounter.onlinehome.de
O1 - Hosts: 76.76.101.212 cgicounter.puretec.de
O1 - Hosts: 76.76.101.212 citrix.tradedoubler.com
O1 - Hosts: 76.76.101.212 cjt1.net
O1 - Hosts: 76.76.101.212 click.atdmt.com
O1 - Hosts: 76.76.101.212 click.fivemtn.com
O1 - Hosts: 76.76.101.212 click.investopedia.com
O1 - Hosts: 76.76.101.212 click.payserve.com
O1 - Hosts: 76.76.101.212 click.silvercash.com
O1 - Hosts: 76.76.101.212 clickauditor.net
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: COMPUTER BLOCCATO

Messaggioda LegioneFelix17 » dom set 20, 2009 8:28 pm

Ho fatto quello che mi hai chiesto!

questo è il nuovo log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:23, on 20.09.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 76.76.101.212 006.free-counter.co.uk
O1 - Hosts: 76.76.101.212 006.freecounters.co.uk
O1 - Hosts: 76.76.101.212 06272002-dbase.hitcountz.net
O1 - Hosts: 76.76.101.212 0stats.com
O1 - Hosts: 76.76.101.212 123counter.mycomputer.com
O1 - Hosts: 76.76.101.212 123counter.superstats.com
O1 - Hosts: 76.76.101.212 1ca.cqcounter.com
O1 - Hosts: 76.76.101.212 1uk.cqcounter.com
O1 - Hosts: 76.76.101.212 1us.cqcounter.com
O1 - Hosts: 76.76.101.212 1xxx.cqcounter.com
O1 - Hosts: 76.76.101.212 2001-007.com
O1 - Hosts: 76.76.101.212 3bc3fd26-91cf-46b2-8ec6-b1559ada0079.statcamp.net
O1 - Hosts: 76.76.101.212 4-counter.com
O1 - Hosts: 76.76.101.212 a796faee-7163-4757-a34f-e5b48cada4cb.statcamp.net
O1 - Hosts: 76.76.101.212 abscbn.spinbox.net
O1 - Hosts: 76.76.101.212 activity.serving-sys.com
O1 - Hosts: 76.76.101.212 ad-logics.com
O1 - Hosts: 76.76.101.212 adclient.rottentomatoes.com
O1 - Hosts: 76.76.101.212 adcodes.aim4media.com
O1 - Hosts: 76.76.101.212 adcounter.globeandmail.com
O1 - Hosts: 76.76.101.212 adcounter.theglobeandmail.com
O1 - Hosts: 76.76.101.212 addfreestats.com
O1 - Hosts: 76.76.101.212 ademails.com
O1 - Hosts: 76.76.101.212 adlog.com.com
O1 - Hosts: 76.76.101.212 admanmail.com
O1 - Hosts: 76.76.101.212 adopt.specificclick.net
O1 - Hosts: 76.76.101.212 ads.tiscali.com
O1 - Hosts: 76.76.101.212 ads.tiscali.it
O1 - Hosts: 76.76.101.212 adult.foxcounter.com
O1 - Hosts: 76.76.101.212 ai062.insightexpress.com
O1 - Hosts: 76.76.101.212 ai078.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai087.insightexpress.com
O1 - Hosts: 76.76.101.212 ai113.insightexpressai.com
O1 - Hosts: 76.76.101.212 ai125.insightexpressai.com
O1 - Hosts: 76.76.101.212 alpha.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 amateur.xxxcounter.com
O1 - Hosts: 76.76.101.212 analytics.prx.org
O1 - Hosts: 76.76.101.212 anm.intelli-direct.com
O1 - Hosts: 76.76.101.212 arbo.hit.gemius.pl
O1 - Hosts: 76.76.101.212 au.track.decideinteractive.com
O1 - Hosts: 76.76.101.212 au052.insightexpress.com
O1 - Hosts: 76.76.101.212 banner.0catch.com
O1 - Hosts: 76.76.101.212 banners.webcounter.com
O1 - Hosts: 76.76.101.212 be.sitestat.com
O1 - Hosts: 76.76.101.212 best-search.cc
O1 - Hosts: 76.76.101.212 beta.easy-hit-counter.com
O1 - Hosts: 76.76.101.212 beta.easy-hit-counters.com
O1 - Hosts: 76.76.101.212 beta.easyhitcounters.com
O1 - Hosts: 76.76.101.212 bilbo.counted.com
O1 - Hosts: 76.76.101.212 birta.stats.is
O1 - Hosts: 76.76.101.212 bluekai.com
O1 - Hosts: 76.76.101.212 bluestreak.com
O1 - Hosts: 76.76.101.212 bookproplus.com
O1 - Hosts: 76.76.101.212 broadcastpc.tv
O1 - Hosts: 76.76.101.212 report.broadcastpc.tv
O1 - Hosts: 76.76.101.212 www.broadcastpc.tv
O1 - Hosts: 76.76.101.212 bserver.blick.com
O1 - Hosts: 76.76.101.212 c.thecounter.de
O1 - Hosts: 76.76.101.212 c1.statcounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.com
O1 - Hosts: 76.76.101.212 c1.thecounter.de
O1 - Hosts: 76.76.101.212 c1.xxxcounter.com
O1 - Hosts: 76.76.101.212 c10.statcounter.com
O1 - Hosts: 76.76.101.212 c11.statcounter.com
O1 - Hosts: 76.76.101.212 c12.statcounter.com
O1 - Hosts: 76.76.101.212 c13.statcounter.com
O1 - Hosts: 76.76.101.212 c14.statcounter.com
O1 - Hosts: 76.76.101.212 c15.statcounter.com
O1 - Hosts: 76.76.101.212 c16.statcounter.com
O1 - Hosts: 76.76.101.212 c17.statcounter.com
O1 - Hosts: 76.76.101.212 c2.gostats.com
O1 - Hosts: 76.76.101.212 c2.thecounter.com
O1 - Hosts: 76.76.101.212 c2.thecounter.de
O1 - Hosts: 76.76.101.212 c2.xxxcounter.com
O1 - Hosts: 76.76.101.212 c3.gostats.com
O1 - Hosts: 76.76.101.212 c3.statcounter.com
O1 - Hosts: 76.76.101.212 c3.thecounter.com
O1 - Hosts: 76.76.101.212 c3.xxxcounter.com
O1 - Hosts: 76.76.101.212 c4.myway.com
O1 - Hosts: 76.76.101.212 c4.statcounter.com
O1 - Hosts: 76.76.101.212 c5.statcounter.com
O1 - Hosts: 76.76.101.212 c6.statcounter.com
O1 - Hosts: 76.76.101.212 c7.statcounter.com
O1 - Hosts: 76.76.101.212 c8.statcounter.com
O1 - Hosts: 76.76.101.212 c9.statcounter.com
O1 - Hosts: 76.76.101.212 ca.cqcounter.com
O1 - Hosts: 76.76.101.212 cashcounter.com
O1 - Hosts: 76.76.101.212 cb1.counterbot.com
O1 - Hosts: 76.76.101.212 cdxbin.vulnerap.com
O1 - Hosts: 76.76.101.212 cgi.hotstat.nl
O1 - Hosts: 76.76.101.212 cgi.sexlist.com
O1 - Hosts: 76.76.101.212 cgicounter.onlinehome.de
O1 - Hosts: 76.76.101.212 cgicounter.puretec.de
O1 - Hosts: 76.76.101.212 citrix.tradedoubler.com
O1 - Hosts: 76.76.101.212 cjt1.net
O1 - Hosts: 76.76.101.212 click.atdmt.com
O1 - Hosts: 76.76.101.212 click.fivemtn.com
O1 - Hosts: 76.76.101.212 click.investopedia.com
O1 - Hosts: 76.76.101.212 click.payserve.com
O1 - Hosts: 76.76.101.212 click.silvercash.com
O1 - Hosts: 76.76.101.212 clickauditor.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 8324 bytes


comunque le pagine web sono sempre lente ad aprirsi!!!
Avatar utente
LegioneFelix17
Aficionado
Aficionado
 
Messaggi: 70
Iscritto il: mer mag 14, 2008 2:22 pm

Re: COMPUTER BLOCCATO

Messaggioda Amantide » dom set 20, 2009 8:39 pm

LegioneFelix17 ha scritto:questo è il nuovo log

Sei sicuro di aver rifatto questo log dopo aver selezionato e fixato le voci O1 - Hosts:? [uhm]
Se ci fai caso, sono ancora li.

Riprova a rimuovere tutte quelle voci usando Hijackthis e se non ci riesci, prova allora ad usare uno di questi programmi: http://www.MegaLab.it/2833/3/il-file-hosts-di-windows
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Google [Bot] e 3 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising