Toggle sidebar Toggle sidebar

Help- Win7- Funziona tutto tranne il protocollo HTTP.

Stato
Discussione chiusa ad ulteriori risposte.
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
Ciao a tutti.

questo è il mio primo post qui da voi.
Un caloroso saluto a tutti.

Ho un problema che mi perseguita da mesi; inspiegabilmene i browser smettono di caricare le pagine. Fin'ora ho risolto il problema eseguendo un restore della versione che funziona regolarmente.
Ho Avast come antivirus e Spyware Doctor (con licenza).

Ho fatto girare Kaspersky Virus removal tool senza successo.

Ho poi provato Combofix e automagicamente ha ripreso a funzionare l'HTTP, ma solo per una mezz'ora; poi stesso problema.

Questo è il log di ComboFix:
Codice: 
ComboFix 12-02-13.01 - ASUS24 14/02/2012   8:37.4.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.39.1040.18.3327.1843 [GMT 1:00]
Eseguito da: c:\users\ASUS24\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Creato nuovo punto di ripristino
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-01-14 al 2012-02-14  )))))))))))))))))))))))))))))))))))
.
.
2012-02-14 07:54 . 2012-02-14 07:54    --------    d-----w-    c:\users\Public\AppData\Local\temp
2012-02-14 07:54 . 2012-02-14 07:54    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-02-13 20:58 . 2012-02-13 20:58    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2012-02-13 20:58 . 2011-12-10 14:24    20464    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-02-13 16:34 . 2012-02-13 16:34    388096    ----a-r-    c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2012-02-13 16:34 . 2012-02-13 16:34    --------    d-----w-    c:\program files\TrendMicro
2012-02-12 18:24 . 2011-07-29 12:54    19840    ----a-w-    c:\windows\system32\EuEpmGdi.dll
2012-02-12 18:24 . 2011-09-09 17:23    2469760    ----a-w-    c:\windows\system32\BootMan.exe
2012-02-12 18:24 . 2011-07-29 12:54    86408    ----a-w-    c:\windows\system32\setupempdrv03.exe
2012-02-12 18:24 . 2011-07-29 12:54    8456    ----a-w-    c:\windows\system32\EuGdiDrv.sys
2012-02-12 18:24 . 2011-07-29 12:54    14216    ----a-w-    c:\windows\system32\epmntdrv.sys
2012-02-11 14:49 . 2012-02-11 14:49    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\Yahoo!
2012-02-02 19:54 . 2012-02-02 19:54    601408    ----a-w-    c:\windows\system32\drivers\timntr.sys
2012-02-02 19:54 . 2012-02-02 19:54    83392    ----a-w-    c:\windows\system32\drivers\vsflt53.sys
2012-02-02 19:03 . 2012-02-02 19:03    --------    d-----w-    c:\users\ASUS24\AppData\Local\Software della webcam Logitech®
2012-02-02 18:56 . 2012-02-02 18:56    169088    ----a-w-    c:\windows\system32\drivers\snman603.sys
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849
2012-02-02 17:23 . 2012-02-02 17:23    --------    d-----w-    c:\program files\Evernote
2012-02-02 17:09 . 2012-02-02 17:09    --------    d-----w-    c:\users\ASUS24\AppData\Local\Evernote
2012-02-02 17:07 . 2012-02-02 19:48    167    ----a-w-    C:\user.js
2012-02-02 16:54 . 2012-02-02 16:54    766496    ----a-w-    c:\windows\system32\drivers\tdrpman.sys
2012-02-02 16:53 . 2012-02-02 16:53    77696    ----a-w-    c:\windows\system32\drivers\fltsrv.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-02 18:56 . 2011-04-16 17:20    169088    ----a-w-    c:\windows\system32\drivers\snapman.sys
2011-12-24 10:39 . 2011-05-26 06:49    414368    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-21 16:35 . 2011-04-03 10:19    80488    ----a-w-    c:\windows\system32\RtNicProp32.dll
2011-12-19 10:32 . 2011-12-19 10:32    125472    ----a-w-    c:\windows\system32\drivers\vididr.sys
2011-11-28 18:01 . 2011-04-24 05:53    41184    ----a-w-    c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-04-24 05:53    199816    ----a-w-    c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-04-24 05:54    435032    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-04-24 05:54    314456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-04-24 05:54    34392    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-04-24 05:54    52952    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-04-24 05:54    55128    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-04-24 05:54    20568    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:25 . 2011-12-15 12:10    2342912    ----a-w-    c:\windows\system32\win32k.sys
2011-11-23 22:02 . 2011-11-23 22:02    491112    ----a-w-    c:\windows\system32\drivers\Rt86win7.sys
2011-11-23 22:02 . 2011-11-23 22:02    100896    ----a-w-    c:\windows\system32\RTNUninst32.dll
2011-07-09 19:42 . 2011-07-09 19:42    119808    ----a-w-    c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFree.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2010-10-18 10:26    3908192    ----a-w-    c:\program files\Freecorder\tbFree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFree.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01    122512    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-21 6276408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-09 30192]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376]
HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352]
InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\WIF0E7~1\Datamngr\datamngr.dll c:\progra~1\WIF0E7~1\Datamngr\IEBHO.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk]
backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37    843712    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 13:10    35736    ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
2011-03-24 06:11    167936    ----a-w-    c:\program files\Freecorder\FLVSrvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-01 19:36    136176    ----atw-    c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44    31072    ----a-w-    c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2009-05-11 08:45    24576    ----a-w-    c:\program files\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41    8192    ----a-w-    c:\program files\Xvid\CheckUpdate.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R2 Nexus Server;Nexus Server (Carbon Coder); [x]
R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x]
R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960]
R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392]
R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440]
R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x]
R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [2010-12-16 70536]
R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-12-31 33552]
R3 ThreatFire;ThreatFire;c:\program files\PC Tools Security\TFEngine\TFService.exe service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400]
S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-12-10 239168]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-12-31 51984]
S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-12-31 69392]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392]
S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2011-01-17 251560]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776]
S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]
S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416]
S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274]
S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544]
S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112]
S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: Interfaces\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic)
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true
FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.softonic_i.dfltSrch - true
FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.softonic_i.dnsErr - true
FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999
FF - user.js: extensions.softonic_i.instlDay - 15372
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - orgnl
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - eng7
FF - user.js: extensions.softonic_i.instlRef - MON00001
FF - user.js: extensions.softonic_i.dfltLng - 
FF - user.js: extensions.softonic_i.excTlbr - false
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(1392)
c:\program files\TeamViewer\Version7\tv_w32.dll
.
Ora fine scansione: 2012-02-14  08:58:09
ComboFix-quarantined-files.txt  2012-02-14 07:58
ComboFix2.txt  2012-02-13 20:11
ComboFix3.txt  2012-02-13 18:38
ComboFix4.txt  2011-04-25 14:23
.
Pre-Run: 64.166.551.552 byte disponibili
Post-Run: 64.106.622.976 byte disponibili
.
- - End Of File - - 037A14489C3699075361D0CAF0EBD1D1

e questo è il log di Hijackthis:
Codice: 
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 09:07:21, on 14/02/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
C:\Program Files\InstantTimeZone\InstantTimeZone.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\Explorer.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Servizio Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HomeFreeQuick.lnk = C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
O4 - Global Startup: InstantTimeZone.lnk = C:\Program Files\InstantTimeZone\InstantTimeZone.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\WIF0E7~1\Datamngr\datamngr.dll C:\PROGRA~1\WIF0E7~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Servizio Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerNetDevice - AVerMedia Technologies, Inc. - C:\Program Files\Common Files\HomeFree\Service\AVerNetDevice.exe
O23 - Service: AVerNetSchedule - Unknown owner - C:\Program Files\Common Files\HomeFree\Service\AVerNetSchedule.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\PC Tools Security\TFEngine\TFService.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


--
End of file - 11259 bytes



Che mi consigliate di fare?

Cordialità

Leo
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
... che ne dite dei due log che ho postato?

Saluti

leo
 
tecnico24

tecnico24

Utente Èlite
10,706
1,072
Avvia Hijackthis , spunta e clicca sotto su Fix Checked le seguenti voci:

O20 - AppInit_DLLs: C:\PROGRA~1\WIF0E7~1\Datamngr\datamngr.dll C:\PROGRA~1\WIF0E7~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

O17 - HKLM\System\CS2\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

Scarica il file CFscript.txt che ti ho allegato e posizionalo sul desktop.
Trascina con il mouse il file CFscript.txt sull'icona di combofix (posizionata sul desktop obbligatoriamente)
Al riavvio posta un nuovo resoconto.
 

Allegati

  • CFScript.txt
    481 bytes · Visualizzazioni: 150
Ultima modifica:
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
... eccolo!

Anticipo che ora i Browser non aprono piu' le pagine HTML. Questo aggiornamento lo sto eseguendo dal notebook con XP.

Codice: 
ComboFix 12-02-13.01 - ASUS24 14/02/2012  22:56:11.5.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.39.1040.18.3327.1596 [GMT 1:00]
Eseguito da: c:\users\ASUS24\Desktop\ComboFix.exe
Opzioni usate :: c:\users\ASUS24\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Creato nuovo punto di ripristino
.
FILE ::
"c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054"
"c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849"
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-01-14 al 2012-02-14  )))))))))))))))))))))))))))))))))))
.
.
2012-02-14 22:19 . 2012-02-14 22:19    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2012-02-14 22:15 . 2012-02-14 22:15    --------    d-----w-    c:\users\Public\AppData\Local\temp
2012-02-14 22:15 . 2012-02-14 22:15    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-02-14 21:43 . 2012-02-14 21:43    --------    d-----w-    c:\program files\p-nand-q.com
2012-02-14 21:17 . 2012-02-14 21:17    388096    ----a-r-    c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2012-02-13 20:58 . 2012-02-14 21:13    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2012-02-13 20:58 . 2011-12-10 14:24    20464    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-02-13 16:34 . 2012-02-13 16:34    --------    d-----w-    c:\program files\TrendMicro
2012-02-12 18:24 . 2011-07-29 12:54    19840    ----a-w-    c:\windows\system32\EuEpmGdi.dll
2012-02-12 18:24 . 2011-09-09 17:23    2469760    ----a-w-    c:\windows\system32\BootMan.exe
2012-02-12 18:24 . 2011-07-29 12:54    86408    ----a-w-    c:\windows\system32\setupempdrv03.exe
2012-02-12 18:24 . 2011-07-29 12:54    8456    ----a-w-    c:\windows\system32\EuGdiDrv.sys
2012-02-12 18:24 . 2011-07-29 12:54    14216    ----a-w-    c:\windows\system32\epmntdrv.sys
2012-02-11 14:49 . 2012-02-11 14:49    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\Yahoo!
2012-02-02 19:54 . 2012-02-02 19:54    601408    ----a-w-    c:\windows\system32\drivers\timntr.sys
2012-02-02 19:54 . 2012-02-02 19:54    83392    ----a-w-    c:\windows\system32\drivers\vsflt53.sys
2012-02-02 19:03 . 2012-02-02 19:03    --------    d-----w-    c:\users\ASUS24\AppData\Local\Software della webcam Logitech®
2012-02-02 18:56 . 2012-02-02 18:56    169088    ----a-w-    c:\windows\system32\drivers\snman603.sys
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849
2012-02-02 17:23 . 2012-02-02 17:23    --------    d-----w-    c:\program files\Evernote
2012-02-02 17:09 . 2012-02-02 17:09    --------    d-----w-    c:\users\ASUS24\AppData\Local\Evernote
2012-02-02 17:07 . 2012-02-02 19:48    167    ----a-w-    C:\user.js
2012-02-02 16:54 . 2012-02-02 16:54    766496    ----a-w-    c:\windows\system32\drivers\tdrpman.sys
2012-02-02 16:53 . 2012-02-02 16:53    77696    ----a-w-    c:\windows\system32\drivers\fltsrv.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-02 18:56 . 2011-04-16 17:20    169088    ----a-w-    c:\windows\system32\drivers\snapman.sys
2011-12-24 10:39 . 2011-05-26 06:49    414368    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-21 16:35 . 2011-04-03 10:19    80488    ----a-w-    c:\windows\system32\RtNicProp32.dll
2011-12-19 10:32 . 2011-12-19 10:32    125472    ----a-w-    c:\windows\system32\drivers\vididr.sys
2011-11-28 18:01 . 2011-04-24 05:53    41184    ----a-w-    c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-04-24 05:53    199816    ----a-w-    c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-04-24 05:54    435032    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-04-24 05:54    314456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-04-24 05:54    34392    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-04-24 05:54    52952    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-04-24 05:54    55128    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-04-24 05:54    20568    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:25 . 2011-12-15 12:10    2342912    ----a-w-    c:\windows\system32\win32k.sys
2011-11-23 22:02 . 2011-11-23 22:02    491112    ----a-w-    c:\windows\system32\drivers\Rt86win7.sys
2011-11-23 22:02 . 2011-11-23 22:02    100896    ----a-w-    c:\windows\system32\RTNUninst32.dll
2011-07-09 19:42 . 2011-07-09 19:42    119808    ----a-w-    c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01    122512    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
.
c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376]
HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352]
InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk]
backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37    843712    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 13:10    35736    ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
2011-03-24 06:11    167936    ----a-w-    c:\program files\Freecorder\FLVSrvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-01 19:36    136176    ----atw-    c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44    31072    ----a-w-    c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2009-05-11 08:45    24576    ----a-w-    c:\program files\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41    8192    ----a-w-    c:\program files\Xvid\CheckUpdate.exe
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R2 Nexus Server;Nexus Server (Carbon Coder); [x]
R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x]
R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960]
R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392]
R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440]
R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x]
R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160]
R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400]
S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392]
S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776]
S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]
S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416]
S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274]
S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544]
S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112]
S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic)
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true
FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.softonic_i.dfltSrch - true
FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.softonic_i.dnsErr - true
FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999
FF - user.js: extensions.softonic_i.instlDay - 15372
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - orgnl
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - eng7
FF - user.js: extensions.softonic_i.instlRef - MON00001
FF - user.js: extensions.softonic_i.dfltLng - 
FF - user.js: extensions.softonic_i.excTlbr - false
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\TeamViewer\Version7\TeamViewer.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Ora fine scansione: 2012-02-14  23:25:52 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2012-02-14 22:25
ComboFix2.txt  2012-02-14 07:58
ComboFix3.txt  2012-02-13 20:11
ComboFix4.txt  2012-02-13 18:38
ComboFix5.txt  2012-02-14 21:54
.
Pre-Run: 64.289.189.888 byte disponibili
Post-Run: 64.443.555.840 byte disponibili
.
- - End Of File - - A49D8B3C3B4470888A2CE27684D01E7D
 
tecnico24

tecnico24

Utente Èlite
10,706
1,072
Il problema si ripresenta ?
Avvia Hijackthis , dal main menu clicca su open the misc tools selections
Clicca su Open ADS SPY
Assicurati che sia tolta la spunta su Quick scan
Clicca su Start scan e attendi il termine della scansione
Quando ha finito clicca su Remove Selected

Apri il prompt dei comandi ( Start - nella casella di ricerca scrivi cmd - tasto destro e clicca su Esegui come Amministratore )
e digita in sequenza ciò seguito da invio:
netsh int ip reset C:\netsh.log.txt
netsh winsock reset

Riavvia il pc.
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
... ho tolto il flag Quick scan e ho lasciato il flag su Ignore safe System info stream.

Lo scan ha mostrato qualche centinaia di voci. Non ne ho flaggato nessuno e ho cliccato su remove select.

Ho eseguito i due comandi netsh e riavviato.

Il browser non visualizza le pagine HTML con il messaggio : La pagina non è disponibile.

Ora il PC non va piu' in rete, .

Ho pensato di fare cosa gradita allegare il log di Hijackthis:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 02:09:21, on 15/02/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
C:\Program Files\InstantTimeZone\InstantTimeZone.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Evernote\Evernote\Evernote.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Servizio Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HomeFreeQuick.lnk = C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
O4 - Global Startup: InstantTimeZone.lnk = C:\Program Files\InstantTimeZone\InstantTimeZone.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Servizio Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerNetDevice - AVerMedia Technologies, Inc. - C:\Program Files\Common Files\HomeFree\Service\AVerNetDevice.exe
O23 - Service: AVerNetSchedule - Unknown owner - C:\Program Files\Common Files\HomeFree\Service\AVerNetSchedule.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


--
End of file - 8688 bytes

---------- Post added at 02:23 ---------- Previous post was at 02:14 ----------

Per scrupolo sono andato a controllare le impostazioni della scheda di rete e tutti i valori erano a blank.

Ho reimpostato gli indirizzi IP ed ora le pagine HTML si aprono correttamente.

Sembra che tutto funzioni ... ora avvio MalwareBytes e gli faccio controllare il disco C: (160 GB utilizzato al 70%) e il disco D: (320 GB utilizzato al 80%) e vediamo domattina cosa ha trovato.
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
Ha trovato due malware nel disco D: Malware.Generic e RiskWare.Tool.CK e li ho cancellati.
Reboot.
Sembra che tutto funzioni OK.
 
Ultima modifica:
tecnico24

tecnico24

Utente Èlite
10,706
1,072
Ovviamente i comandi resettano il protocollo di rete TCP/IP e la sua configurazione : se hai il dhcp disabilitato è normale che tu debbia riempostare i valori a mano.
Il disco D:\ in questione non lo hai fatto analizzare , nei log era tutto inerente a C:\
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
Hai ragione, sorry.
Scusami, ma come faccio a settare l'analisi anche del disco D:?
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
Per Malwarebytes ho effettuato lo scan su C:\ e D:\ e i file infetti erano su D:\

Come faccio a settare lo scan per D:\ su ComboFix?
 
tecnico24

tecnico24

Utente Èlite
10,706
1,072
Scaricalo e salvalo in D:\
Avvialo dalla partizione stessa -> tasto destro e click su Esegui come amministratore.
 
W

wirecut

Nuovo Utente
19
0
CPU
Intel Pentium E2200 - Conroe 65nm
Scheda Madre
ASUS P5QL/EPU (LGA775)
HDD
C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
RAM
4GB DDR2 336 Mhz
GPU
nVidia 256 MBQuadro NVS290
Audio
VIA High Derfinition Audio
Monitor
n°2 Samsung SyncMaster 940N
PSU
Scorpian - BT-52-MGAPB - 520 Watt
Case
big tower
OS
Windows 7 Ultimate 32 bit SP1
... ecco il log del run sul disco D:
Codice: 
ComboFix 12-02-13.01 - ASUS24 15/02/2012  16:15:54.6.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.39.1040.18.3327.1959 [GMT 1:00]
Eseguito da: D:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Creato nuovo punto di ripristino
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\cseDVH.dll
c:\windows\system32\zlibwapi.dll
.
La copia infetta di c:\windows\system32\userinit.exe è stata trovata e disinfettata 
ipristinata copia da - c:\windows\ERDNT\cache\userinit.exe 
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-01-15 al 2012-02-15  )))))))))))))))))))))))))))))))))))
.
.
2012-02-15 15:36 . 2012-02-15 15:36    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2012-02-15 15:32 . 2012-02-15 15:36    --------    d-----w-    c:\users\ASUS24\AppData\Local\temp
2012-02-15 15:32 . 2012-02-15 15:32    --------    d-----w-    c:\users\Public\AppData\Local\temp
2012-02-15 15:32 . 2012-02-15 15:32    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-02-15 01:15 . 2012-02-15 01:15    --------    d-----w-    c:\users\ASUS24\AppData\Local\ElevatedDiagnostics
2012-02-14 21:43 . 2012-02-14 21:43    --------    d-----w-    c:\program files\p-nand-q.com
2012-02-14 21:17 . 2012-02-14 21:17    388096    ----a-r-    c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2012-02-13 20:58 . 2012-02-14 21:13    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2012-02-13 20:58 . 2011-12-10 14:24    20464    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-02-13 16:34 . 2012-02-13 16:34    --------    d-----w-    c:\program files\TrendMicro
2012-02-12 18:24 . 2011-07-29 12:54    19840    ----a-w-    c:\windows\system32\EuEpmGdi.dll
2012-02-12 18:24 . 2011-09-09 17:23    2469760    ----a-w-    c:\windows\system32\BootMan.exe
2012-02-12 18:24 . 2011-07-29 12:54    86408    ----a-w-    c:\windows\system32\setupempdrv03.exe
2012-02-12 18:24 . 2011-07-29 12:54    8456    ----a-w-    c:\windows\system32\EuGdiDrv.sys
2012-02-12 18:24 . 2011-07-29 12:54    14216    ----a-w-    c:\windows\system32\epmntdrv.sys
2012-02-11 14:49 . 2012-02-11 14:49    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\Yahoo!
2012-02-02 19:54 . 2012-02-02 19:54    601408    ----a-w-    c:\windows\system32\drivers\timntr.sys
2012-02-02 19:54 . 2012-02-02 19:54    83392    ----a-w-    c:\windows\system32\drivers\vsflt53.sys
2012-02-02 19:03 . 2012-02-02 19:03    --------    d-----w-    c:\users\ASUS24\AppData\Local\Software della webcam Logitech®
2012-02-02 18:56 . 2012-02-02 18:56    169088    ----a-w-    c:\windows\system32\drivers\snman603.sys
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054
2012-02-02 18:18 . 2012-02-02 18:18    --------    d-----w-    c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849
2012-02-02 17:23 . 2012-02-02 17:23    --------    d-----w-    c:\program files\Evernote
2012-02-02 17:09 . 2012-02-02 17:09    --------    d-----w-    c:\users\ASUS24\AppData\Local\Evernote
2012-02-02 17:07 . 2012-02-02 19:48    167    ----a-w-    C:\user.js
2012-02-02 16:54 . 2012-02-02 16:54    766496    ----a-w-    c:\windows\system32\drivers\tdrpman.sys
2012-02-02 16:53 . 2012-02-02 16:53    77696    ----a-w-    c:\windows\system32\drivers\fltsrv.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-02 18:56 . 2011-04-16 17:20    169088    ----a-w-    c:\windows\system32\drivers\snapman.sys
2011-12-24 10:39 . 2011-05-26 06:49    414368    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-21 16:35 . 2011-04-03 10:19    80488    ----a-w-    c:\windows\system32\RtNicProp32.dll
2011-12-19 10:32 . 2011-12-19 10:32    125472    ----a-w-    c:\windows\system32\drivers\vididr.sys
2011-11-28 18:01 . 2011-04-24 05:53    41184    ----a-w-    c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-04-24 05:53    199816    ----a-w-    c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-04-24 05:54    435032    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-04-24 05:54    314456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-04-24 05:54    34392    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-04-24 05:54    52952    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-04-24 05:54    55128    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-04-24 05:54    20568    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:25 . 2011-12-15 12:10    2342912    ----a-w-    c:\windows\system32\win32k.sys
2011-11-23 22:02 . 2011-11-23 22:02    491112    ----a-w-    c:\windows\system32\drivers\Rt86win7.sys
2011-11-23 22:02 . 2011-11-23 22:02    100896    ----a-w-    c:\windows\system32\RTNUninst32.dll
2011-07-09 19:42 . 2011-07-09 19:42    119808    ----a-w-    c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01    122512    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
.
c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376]
HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352]
InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk]
backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37    843712    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 13:10    35736    ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
2011-03-24 06:11    167936    ----a-w-    c:\program files\Freecorder\FLVSrvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-01 19:36    136176    ----atw-    c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44    31072    ----a-w-    c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2009-05-11 08:45    24576    ----a-w-    c:\program files\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41    8192    ----a-w-    c:\program files\Xvid\CheckUpdate.exe
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R2 Nexus Server;Nexus Server (Carbon Coder); [x]
R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x]
R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960]
R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176]
R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392]
R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440]
R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x]
R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160]
R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400]
S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392]
S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776]
S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]
S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416]
S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274]
S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544]
S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112]
S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job
- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic)
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true
FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.softonic_i.dfltSrch - true
FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.softonic_i.dnsErr - true
FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999
FF - user.js: extensions.softonic_i.instlDay - 15372
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - orgnl
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - eng7
FF - user.js: extensions.softonic_i.instlRef - MON00001
FF - user.js: extensions.softonic_i.dfltLng - 
FF - user.js: extensions.softonic_i.excTlbr - false
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(5964)
c:\program files\TeamViewer\Version7\tv_w32.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\TeamViewer\Version7\TeamViewer.exe
c:\windows\system32\conhost.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\windows defender\MpCmdRun.exe
.
**************************************************************************
.
Ora fine scansione: 2012-02-15  16:46:40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2012-02-15 15:46
ComboFix2.txt  2012-02-14 22:25
ComboFix3.txt  2012-02-14 07:58
ComboFix4.txt  2012-02-13 20:11
ComboFix5.txt  2012-02-15 15:14
.
Pre-Run: 64.407.928.832 byte disponibili
Post-Run: 64.408.723.456 byte disponibili
.
- - End Of File - - 0FF045F695C895503BAB2B83A1188FF4
 
Stato
Discussione chiusa ad ulteriori risposte.

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!