Olimpo Informatico

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

scusami per l'ignoranza ecco il Log :

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\kxqyssdt

*******************

Script file located at: \??\C:\WINDOWS\system32\occrdcwd.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\ouklnu.exe deleted successfully.
File C:\WINDOWS\system32\qzuh.exe deleted successfully.
File C:\WINDOWS\system32\zkxevo.exe deleted successfully.
File C:\WINDOWS\system32\mphigh.dll deleted successfully.
Program C:\Documents and Settings\Ditommaso\Desktop\sys98460.exe successfully set up to run once on reboot.

Completed script processing.

*******************

Finished! Terminate.

adesso riprovo con Combofix !

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

Bene...

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

Combofix :

ComboFix 08-07-01.3 - Ditommaso 2008-07-02 17.22.16.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.224 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Ditommaso\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-06-02 al 2008-07-02 )))))))))))))))))))))))))))))))))))
.

2067-05-19 16:06 . 2003-02-05 04:02 79,947 --a--c--- C:\WINDOWS\fw20.vxd
2008-07-02 17:11 . 2008-07-02 17:11 <DIR> d----c--- C:\suspectfile
2008-07-02 15:04 . 2008-07-02 15:04 <DIR> d----c--- C:\COMBO-FIX
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 16:00 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 15:30 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-06-30 15:30 . 2002-06-21 15:09 160,217 --a------ C:\WINDOWS\system32\PowerToysLicense.rtf
2008-06-28 18:06 . 2008-06-28 18:05 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-27 17:48 . 2008-06-27 17:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-27 17:48 . 2008-06-27 17:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-25 15:36 . 2008-06-25 15:36 <DIR> d-------- C:\Programmi\File comuni\xing shared
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\File comuni\AVSMedia
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2006-03-03 10:02 658,432 --a------ C:\WINDOWS\system32\cc3270mt.dll
2008-06-25 15:23 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\AVS4YOU
2008-06-25 15:23 . 2003-05-21 13:50 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-06-23 17:40 . 2008-06-23 17:40 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\MailFrontier
2008-06-23 17:40 . 2008-06-23 17:42 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-23 17:37 . 2008-06-23 18:17 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\PCSuite
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\Nokia
2008-06-19 20:25 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-06-19 20:24 . 2008-06-19 20:24 <DIR> d-------- C:\Programmi\PC Connectivity Solution
2008-06-19 20:23 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-06-19 20:23 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-19 20:23 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-06-19 20:23 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-06-13 17:25 . 2008-06-13 17:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Dati applicazioni\phcclkct
2008-06-13 15:33 . 2008-06-13 15:33 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\phcclkct
2008-06-13 10:13 . 2008-06-13 15:33 <DIR> d-------- C:\Programmi\File comuni\Mozilla Shared
2008-06-12 10:01 . 2002-11-05 17:59 128,000 --a------ C:\WINDOWS\system32\Dbcgdi32f.dll
2008-06-05 14:08 . 2008-06-09 21:47 <DIR> d-------- C:\Programmi\Sophos

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 13:56 --------- d-----w C:\Programmi\eMule
2008-06-25 13:36 --------- d-----w C:\Programmi\File comuni\Real
2008-06-24 21:55 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Skype
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\PC Suite
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Nokia
2008-06-19 18:27 --------- d-----w C:\Programmi\Nokia
2008-06-19 18:20 --------- dc----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-25 16:48 --------- d-----w C:\Programmi\Enigma Software Group
2008-05-25 12:32 578,560 ----a-w C:\WINDOWS\system32\user32.DLL
2008-05-24 01:03 --------- d-----w C:\Programmi\Trend Micro
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 21:06 --------- d-----w C:\Programmi\LGGSM
2008-05-06 21:05 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-06 11:32 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\LimeWire
2008-05-02 12:06 --------- d-----w C:\Programmi\LimeWire
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-14 17:21 0 ----a-w C:\Documents and Settings\Ditommaso\wn1001.exe
2007-09-09 21:22 774,144 ----a-w C:\Programmi\RngInterstitial.dll
.
C:\WINDOWS\system32\user32.dll ... is infected !! (additional data below)
578,048 2005-03-02 18:20:03 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
579,072 2007-03-08 15:48:41 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
561,152 2003-09-25 17:08:05 C:\WINDOWS\$NtServicePackUninstall$\user32.dll
561,152 2003-04-08 12:00:00 C:\WINDOWS\$NtUninstallKB824141$\user32.dll
578,048 2004-08-19 22:39:29 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
578,048 2005-03-02 18:10:24 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
578,048 2004-08-19 22:39:29 C:\WINDOWS\ServicePackFiles\i386\user32.dll
561,152 2004-06-17 17:55:43 C:\WINDOWS\SoftwareDistribution\Download\35c9202e0b6958f9f0063a1b6124f10e\sp1qfe\user32.dll
578,560 2008-05-25 12:32:03 C:\WINDOWS\system32\user32.DLL
578,560 2008-05-25 12:32:03 C:\WINDOWS\system32\dllcache\user32.dll

------- Sigcheck -------

2005-03-02 20:20 578048 488019bfe2b0f9f8cd8394276d5b664a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:48 579072 bab4f995e526484a235a276e269aaf7f C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2003-09-25 19:08 561152 a4478206df84006d711f91d0cb7abb0e C:\WINDOWS\$NtServicePackUninstall$\user32.dll
2003-04-08 14:00 561152 bb4a220b198767e1848fcd64d3f1b96c C:\WINDOWS\$NtUninstallKB824141$\user32.dll
2004-08-20 00:39 578048 08447bdfce5d1b1956f962602381f5c1 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 14b5d6b20467dba209853d65d1f6a124 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2004-08-20 00:39 578048 08447bdfce5d1b1956f962602381f5c1 C:\WINDOWS\ServicePackFiles\i386\user32.dll
2004-06-17 19:55 561152 7c8719722df5aee059b5d4c79ac61a78 C:\WINDOWS\SoftwareDistribution\Download\35c9202e0b6958f9f0063a1b6124f10e\sp1qfe\user32.dll
2008-05-25 14:32 578560 ef47afbc7c4f644865a8c6892ea863e1 C:\WINDOWS\system32\user32.DLL
2008-05-25 14:32 578560 ef47afbc7c4f644865a8c6892ea863e1 C:\WINDOWS\system32\dllcache\user32.dll
.
((((((((((((((((((((((((((((( snapshot_2008-06-29_17.04.19.05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 14:51:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 15:13:13 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 15:13:23 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_558.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:39 15360]
"ccleaner"="C:\Programmi\CCleaner\ccleaner.exe" [2008-06-25 15:58 1209584]
"PC Suite Tray"="C:\Documents and Settings\Ditommaso\Desktop\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 12:53 1079808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-04-02 09:40 4616192]
"NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 12:50 155648]
"RoxioEngineUtility"="C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" [2003-02-27 06:31 69632]
"RoxioDragToDisc"="C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-02-27 05:36 757760]
"RoxioAudioCentral"="C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-02-26 17:50 253952]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-11 01:01 57393]
"IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-11 01:28 40960]
"SetDefPrt"="C:\Programmi\Brother\Brmfl05b\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 21:36 933888]
"Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 15:09 63712]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-25 15:35 185896]
"nwiz"="nwiz.exe" [2003-04-02 09:40 323584 C:\WINDOWS\system32\nwiz.exe]
"AdslTaskBar"="stmctrl.dll" [2003-01-22 13:01 151552 C:\WINDOWS\system32\stmctrl.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:39 15360]

C:\Documents and Settings\Ditommaso\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a ashDisp.lnk - C:\Programmi\Alwil Software\Avast4\ashDisp.exe [2007-05-15 14:16:53 79224]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office\OSA9.EXE [2000-01-21 10:15:56 65588]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"= 1 (0x1)
"NoDispScrSavPage"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= (valor no establecido)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= jl_mjpg2.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winei26.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"45241:TCP"= 45241:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"22958:TCP"= 22958:TCP:@xpsp2res.dll,-22009
"9138:TCP"= 9138:TCP:@xpsp2res.dll,-22009
"59047:TCP"= 59047:TCP:@xpsp2res.dll,-22009
"46747:TCP"= 46747:TCP:@xpsp2res.dll,-22009
"42357:TCP"= 42357:TCP:@xpsp2res.dll,-22009
"23189:TCP"= 23189:TCP:@xpsp2res.dll,-22009
"63119:TCP"= 63119:TCP:@xpsp2res.dll,-22009
"3498:TCP"= 3498:TCP:@xpsp2res.dll,-22009
"13709:TCP"= 13709:TCP:@xpsp2res.dll,-22009
"16783:TCP"= 16783:TCP:@xpsp2res.dll,-22009
"18095:TCP"= 18095:TCP:@xpsp2res.dll,-22009
"15682:TCP"= 15682:TCP:@xpsp2res.dll,-22009
"47419:TCP"= 47419:TCP:@xpsp2res.dll,-22009
"16533:TCP"= 16533:TCP:@xpsp2res.dll,-22009
"34713:TCP"= 34713:TCP:@xpsp2res.dll,-22009
"31578:TCP"= 31578:TCP:@xpsp2res.dll,-22009
"9389:TCP"= 9389:TCP:@xpsp2res.dll,-22009
"51088:TCP"= 51088:TCP:@xpsp2res.dll,-22009
"4226:TCP"= 4226:TCP:@xpsp2res.dll,-22009
"28850:TCP"= 28850:TCP:@xpsp2res.dll,-22009
"21247:TCP"= 21247:TCP:@xpsp2res.dll,-22009
"38533:TCP"= 38533:TCP:@xpsp2res.dll,-22009
"38722:TCP"= 38722:TCP:@xpsp2res.dll,-22009
"54950:TCP"= 54950:TCP:@xpsp2res.dll,-22009
"34971:TCP"= 34971:TCP:@xpsp2res.dll,-22009
"10395:TCP"= 10395:TCP:@xpsp2res.dll,-22009
"49849:TCP"= 49849:TCP:@xpsp2res.dll,-22009

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;"C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:45]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-06-29 17:22]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2002-09-25 08:37]
S0 Winei26;Winei26;C:\WINDOWS\system32\Drivers\Winei26.sys []
S2 FILESpy;FILESpy;C:\Programmi\BullGuard\filespy.sys []
S3 brfilt;Driver filtro Brother MFC;C:\WINDOWS\system32\Drivers\Brfilt.sys [2001-08-17 21:12]
S3 brparimg;Driver Brother Multi Function Parallel Image;C:\WINDOWS\system32\DRIVERS\BrParImg.sys [2001-08-17 21:12]
S3 BrParWdm;Driver parallelo Brother WDM;C:\WINDOWS\system32\Drivers\BrParwdm.sys [2001-08-30 20:18]
S3 BrSerWdm;Brother WDM Serial driver;C:\WINDOWS\system32\Drivers\BrSerWdm.sys [2004-11-23 17:39]
S3 ICDUSB2;Sony IC Recorder (P);C:\WINDOWS\system32\Drivers\ICDUSB2.sys [2002-11-28 22:23]
S3 iMSPCLOj;iMSPCLOj;C:\DOCUME~1\DITOMM~1\IMPOST~1\Temp\iMSPCLOj.sys []
S3 JL2005;JL2005A Toy Camera;C:\WINDOWS\system32\Drivers\toywdm.sys [2004-07-28 19:36]
S3 TaurusUsb;ADSL Modem USB Service 1.09a;C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-01-09 16:21]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ed71e60-b7dd-11dc-b9f8-000c6e91777d}]
\Shell\AutoRun\command - F:\AutoTransfer.exe

.
Contenuto della cartella 'Scheduled Tasks'
"2008-07-02 15:17:21 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programmi\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 17:28:10
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

**************************************************************************
.
Ora fine scansione: 2008-07-02 17.33.27
ComboFix-quarantined-files.txt 2008-07-02 15:32:24
ComboFix2.txt 2008-07-02 13:18:37
ComboFix3.txt 2008-06-30 13:47:33
ComboFix4.txt 2008-06-29 15:05:32
ComboFix5.txt 2008-05-23 23:22:47

31 Directory 56,902,971,392 byte disponibili
34 Directory 56,902,098,944 byte disponibili

230 --- E O F --- 2008-07-02 09:04:17

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

Oddio...ma dopo tutte queste scansioni ancora ho il pc infetto!!...vabbè io aspetto tue risposte dopo che hai dato un'occhiata al log di combofix!!

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

Potrebbe anche trattarsi di un falso allarme, ma lo dovremmo verificare perciò devi aver un pò di pazienza per quel file.
Disattiva momentaneamente il riconoscimento automatico delle chiavette USB serve il programma TweakUI scaricabile da questa pagina e installalo.
Una volta installato, eseguilo e procedi con questi passaggi:

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

ComboFix 08-07-01.3 - Ditommaso 2008-07-03 12.00.09.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.214 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Ditommaso\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Ditommaso\Desktop\CFScript.txt
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-06-03 al 2008-07-03 )))))))))))))))))))))))))))))))))))
.

2067-05-19 16:06 . 2003-02-05 04:02 79,947 --a--c--- C:\WINDOWS\fw20.vxd
2008-07-02 17:11 . 2008-07-02 17:11 <DIR> d----c--- C:\suspectfile
2008-07-02 15:04 . 2008-07-02 15:04 <DIR> d----c--- C:\COMBO-FIX
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 16:00 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 15:30 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-06-30 15:30 . 2002-06-21 15:09 160,217 --a------ C:\WINDOWS\system32\PowerToysLicense.rtf
2008-06-28 18:06 . 2008-06-28 18:05 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-27 17:48 . 2008-06-27 17:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-27 17:48 . 2008-06-27 17:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-25 15:36 . 2008-06-25 15:36 <DIR> d-------- C:\Programmi\File comuni\xing shared
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\File comuni\AVSMedia
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2006-03-03 10:02 658,432 --a------ C:\WINDOWS\system32\cc3270mt.dll
2008-06-25 15:23 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\AVS4YOU
2008-06-25 15:23 . 2003-05-21 13:50 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-06-23 17:40 . 2008-06-23 17:40 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\MailFrontier
2008-06-23 17:40 . 2008-06-23 17:42 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-23 17:37 . 2008-06-23 18:17 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\PCSuite
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\Nokia
2008-06-19 20:25 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-06-19 20:24 . 2008-06-19 20:24 <DIR> d-------- C:\Programmi\PC Connectivity Solution
2008-06-19 20:23 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-06-19 20:23 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-19 20:23 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-06-19 20:23 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-06-13 17:25 . 2008-06-13 17:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Dati applicazioni\phcclkct
2008-06-13 15:33 . 2008-06-13 15:33 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\phcclkct
2008-06-13 10:13 . 2008-06-13 15:33 <DIR> d-------- C:\Programmi\File comuni\Mozilla Shared
2008-06-12 10:01 . 2002-11-05 17:59 128,000 --a------ C:\WINDOWS\system32\Dbcgdi32f.dll
2008-06-05 14:08 . 2008-06-09 21:47 <DIR> d-------- C:\Programmi\Sophos

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 13:56 --------- d-----w C:\Programmi\eMule
2008-06-25 13:36 --------- d-----w C:\Programmi\File comuni\Real
2008-06-24 21:55 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Skype
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\PC Suite
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Nokia
2008-06-19 18:27 --------- d-----w C:\Programmi\Nokia
2008-06-19 18:20 --------- dc----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-25 16:48 --------- d-----w C:\Programmi\Enigma Software Group
2008-05-25 12:32 578,560 ----a-w C:\WINDOWS\system32\user32.DLL
2008-05-24 01:03 --------- d-----w C:\Programmi\Trend Micro
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 21:06 --------- d-----w C:\Programmi\LGGSM
2008-05-06 21:05 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-06 11:32 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\LimeWire
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-14 17:21 0 ----a-w C:\Documents and Settings\Ditommaso\wn1001.exe
2007-09-09 21:22 774,144 ----a-w C:\Programmi\RngInterstitial.dll
.
C:\WINDOWS\system32\user32.dll ... is infected !! (additional data below)
578,048 2005-03-02 18:20:03 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
579,072 2007-03-08 15:48:41 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
561,152 2003-09-25 17:08:05 C:\WINDOWS\$NtServicePackUninstall$\user32.dll
561,152 2003-04-08 12:00:00 C:\WINDOWS\$NtUninstallKB824141$\user32.dll
578,048 2004-08-19 22:39:29 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
578,048 2005-03-02 18:10:24 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
578,048 2004-08-19 22:39:29 C:\WINDOWS\ServicePackFiles\i386\user32.dll
561,152 2004-06-17 17:55:43 C:\WINDOWS\SoftwareDistribution\Download\35c9202e0b6958f9f0063a1b6124f10e\sp1qfe\user32.dll
578,560 2008-05-25 12:32:03 C:\WINDOWS\system32\user32.DLL
578,560 2008-05-25 12:32:03 C:\WINDOWS\system32\dllcache\user32.dll

------- Sigcheck -------

2005-03-02 20:20 578048 488019bfe2b0f9f8cd8394276d5b664a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:48 579072 bab4f995e526484a235a276e269aaf7f C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2003-09-25 19:08 561152 a4478206df84006d711f91d0cb7abb0e C:\WINDOWS\$NtServicePackUninstall$\user32.dll
2003-04-08 14:00 561152 bb4a220b198767e1848fcd64d3f1b96c C:\WINDOWS\$NtUninstallKB824141$\user32.dll
2004-08-20 00:39 578048 08447bdfce5d1b1956f962602381f5c1 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 14b5d6b20467dba209853d65d1f6a124 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2004-08-20 00:39 578048 08447bdfce5d1b1956f962602381f5c1 C:\WINDOWS\ServicePackFiles\i386\user32.dll
2004-06-17 19:55 561152 7c8719722df5aee059b5d4c79ac61a78 C:\WINDOWS\SoftwareDistribution\Download\35c9202e0b6958f9f0063a1b6124f10e\sp1qfe\user32.dll
2008-05-25 14:32 578560 ef47afbc7c4f644865a8c6892ea863e1 C:\WINDOWS\system32\user32.DLL
2008-05-25 14:32 578560 ef47afbc7c4f644865a8c6892ea863e1 C:\WINDOWS\system32\dllcache\user32.dll
.
((((((((((((((((((((((((((((( snapshot_2008-06-29_17.04.19.05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 14:51:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-03 09:48:07 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-03 09:48:18 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_544.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:39 15360]
"ccleaner"="C:\Programmi\CCleaner\ccleaner.exe" [2008-06-25 15:58 1209584]
"PC Suite Tray"="C:\Documents and Settings\Ditommaso\Desktop\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 12:53 1079808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-04-02 09:40 4616192]
"NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 12:50 155648]
"RoxioEngineUtility"="C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" [2003-02-27 06:31 69632]
"RoxioDragToDisc"="C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-02-27 05:36 757760]
"RoxioAudioCentral"="C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-02-26 17:50 253952]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-11 01:01 57393]
"IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-11 01:28 40960]
"SetDefPrt"="C:\Programmi\Brother\Brmfl05b\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 21:36 933888]
"Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 15:09 63712]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-25 15:35 185896]
"nwiz"="nwiz.exe" [2003-04-02 09:40 323584 C:\WINDOWS\system32\nwiz.exe]
"AdslTaskBar"="stmctrl.dll" [2003-01-22 13:01 151552 C:\WINDOWS\system32\stmctrl.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:39 15360]

C:\Documents and Settings\Ditommaso\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a ashDisp.lnk - C:\Programmi\Alwil Software\Avast4\ashDisp.exe [2007-05-15 14:16:53 79224]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office\OSA9.EXE [2000-01-21 10:15:56 65588]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"= 1 (0x1)
"NoDispScrSavPage"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= (valor no establecido)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= jl_mjpg2.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winei26.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"45241:TCP"= 45241:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"22958:TCP"= 22958:TCP:@xpsp2res.dll,-22009
"9138:TCP"= 9138:TCP:@xpsp2res.dll,-22009
"59047:TCP"= 59047:TCP:@xpsp2res.dll,-22009
"46747:TCP"= 46747:TCP:@xpsp2res.dll,-22009
"42357:TCP"= 42357:TCP:@xpsp2res.dll,-22009
"23189:TCP"= 23189:TCP:@xpsp2res.dll,-22009
"63119:TCP"= 63119:TCP:@xpsp2res.dll,-22009
"3498:TCP"= 3498:TCP:@xpsp2res.dll,-22009
"13709:TCP"= 13709:TCP:@xpsp2res.dll,-22009
"16783:TCP"= 16783:TCP:@xpsp2res.dll,-22009
"18095:TCP"= 18095:TCP:@xpsp2res.dll,-22009
"15682:TCP"= 15682:TCP:@xpsp2res.dll,-22009
"47419:TCP"= 47419:TCP:@xpsp2res.dll,-22009
"16533:TCP"= 16533:TCP:@xpsp2res.dll,-22009
"34713:TCP"= 34713:TCP:@xpsp2res.dll,-22009
"31578:TCP"= 31578:TCP:@xpsp2res.dll,-22009
"9389:TCP"= 9389:TCP:@xpsp2res.dll,-22009
"51088:TCP"= 51088:TCP:@xpsp2res.dll,-22009
"4226:TCP"= 4226:TCP:@xpsp2res.dll,-22009
"28850:TCP"= 28850:TCP:@xpsp2res.dll,-22009
"21247:TCP"= 21247:TCP:@xpsp2res.dll,-22009
"38533:TCP"= 38533:TCP:@xpsp2res.dll,-22009
"38722:TCP"= 38722:TCP:@xpsp2res.dll,-22009
"54950:TCP"= 54950:TCP:@xpsp2res.dll,-22009
"34971:TCP"= 34971:TCP:@xpsp2res.dll,-22009
"10395:TCP"= 10395:TCP:@xpsp2res.dll,-22009
"49849:TCP"= 49849:TCP:@xpsp2res.dll,-22009

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;"C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:45]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-06-29 17:22]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2002-09-25 08:37]
S0 Winei26;Winei26;C:\WINDOWS\system32\Drivers\Winei26.sys []
S2 FILESpy;FILESpy;C:\Programmi\BullGuard\filespy.sys []
S3 brfilt;Driver filtro Brother MFC;C:\WINDOWS\system32\Drivers\Brfilt.sys [2001-08-17 21:12]
S3 brparimg;Driver Brother Multi Function Parallel Image;C:\WINDOWS\system32\DRIVERS\BrParImg.sys [2001-08-17 21:12]
S3 BrParWdm;Driver parallelo Brother WDM;C:\WINDOWS\system32\Drivers\BrParwdm.sys [2001-08-30 20:18]
S3 BrSerWdm;Brother WDM Serial driver;C:\WINDOWS\system32\Drivers\BrSerWdm.sys [2004-11-23 17:39]
S3 ICDUSB2;Sony IC Recorder (P);C:\WINDOWS\system32\Drivers\ICDUSB2.sys [2002-11-28 22:23]
S3 iMSPCLOj;iMSPCLOj;C:\DOCUME~1\DITOMM~1\IMPOST~1\Temp\iMSPCLOj.sys []
S3 JL2005;JL2005A Toy Camera;C:\WINDOWS\system32\Drivers\toywdm.sys [2004-07-28 19:36]
S3 TaurusUsb;ADSL Modem USB Service 1.09a;C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-01-09 16:21]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]

.
Contenuto della cartella 'Scheduled Tasks'
"2008-07-03 09:51:51 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programmi\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-03 12:05:31
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

**************************************************************************
.
Ora fine scansione: 2008-07-03 12.11.29
ComboFix-quarantined-files.txt 2008-07-03 10:10:26
ComboFix2.txt 2008-07-02 15:33:29
ComboFix3.txt 2008-07-02 13:18:37
ComboFix4.txt 2008-06-30 13:47:33
ComboFix5.txt 2008-06-29 15:05:32

31 Directory 56,877,817,856 byte disponibili
34 Directory 56,863,506,432 byte disponibili

229 --- E O F --- 2008-07-02 09:04:17

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

Pare che ancora sia infetto il Pc.... infatti quando accendo internet ci mette un pochetto prima che si apri la pagina...attendo vostre istruzioni comunque! Grazie

bdoriano

Ciao Teseus, Ciao

per cortesia, segui le indicazioni di questo messaggio per installare la Console di ripristino di Windows. (XP Home SP2, nel tuo caso)

Al termine, posta un log aggiornato di ComboFix.

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

ComboFix 08-07-01.3 - Ditommaso 2008-07-04 15.49.18.7 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.213 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Ditommaso\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Ditommaso\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\Help\access.hlp
C:\WINDOWS\Help\verifier.hlp

.
((((((((((((((((((((((((( Files Creati Da 2008-06-04 al 2008-07-04 )))))))))))))))))))))))))))))))))))
.

2067-05-19 16:06 . 2003-02-05 04:02 79,947 --a--c--- C:\WINDOWS\fw20.vxd
2008-07-02 17:11 . 2008-07-02 17:11 <DIR> d----c--- C:\suspectfile
2008-07-02 15:04 . 2008-07-02 15:04 <DIR> d----c--- C:\COMBO-FIX
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-30 16:00 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2008-06-30 16:00 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 16:00 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 15:30 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-06-30 15:30 . 2002-06-21 15:09 160,217 --a------ C:\WINDOWS\system32\PowerToysLicense.rtf
2008-06-28 18:06 . 2008-06-28 18:05 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-27 17:48 . 2008-07-03 16:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-27 17:48 . 2008-06-27 17:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-25 15:36 . 2008-06-25 15:36 <DIR> d-------- C:\Programmi\File comuni\xing shared
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\File comuni\AVSMedia
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2008-06-25 15:24 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\AVS4YOU
2008-06-25 15:24 . 2006-03-03 10:02 658,432 --a------ C:\WINDOWS\system32\cc3270mt.dll
2008-06-25 15:23 . 2008-06-25 15:24 <DIR> d-------- C:\Programmi\AVS4YOU
2008-06-25 15:23 . 2003-05-21 13:50 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-06-23 17:40 . 2008-06-23 17:40 <DIR> d----c--- C:\Documents and Settings\All Users\Dati applicazioni\MailFrontier
2008-06-23 17:40 . 2008-06-23 17:42 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-06-23 17:37 . 2008-06-23 18:17 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-06-19 21:49 . 2004-08-04 08:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-19 21:49 . 2008-06-19 21:49 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\PCSuite
2008-06-19 20:28 . 2008-06-19 20:28 <DIR> d-------- C:\Programmi\File comuni\Nokia
2008-06-19 20:25 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-06-19 20:24 . 2008-06-19 20:24 <DIR> d-------- C:\Programmi\PC Connectivity Solution
2008-06-19 20:23 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-06-19 20:23 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-19 20:23 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-06-19 20:23 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-06-19 20:23 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-06-13 17:25 . 2008-06-13 17:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Dati applicazioni\phcclkct
2008-06-13 15:33 . 2008-06-13 15:33 <DIR> d-------- C:\Documents and Settings\Ditommaso\Dati applicazioni\phcclkct
2008-06-13 10:13 . 2008-06-13 15:33 <DIR> d-------- C:\Programmi\File comuni\Mozilla Shared
2008-06-12 10:01 . 2002-11-05 17:59 128,000 --a------ C:\WINDOWS\system32\Dbcgdi32f.dll
2008-06-05 14:08 . 2008-06-09 21:47 <DIR> d-------- C:\Programmi\Sophos

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 13:56 --------- d-----w C:\Programmi\eMule
2008-06-25 13:36 --------- d-----w C:\Programmi\File comuni\Real
2008-06-24 21:55 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Skype
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\PC Suite
2008-06-19 19:50 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\Nokia
2008-06-19 18:27 --------- d-----w C:\Programmi\Nokia
2008-06-19 18:20 --------- dc----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-25 16:48 --------- d-----w C:\Programmi\Enigma Software Group
2008-05-24 01:03 --------- d-----w C:\Programmi\Trend Micro
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-06 21:06 --------- d-----w C:\Programmi\LGGSM
2008-05-06 21:05 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-06 11:32 --------- d-----w C:\Documents and Settings\Ditommaso\Dati applicazioni\LimeWire
2007-12-14 17:21 0 ----a-w C:\Documents and Settings\Ditommaso\wn1001.exe
2007-09-09 21:22 774,144 ----a-w C:\Programmi\RngInterstitial.dll
.
Infected C:\WINDOWS\system32\user32.dll hex repaired

((((((((((((((((((((((((((((( snapshot_2008-06-29_17.04.19.05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 14:51:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-04 13:56:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-04 13:56:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_560.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:39 15360]
"ccleaner"="C:\Programmi\CCleaner\ccleaner.exe" [2008-06-25 15:58 1209584]
"PC Suite Tray"="C:\Documents and Settings\Ditommaso\Desktop\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 12:53 1079808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-04-02 09:40 4616192]
"NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 12:50 155648]
"RoxioEngineUtility"="C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" [2003-02-27 06:31 69632]
"RoxioDragToDisc"="C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-02-27 05:36 757760]
"RoxioAudioCentral"="C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-02-26 17:50 253952]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-11 01:01 57393]
"IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-11 01:28 40960]
"SetDefPrt"="C:\Programmi\Brother\Brmfl05b\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 21:36 933888]
"Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 15:09 63712]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-25 15:35 185896]
"nwiz"="nwiz.exe" [2003-04-02 09:40 323584 C:\WINDOWS\system32\nwiz.exe]
"AdslTaskBar"="stmctrl.dll" [2003-01-22 13:01 151552 C:\WINDOWS\system32\stmctrl.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:39 15360]

C:\Documents and Settings\Ditommaso\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a ashDisp.lnk - C:\Programmi\Alwil Software\Avast4\ashDisp.exe [2007-05-15 14:16:53 79224]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office\OSA9.EXE [2000-01-21 10:15:56 65588]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"= 1 (0x1)
"NoDispScrSavPage"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= (valor no establecido)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= jl_mjpg2.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winei26.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"45241:TCP"= 45241:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"22958:TCP"= 22958:TCP:@xpsp2res.dll,-22009
"9138:TCP"= 9138:TCP:@xpsp2res.dll,-22009
"59047:TCP"= 59047:TCP:@xpsp2res.dll,-22009
"46747:TCP"= 46747:TCP:@xpsp2res.dll,-22009
"42357:TCP"= 42357:TCP:@xpsp2res.dll,-22009
"23189:TCP"= 23189:TCP:@xpsp2res.dll,-22009
"63119:TCP"= 63119:TCP:@xpsp2res.dll,-22009
"3498:TCP"= 3498:TCP:@xpsp2res.dll,-22009
"13709:TCP"= 13709:TCP:@xpsp2res.dll,-22009
"16783:TCP"= 16783:TCP:@xpsp2res.dll,-22009
"18095:TCP"= 18095:TCP:@xpsp2res.dll,-22009
"15682:TCP"= 15682:TCP:@xpsp2res.dll,-22009
"47419:TCP"= 47419:TCP:@xpsp2res.dll,-22009
"16533:TCP"= 16533:TCP:@xpsp2res.dll,-22009
"34713:TCP"= 34713:TCP:@xpsp2res.dll,-22009
"31578:TCP"= 31578:TCP:@xpsp2res.dll,-22009
"9389:TCP"= 9389:TCP:@xpsp2res.dll,-22009
"51088:TCP"= 51088:TCP:@xpsp2res.dll,-22009
"4226:TCP"= 4226:TCP:@xpsp2res.dll,-22009
"28850:TCP"= 28850:TCP:@xpsp2res.dll,-22009
"21247:TCP"= 21247:TCP:@xpsp2res.dll,-22009
"38533:TCP"= 38533:TCP:@xpsp2res.dll,-22009
"38722:TCP"= 38722:TCP:@xpsp2res.dll,-22009
"54950:TCP"= 54950:TCP:@xpsp2res.dll,-22009
"34971:TCP"= 34971:TCP:@xpsp2res.dll,-22009
"10395:TCP"= 10395:TCP:@xpsp2res.dll,-22009
"49849:TCP"= 49849:TCP:@xpsp2res.dll,-22009

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;"C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:45]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-06-29 17:22]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2002-09-25 08:37]
S0 Winei26;Winei26;C:\WINDOWS\system32\Drivers\Winei26.sys []
S2 FILESpy;FILESpy;C:\Programmi\BullGuard\filespy.sys []
S3 brfilt;Driver filtro Brother MFC;C:\WINDOWS\system32\Drivers\Brfilt.sys [2001-08-17 21:12]
S3 brparimg;Driver Brother Multi Function Parallel Image;C:\WINDOWS\system32\DRIVERS\BrParImg.sys [2001-08-17 21:12]
S3 BrParWdm;Driver parallelo Brother WDM;C:\WINDOWS\system32\Drivers\BrParwdm.sys [2001-08-30 20:18]
S3 BrSerWdm;Brother WDM Serial driver;C:\WINDOWS\system32\Drivers\BrSerWdm.sys [2004-11-23 17:39]
S3 ICDUSB2;Sony IC Recorder (P);C:\WINDOWS\system32\Drivers\ICDUSB2.sys [2002-11-28 22:23]
S3 iMSPCLOj;iMSPCLOj;C:\DOCUME~1\DITOMM~1\IMPOST~1\Temp\iMSPCLOj.sys []
S3 JL2005;JL2005A Toy Camera;C:\WINDOWS\system32\Drivers\toywdm.sys [2004-07-28 19:36]
S3 TaurusUsb;ADSL Modem USB Service 1.09a;C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-01-09 16:21]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]

.
Contenuto della cartella 'Scheduled Tasks'
"2008-07-04 13:59:57 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programmi\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-04 15:57:11
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmi\Windows Defender\MsMpEng.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\BRSVC01A.EXE
C:\WINDOWS\system32\BRSS01A.EXE
C:\WINDOWS\system32\BrmfBAgS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Ora fine scansione: 2008-07-04 16:10:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-04 14:09:14
ComboFix2.txt 2008-07-03 10:11:31
ComboFix3.txt 2008-07-02 15:33:29
ComboFix4.txt 2008-07-02 13:18:37
ComboFix5.txt 2008-06-30 13:47:33

31 Directory 57,378,009,088 byte disponibili
34 Directory 57,368,256,512 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

237 --- E O F --- 2008-07-04 13:42:44

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

OK, mi pare che adesso ci siamo;

riscontri ancora problemi?

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

no pare che proceda tutto bene....speriamo che continui così...cmq sia qualsiasi problema...vi avviso...Vi ringrazio tante!..e a questo punto ti volevo chiedere se Avst come antivirus va bene?...e soprattutto se mi serve un firewall considerando che ho Windows Firewall ( che nn è si è mai fatto vivo ) e se cmq ne ho bisogno...insomma dimmi quale potrebbe essere un miglior antivirus scaricabile gratis come avast e se necessito anche di un FireWall ?????...

Teseus · Mortale adepto Registrato: 02/07/07 21:01 Messaggi: 30

Guarda sto notando purtroppo che per aprire internet ci vuole un pochetto...non è veloce come una volta.....soprattutto all'inizio ci vuole un pò per aprirlo...poi durante la navigazione nn ci sono tanti problemi per ora!..cmq attendo sempre le risposte dell'Antivirus e del Firewall !

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

Dopo che hai installato la consolle di ripristino hai riavviato il PC?

Comunque se usi Firefox credo sia normale che all'inizio la pagina si apra lentamente lo fa anche a me; poi la navigazione è normale;

per l'antivirus, Avast va bene, purchè sia regolarmente aggiornato e periodicamente fai la scansione del PC;

per il firewall puoi sceglierne uno tramite questa discussione;

attenzione che va configurato correttamente, altrimenti la navigazione risulta quasi impossibile....