Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
problema connessione dopo Combofix per rimozione malware
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
mspecos
Mortale devoto
Mortale devoto


Registrato: 19/10/07 18:19
Messaggi: 7
MessaggioInviato: 25 Gen 2011 10:44    Oggetto: problema connessione dopo Combofix per rimozione malware Rispondi citando
Ciao a tutti, non so se posso chiedere qui..ho utilizzato Combofix per cercare di rimuovere un malware (credo) che mi apriva le finestre di Internet Explorer e mi apriva un sacco di processi senza richiederli..
il programma si è avviato, ha fatto la sua scansione e corretto i suoi problemi...il problema è che una volta riavviato non funziona piu internet, mi dice sempre "impossibile contattare il server", sia con IE7 che con Mozilla..
posso risolvere in qualche modo o devo fare il ripristino della configurazione a prima di Combofix? e sopratutto, se faccio il ripristino, mi ritornano i problemi che Combofix aveva eliminato?..quali altri tools posso provare?
Grazie mille, Marco
Top
Profilo Invia messaggio privato
Luko
Dio maturo
Dio maturo


Registrato: 07/05/09 12:35
Messaggi: 1001
MessaggioInviato: 25 Gen 2011 19:17    Oggetto: Re: problema connessione dopo Combofix per rimozione malware Rispondi citando
Ciao mspecos Ciao
combofix è un tool abbastanza... aggressivo Razz
Riesci a postare il log?

Comunque, questo dovrebbe risolvere i tuoi problemi di connessione:
Guida sui problemi di connessione dopo aver usato Combofix (bleepingcompute)
Top
Profilo Invia messaggio privato MSN
mspecos
Mortale devoto
Mortale devoto


Registrato: 19/10/07 18:19
Messaggi: 7
MessaggioInviato: 26 Gen 2011 16:48    Oggetto: Re: problema connessione dopo Combofix per rimozione malware Rispondi citando
Ciao e grazie della risposta, provo a postare qua il report di Combofix...non riesco neanche a fare il ripristino della configurazione.

ComboFix 11-01-23.07 - Spector 24/01/2011 23.40.25.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.512.258 [GMT 1:00]
Eseguito da: c:\documents and settings\Spector\desktop\abc.exe
Opzioni usate :: /killall
AV: Ashampoo Anti-MalWare *Disabled/Outdated* {91BDFB4E-BA7E-4ABC-9472-A79BA394CA4B}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Spector\Dati applicazioni\drivers\downld
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\100578.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\103921.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\104453.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\104796.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\107296.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\107625.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\108234.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\108593.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\109609.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\110359.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\111078.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\111890.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\113140.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\114015.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\115359.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\115859.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\116312.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\116640.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\117375.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\117703.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\118343.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\118890.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\119375.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\119750.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\126796.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\127453.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\128000.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\128484.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\128859.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\129640.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\130000.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\130562.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\131093.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\131625.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\132015.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\135000.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\136234.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\137296.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\139234.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\139765.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\140312.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\141156.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\145453.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\146031.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\146375.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\146750.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\147109.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\147484.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\147890.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\148218.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\149765.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\150046.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\150578.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\151125.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\151671.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\152234.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\153296.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\153906.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\154640.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\162796.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\163296.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\163578.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\164234.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\164593.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\165015.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\165375.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\167000.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\168578.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\169984.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\170359.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\171406.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\173437.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\174468.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\93203.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\94062.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\94546.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\95046.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\downld\95359.exe
c:\documents and settings\Spector\Dati applicazioni\drivers\winupgro.exe
c:\documents and settings\Spector\Dati applicazioni\m
c:\documents and settings\Spector\Dati applicazioni\m\data.oct
c:\documents and settings\Spector\Dati applicazioni\m\flec006.exe
c:\documents and settings\Spector\Dati applicazioni\m\list.oct
c:\documents and settings\Spector\Dati applicazioni\m\shared\3D Combine 2.9.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\3DField 2.01.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\AceFTP v3.01 by MP2K.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\All Amond Software Products v1.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Another Notepad v1.33.32 Crack.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Aplus Video To Zune Converter 8.86.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\AuctionAssistant Pro v1.21.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Axara Video Converter v3.2.8 by Parag.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\BatchPhoto Pro v2.1 Serial.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\BENTLEY Powerdraft v8.05.01.25 by SoS.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\BlackJack Challenge v2.2 for PalmOS.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Breaking News 1.0.0.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\CaptureWizPro v1.2.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\CASE Studio 2 LITE 2.25.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Caterpillar 1.3.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Cleopie v1.3 French Working.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\CoCSoft Stream Down v2.3 by FFF.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Command & Conquer Red Alert 3 v1.03 +2 TRAINER Updated from 08.11.2008.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Cool CD Burner 2.13.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Crazy Talk v3.1 by PC.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Cross Plus A v6.06 MULTILINGUAL WinALL Incl Keymaker by Core.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\CUBE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Dekart Terminal Logon 1.02.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Durak Retail JAVA 352x416 by RLYEH.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\DVD-Ranger 2.7.9.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Easy Audio CD Burner 2.4.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\EzSVCS 1.5.0.czip
c:\documents and settings\Spector\Dati applicazioni\m\shared\F-Recovery for MultiMediaCard 1.8.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Floppy Zip Disk Rescue v1.1.0.0 by AT4RE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Ford Racing 3 Multilanguage.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Freedom Force v1.2 [ENGLISH] No-CD Fixed EXE 1.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Genie Backup Manager Pro v5.0 WinALL Keygen Only FIXED by ECLiPSE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Gogo DVD To Ipod Converter 1.3.8.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Heroes of Might and Magic V v1.41 (v1.041) [MULTI] No-DVD Fixed EXE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Hot DVD to PSP Converter 2.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\HyCD Data 3.1.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Insubunkai Tasukigake 1.0J for Mac (Serial).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Internet Cleanup 2.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Kaspersky Anti-Virus AVP Personal Pro v3.5.x.x by ReaLIsTy.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Keylogger Killer 1.5 patch.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Kingdia CD Extractor v1.1.14 by BLiZZARD.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Kontakt Player Gold 1.0 for Mac.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\LockwoodTech ProcBlaster 2.31.125 (Serial).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Mediafour MacDrive 5 (Serial).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Memory Booster Gold v6.1.1 by AT4RE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\NetMedic 1.2.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Notation Composer 2.5.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Palm Heroes v1.02 Retail Russian for PocketPC by TSRh.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\PCBugDoctor v1.0.0.4 by Rif.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\PHP Designer 7.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Power Video Karaoke 1.2.13.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\PrimaSoft Inventory Organizer Deluxe 1.7 Serial by Eminence.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Quest Spotlight on Oracle EBusiness Suite v3.1 by BLACKSTAR.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Redact-It Desktop 1.1.0.6.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\RegHance v2.101(2.1.1.9).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\River Past Video Slice v4.5.2.50802 by BRD.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\RM Audio Converter Joiner 4.1.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Rome Total War ALL ACCESS CHEAT.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Roulette Crack 1.0.3 build 150.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\SBNews News Robot 7.7.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\SpectrumWorx.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\SpongeBob Squarepants 3D Obstacle Odyssey v1.0 Cracked by TNT.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\TextToMS v1.23 by EViDENCE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\The Dark Legions v1.0 +5 TRAINER.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\TSOfficePool - Auto Racing 6.2.7 keygen.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Ultra MP4 Video Converter 3.2.0517 WinALL by NoPE.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\VCD Converter 3.0.0.0 crack.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Vinca CoStandby Server 4.1 (Serial).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Webmaster Toolkit 1.0.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\WinConverter v1.61 by RP2K.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\WinMount v2.1.7.zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\XPlite and 2000lite Professional GOLD 1.0 (Serial).zip
c:\documents and settings\Spector\Dati applicazioni\m\shared\Zero Popup Pro v8.0 Incl Keygen by ORiON.zip
c:\documents and settings\Spector\Dati applicazioni\m\srvlist.oct
c:\documents and settings\Spector\Dati applicazioni\Mozilla\Firefox\Profiles\zoo0iizy.default\searchplugins\SearchquWebSearch.xml
c:\documents and settings\Spector\Dati applicazioni\OfferBox
c:\documents and settings\Spector\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\Spector\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Spector\Menu Avvio\Programmi\P2Pcontrol
c:\documents and settings\Spector\Menu Avvio\Programmi\P2Pcontrol\Claim money.lnk
c:\documents and settings\Spector\Menu Avvio\Programmi\P2Pcontrol\P2Pcontrol website.lnk
c:\documents and settings\Spector\Menu Avvio\Programmi\P2Pcontrol\Uninstall.lnk
c:\programmi\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
c:\programmi\OfferBox
c:\programmi\OfferBox\OfferBoxBHO.dll
c:\programmi\P2Pcontrol
c:\programmi\P2Pcontrol\data
c:\programmi\P2Pcontrol\P2Pcontrol.url
c:\programmi\P2Pcontrol\P2Pcontrol_claim.url
c:\programmi\P2Pcontrol\tservice
c:\programmi\P2Pcontrol\uninst.exe
c:\recycled\Recycled
c:\windows\mdelk.exe
c:\windows\system32\drivers\csrss.exe
c:\windows\system32\drivers\cygwin1.dll
c:\windows\system32\drivers\ESQULtnkmoymhxvhpyvbqaaeepxepbfpumsqf.sys
c:\windows\system32\drivers\reg.exe
c:\windows\system32\drivers\smss.exe
c:\windows\system32\ESQULbotpxbpxiwwbyuspqjxvioqpwabfskof.dll
c:\windows\system32\ESQULjtipdeguoyutrxnfbpfmeanpanvpwvdi.dll
c:\windows\system32\ESQULzxspectrum
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
c:\windows\Tasks\chbvaorp.job
c:\windows\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
-------\Service_srosa
-------\Service_ESQULserv.sys


((((((((((((((((((((((((( Files Creati Da 2010-12-24 al 2011-01-24 )))))))))))))))))))))))))))))))))))
.

2011-01-24 22:55 . 2011-01-24 22:55 -------- d-----w- c:\documents and settings\Spector\Impostazioni locali\Dati applicazioni\Ashampoo
2011-01-24 21:17 . 2011-01-24 21:17 -------- d-----w- c:\documents and settings\Spector\DoctorWeb
2011-01-24 20:36 . 2011-01-24 20:36 -------- d-----w- c:\programmi\Ashampoo
2011-01-24 19:48 . 2011-01-24 19:48 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZZZ..Z.ZZZZ
2011-01-22 18:30 . 2011-01-24 22:49 -------- d--h--w- c:\documents and settings\Spector\Dati applicazioni\drivers
2011-01-22 18:25 . 2011-01-22 18:25 42 ----a-w- c:\documents and settings\Spector\Impostazioni locali\Dati applicazioni\GLFCF.tmp
2011-01-22 18:25 . 2011-01-22 18:25 36 ----a-w- c:\documents and settings\Spector\Impostazioni locali\Dati applicazioni\GLFD0.tmp
2011-01-19 22:46 . 2011-01-19 22:46 -------- d-----w- c:\documents and settings\Spector\Dati applicazioni\Bandoo
2011-01-19 21:58 . 2011-01-19 21:58 -------- d-----w- c:\programmi\icons
2011-01-19 21:57 . 2011-01-19 21:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Bandoo
2011-01-19 21:55 . 2011-01-19 21:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Fun4IM
2011-01-19 21:54 . 2011-01-22 18:26 -------- d-----w- c:\programmi\Fun4IM
2011-01-19 21:36 . 2011-01-22 18:41 -------- d-----w- C:\Malwaree
2011-01-19 20:04 . 2011-01-19 20:04 7734208 ----a-w- c:\programmi\mbam-setup-1.50.1.1100(2).exe
2011-01-19 20:04 . 2011-01-19 20:05 7734208 ----a-w- c:\programmi\mbam-setup-1.50.1.1100.exe
2011-01-14 12:22 . 2011-01-20 06:37 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-01-13 15:19 . 2011-01-19 20:03 304984 ----a-w- c:\programmi\SoftonicDownloader_per_malwarebytes-anti-malware.exe
2011-01-13 15:18 . 2011-01-13 15:18 293168 ----a-w- c:\programmi\SoftonicDownloader_per_unlocker.exe
2010-12-26 17:24 . 2011-01-13 18:52 -------- d-----w- c:\programmi\eMule

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-25 13:38 . 2010-11-25 13:38 4182178 ----a-w- c:\programmi\Avisynth_258.exe
2010-11-07 20:20 . 2010-11-07 20:20 293192 ----a-w- c:\programmi\SoftonicDownloader_per_microsoft-silverlight.exe
2010-10-26 12:21 . 2010-10-26 12:14 155542016 ----a-w- c:\programmi\3.2.1_Win32Intel_install_wJRE_it-s.exe
2010-05-23 10:59 . 2010-05-23 10:59 3389035 ----a-w- c:\programmi\eMule0.50a-Installer.exe
2010-03-08 19:17 . 2010-03-08 19:17 3396856 ----a-w- c:\programmi\ccsetup229.exe
2010-02-03 19:51 . 2010-02-03 19:50 23804080 ----a-w- c:\programmi\DivXInstaller.exe
2010-01-20 16:56 . 2010-01-20 16:56 421346 ----a-w- c:\programmi\Lame_v3.98.2_for_Audacity_on_Windows.exe
2010-01-20 16:35 . 2010-01-20 16:35 2228534 ----a-w- c:\programmi\audacity-win-1.2.6.exe
2009-12-27 11:44 . 2009-12-27 11:39 93234472 ----a-w- c:\programmi\iTunesSetup.exe
2009-10-26 22:46 . 2009-01-12 20:07 32441648 -c--a-w- c:\programmi\QuickTimeInstaller.exe
2009-10-18 17:20 . 2009-10-18 17:19 2686708 -c--a-w- c:\programmi\ir0431_unicode.exe
2009-10-18 17:05 . 2009-10-18 17:05 0 -c--a-w- c:\programmi\dotnetfx35setup.exe
2009-09-19 17:22 . 2009-09-19 17:22 4938616 ----a-w- c:\programmi\Silverlight.exe
2009-08-25 16:13 . 2009-08-25 16:13 685988 -c--a-w- c:\programmi\isw2.exe
2009-08-25 12:13 . 2009-08-25 12:13 5295360 -c--a-w- c:\programmi\FoxitReader31_enu_Setup_0824.exe
2009-08-12 09:26 . 2009-08-12 09:26 32347528 -c--a-w- c:\programmi\avira_antivir_personal_it.exe
2009-08-12 09:14 . 2009-08-12 09:14 2951802 -c--a-w- c:\programmi\EClea2_0.exe
2009-08-11 13:41 . 2009-08-26 11:57 661864 ----a-w- c:\programmi\autoruns.exe
2009-08-11 13:41 . 2009-08-26 11:57 553832 ----a-w- c:\programmi\autorunsc.exe
2009-07-20 12:18 . 2009-07-20 12:17 34543112 -c--a-w- c:\programmi\Ad-AwareAE.exe
2009-07-06 12:04 . 2009-07-06 12:03 7932720 -c--a-w- c:\programmi\Firefox Setup 3.5.exe
2009-07-05 21:21 . 2009-07-05 21:20 475328 -c--a-w- c:\programmi\GalaPlayer-1.4.0.0-setup.exe
2009-07-05 19:06 . 2009-07-05 19:06 2130785 -c--a-w- c:\programmi\installer_adobe_flash_player_(firefox,_mozilla,_netscape_&_opera)_10_0_22_87_Italiano_Italian.exe
2009-06-01 16:58 . 2009-06-01 16:49 52861846 -c--a-w- c:\programmi\PictureCollageMakerPro.exe
2009-05-29 12:07 . 2009-08-26 11:52 1402624 -c--a-w- c:\programmi\RunScanner.exe
2009-05-27 10:58 . 2009-05-27 10:58 3342809 -c--a-w- c:\programmi\eMule0.49c-Installer.exe
2009-03-25 12:52 . 2009-03-26 12:58 4409491 ----a-w- c:\programmi\cdbxp_setup_4.2.7.1801.exe
2009-03-25 12:49 . 2009-03-26 12:58 18030130 -c--a-w- c:\programmi\vlc-1.0.3-win32.exe
2009-03-24 18:52 . 2009-03-24 18:50 7342424 -c--a-w- c:\programmi\Firefox Setup 3.0.7(2).exe
2009-02-02 21:20 . 2009-02-02 21:20 2133036 -c--a-w- c:\programmi\Web-MediaPlayer_setup.exe
2009-01-14 23:07 . 2009-01-14 23:07 678064 ----a-w- c:\programmi\CDRecoveryToolboxFreeSetup.exe
2009-01-12 20:23 . 2009-01-12 20:23 357936 -c--a-w- c:\programmi\RealPlayer11GOLD_it.exe
2009-01-09 06:47 . 2009-01-09 06:47 1159496 -c--a-w- c:\programmi\wlsetup-custom.exe
2009-01-08 17:45 . 2009-01-08 17:45 1851544 -c--a-w- c:\programmi\install_flash_player.exe
2009-01-08 13:34 . 2009-01-08 13:34 5951915 ----a-w- c:\programmi\allok_movconverter.exe
2009-01-08 06:50 . 2009-01-08 06:50 14718496 -c--a-w- c:\programmi\IE7-WindowsXP-x86-ita.exe
2009-01-08 06:48 . 2009-01-08 06:48 7339496 -c--a-w- c:\programmi\Mozilla Firefox Setup 3.0.5.exe
2009-01-07 23:53 . 2009-01-07 23:53 18216448 -c--a-w- c:\programmi\vlc-0.9.8a-win32-IT-soft.exe
2009-01-07 18:17 . 2009-01-07 18:16 1296984 -c--a-w- c:\programmi\Winrar380it.exe
2009-01-07 18:08 . 2009-01-07 18:08 25792160 ----a-w- c:\programmi\OutpostProInstall-Firewall.exe
2009-01-07 17:56 . 2009-01-07 17:56 3231826 -c--a-w- c:\programmi\eMule0.49b.exe
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 01D5EAAFF224415A7FF513E4C882BE30 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\8dab4f2c899f11c2863dff51dfb836e7\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Watch"="c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-21 520024]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2011-01-24 319488]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-08-10 421888]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Ashampoo Anti-Malware Guard"="c:\programmi\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" [2010-08-26 3314176]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\Spector\Menu Avvio\Programmi\Esecuzione automatica\AutorunsDisabled
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\AutorunsDisabled
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-1-7 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-03 17:36 10520 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Fun4IM\BndHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Spector^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
path=c:\documents and settings\Spector\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Spector^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Spector\Menu Avvio\Programmi\Esecuzione automatica\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-19 13:39 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\the bone download 1]
2011-01-24 22:28 719872 ----a-w- c:\documents and settings\All Users\Dati applicazioni\axis wait the bone\Part More.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-06-25 11:38 202256 ----a-w- c:\programmi\File comuni\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Programmi\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-03-26 691696]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [x]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [x]
R2 gupdate1caa50afad763da;Servizio di Google Update (gupdate1caa50afad763da);c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-03 133104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [2011-01-24 1028432]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-07-27 64160]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-02-03 325128]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-02-03 107272]
S2 AAMW_WSC_Service_XP;Ashampoo Anti-Malware WSC Service;c:\programmi\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_XP.exe [2010-03-01 53248]
S2 AAMWService;Ashampoo Anti-Malware Service;c:\programmi\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [2010-08-30 1309528]
S2 Fun4IM Coordinator;Fun4IM Coordinator;c:\progra~1\Fun4IM\Bandoo.exe [2010-11-19 1942416]
S3 AAMWRegFilter;AAMWRegFilter;c:\programmi\Ashampoo\Ashampoo Anti-Malware\AAMW_Regfilter32.sys [2010-01-20 18584]
S3 ASW3Scan;ASW3Scan;c:\programmi\Ashampoo\Ashampoo Anti-Malware\AAMW_IFS32.sys [2010-06-16 17816]


--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - AAMWREGFILTER
*NewlyCreated* - ASW3SCAN
.
Contenuto della cartella 'Scheduled Tasks'

2011-01-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:26]

2011-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-03 19:56]

2011-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-03 19:56]

2011-01-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-299502267-682003330-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2011-01-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-299502267-682003330-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2011-01-24 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-09 20:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {ED855B89-1DC5-4424-B52E-FE1A7EDE4CB8} = 151.99.125.2,151.99.125.3
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Spector\Dati applicazioni\Mozilla\Firefox\Profiles\zoo0iizy.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - www.google.it
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=403&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Notify-byXPJBQG - byXPJBQG.dll
AddRemove-P2Pcontrol - c:\programmi\P2Pcontrol\uninst.exe
AddRemove-SAMSUNG CDMA Modem - c:\windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
AddRemove-defydvdwave - c:\docume~1\Spector\DATIAP~1\OPENDE~1\Send Download Road.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-24 23:54
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ESQULserv.sys]
"imagepath"="\systemroot\system32\drivers\ESQULtnkmoymhxvhpyvbqaaeepxepbfpumsqf.sys"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ESQULserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=expand:"\\systemroot\\system32\\drivers\\ESQULtnkmoymhxvhpyvbqaaeepxepbfpumsqf.sys"
"group"="file system"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3096)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Ora fine scansione: 2011-01-25 00:09:13 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-01-24 23:09

Pre-Run: 25.887.133.696 byte disponibili
Post-Run: 25.826.414.592 byte disponibili

- - End Of File - - 3F629EFAB10F2423A14AC4F8C1FF29E8
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 27 Gen 2011 19:47    Oggetto: Rispondi
Ciao.
Il pc, ha un'infezione da Beagle. (e non solo)
Prova a seguire le indicazioni di questa guida:
http://forum.zeusnews.com/viewtopic.php?t=42446&sid=22248796cbb2258849c993cf230add41
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi