Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Problemi in mod provvisoria e msn che non si installa
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
johondok
Comune mortale
Comune mortale


Registrato: 25/02/08 15:46
Messaggi: 3

MessaggioInviato: 25 Feb 2008 15:57    Oggetto: Problemi in mod provvisoria e msn che non si installa Rispondi citando

Buon giorno Smile
Da qualche giorno a questa parte non riesco a riavviare il mio pc in mod provvisoria.
Dopo aver selezionato "mod provvisoria" carica i vari driver e poi la schermata resta nera.

è ormai un mese che tento di installare Windows Live Messenger e mi da sempre lo stesso errore:
Impossibile avviare l' applicazione specificata. La configurazione dell' applicazione non è corretta. Una nuova installazione del programma potrebbe risolvere il problema.

Ecco un log di HJK

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15.57.13, on 25/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Giuseppe\Desktop\Luca\HiJackThis_v2.exe

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://valucciastar88.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 2313 bytes


Ed uno di Combofix:

ComboFix 08-02-25.3 - Giuseppe 2008-02-25 14.41.22.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.71 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Giuseppe\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\dfdsszlqx.dat
C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\dfdsszlqx_nav.dat
C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\dfdsszlqx_navps.dat
C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\kgjorhkhkp.dat
C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\kgjorhkhkp_nav.dat
C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\kgjorhkhkp_navps.dat
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\dbxDgrevCheck.dll
C:\WINDOWS\system32\nsinet.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_FMTR


((((((((((((((((((((((((( Files Creati Da 2008-01-25 al 2008-02-25 )))))))))))))))))))))))))))))))))))
.

2008-02-25 13:00 . 2008-02-25 13:03 <DIR> d-------- C:\WINDOWS\system32\it-it
2008-02-25 12:50 . 2008-02-25 13:20 <DIR> d-------- C:\Programmi\MSN Messenger
2008-02-23 21:41 . 2008-02-23 21:44 2,504,160 --a------ C:\WINDOWS\dbplugin.ocx
2008-02-23 21:41 . 2008-02-23 21:44 2,347,008 --a------ C:\WINDOWS\npdbplug.dll
2008-02-23 21:41 . 2008-02-23 21:41 988,128 --a------ C:\WINDOWS\dbplugin.exe
2008-02-23 21:41 . 2008-02-23 21:44 356,352 --a------ C:\WINDOWS\eSellerateEngine.dll
2008-02-23 21:41 . 2008-02-23 21:44 172,112 --a------ C:\WINDOWS\system32\DNLEng.dll
2008-02-23 21:41 . 2008-02-23 21:41 143,360 --a------ C:\WINDOWS\picn1120.dll
2008-02-23 21:41 . 2008-02-23 21:41 143,360 --a------ C:\WINDOWS\picn1020.dll
2008-02-23 21:41 . 2008-02-23 21:44 31,984 --a------ C:\WINDOWS\dbrmdwb.exe
2008-02-23 21:41 . 2008-02-23 21:44 633 --a------ C:\WINDOWS\npdbplug.xpt
2008-02-23 21:41 . 2008-02-23 21:44 26 --a------ C:\WINDOWS\dbrmdwb.bat
2008-02-23 13:17 . 2008-02-25 13:05 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-23 13:15 . 2007-05-17 12:29 549,376 --a------ C:\WINDOWS\system32\oleaut32.dll
2008-02-23 12:46 . 2008-02-23 12:46 16 --a------ C:\WINDOWS\system32\coh.cache
2008-02-23 12:45 . 2008-02-23 12:45 <DIR> d--h----- C:\WINDOWS\PIF
2008-02-23 12:06 . 2008-02-25 13:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2008-02-23 12:05 . 2008-02-25 13:11 <DIR> d-------- C:\Programmi\File comuni\Symantec Shared
2008-02-23 11:08 . 2008-02-23 11:51 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-02-15 19:48 . 2008-02-15 19:58 160 --a------ C:\WINDOWS\mafosav.INI
2008-02-15 19:24 . 2008-02-15 19:24 171,520 --a------ C:\WINDOWS\system32\cncs32.dll
2008-02-15 19:24 . 2008-02-15 19:24 18 --a------ C:\WINDOWS\gfact.ini
2008-02-11 20:53 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-11 20:52 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-11 20:52 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-11 20:52 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-11 20:52 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-11 20:52 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-11 20:52 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-11 20:52 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-09 14:26 . 2008-02-13 12:38 <DIR> d-------- C:\Programmi\LimeWire
2008-02-07 12:05 . 2008-02-07 12:05 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\Talkback
2008-02-07 12:05 . 2008-02-07 12:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-07 11:47 . 2008-02-07 11:47 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\MSN6
2008-02-06 18:56 . 2008-02-06 18:56 <DIR> d-------- C:\Programmi\Alwil Software
2008-02-06 18:51 . 2008-02-06 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Avg7
2008-02-06 18:24 . 2008-02-06 18:25 <DIR> d-------- C:\Programmi\CCleaner
2008-02-04 15:32 . 2008-02-04 15:32 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\Apple Computer
2008-02-04 15:27 . 2008-02-04 15:55 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2008-02-02 21:08 . 2008-02-02 21:08 <DIR> d-------- C:\WINDOWS\Sun
2008-01-31 14:03 . 2008-01-31 14:05 <DIR> d-------- C:\Documents and Settings\tina\Dati applicazioni\LimeWire
2008-01-31 13:43 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-31 13:40 . 2008-01-31 13:43 <DIR> d-------- C:\Programmi\Java
2008-01-31 13:39 . 2008-01-31 13:39 <DIR> d-------- C:\Programmi\File comuni\Java
2008-01-28 16:30 . 2007-11-24 11:44 <DIR> d--h----- C:\Documents and Settings\tina\Risorse di stampa
2008-01-28 16:30 . 2007-11-24 11:44 <DIR> d--h----- C:\Documents and Settings\tina\Risorse di rete
2008-01-28 16:30 . 2008-01-28 16:31 <DIR> dr------- C:\Documents and Settings\tina\Preferiti
2008-01-28 16:30 . 2007-11-24 11:55 <DIR> d--h----- C:\Documents and Settings\tina\Modelli
2008-01-28 16:30 . 2007-11-24 11:44 <DIR> dr------- C:\Documents and Settings\tina\Menu Avvio
2008-01-28 16:30 . 2007-12-10 13:20 <DIR> d--h----- C:\Documents and Settings\tina\Impostazioni locali
2008-01-28 16:30 . 2008-01-28 16:31 <DIR> dr------- C:\Documents and Settings\tina\Documenti
2008-01-28 16:30 . 2008-02-06 18:49 <DIR> d--h----- C:\Documents and Settings\tina\Dati applicazioni
2008-01-28 13:42 . 2008-02-23 12:31 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\LimeWire
2008-01-25 13:47 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 11:42 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-02-21 18:50 --------- d-----w C:\Programmi\Google
2008-01-28 12:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CITY 64 CURB STORE
2008-01-24 19:59 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\MSN6
2008-01-24 03:01 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-01-23 21:15 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-01-23 21:02 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-01-23 20:40 --------- d-----w C:\Programmi\Lavasoft
2008-01-23 20:20 --------- d-----w C:\Programmi\RegCleaner
2008-01-23 19:17 --------- d-----w C:\Programmi\HP
2008-01-23 14:45 --------- d-----w C:\Programmi\CDROMSURFAMEN
2008-01-09 15:49 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WEBREG
2008-01-09 15:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\HP
2008-01-09 15:43 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\HP Product Assistant
2008-01-09 15:40 --------- d-----w C:\Programmi\File comuni\HP
2008-01-09 15:38 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Hewlett-Packard
2008-01-08 13:18 --------- d-----w C:\Programmi\File comuni\Adobe
2008-01-06 17:23 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\Leadertech
2008-01-06 17:14 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\AdobeUM
2008-01-06 17:14 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\AdobeAUM
2007-12-26 20:58 60,416 ----a-w C:\WINDOWS\system32\drivers\^plipjuf.sys
2007-12-07 15:34 675,840 ----a-w C:\WINDOWS\is-8OFPP.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2006-07-29 19:33 5354792]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]
appsecdll REG_EXPAND_SZ C:\WINDOWS\system32\AppCert\wsil32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\msncall.exe"=

S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\E.tmp []
S4 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 22:40]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contenuto della cartella 'Scheduled Tasks'
"2008-02-25 13:00:00 C:\WINDOWS\Tasks\A9A7EA3C918C61A4.job"
- c:\docume~1\vale\datiap~1\cdroms~1\scr bin size.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 14:45:34
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2008-02-25 14:48:04 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-25 13:48:00
.
2008-02-23 12:35:52 --- E O F ---



Per sbaglio ho messo Norton, l' ho disinstallato ma questo non se ne va:

O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

Grazie e buona giornata Smile
Top
Profilo Invia messaggio privato
ste_95
Dio maturo
Dio maturo


Registrato: 03/08/07 13:41
Messaggi: 1920
Residenza: Italy

MessaggioInviato: 25 Feb 2008 18:19    Oggetto: Rispondi citando

Disabilita il Ripristino Configurazione di Sistema.

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il flag su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Codice:
Files to delete:
C:\WINDOWS\system32\drivers\^plipjuf.sys
C:\WINDOWS\system32\AppCert\wsil32.dll
C:\WINDOWS\Tasks\A9A7EA3C918C61A4.job

Folders to delete:
C:\docume~1\vale\datiap~1\cdroms~1


Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.
Top
Profilo Invia messaggio privato HomePage
johondok
Comune mortale
Comune mortale


Registrato: 25/02/08 15:46
Messaggi: 3

MessaggioInviato: 03 Mar 2008 21:31    Oggetto: Rispondi citando

Scusa il ritardo ^^'
Ecco qua Razz

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\system32\drivers\^plipjuf.sys" deleted successfully.

Error: file "C:\WINDOWS\system32\AppCert\wsil32.dll" not found!
Deletion of file "C:\WINDOWS\system32\AppCert\wsil32.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\Tasks\A9A7EA3C918C61A4.job" not found!
Deletion of file "C:\WINDOWS\Tasks\A9A7EA3C918C61A4.job" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Folder "C:\docume~1\vale\datiap~1\cdroms~1" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



Ma non riesco ancora ad installare live msn Sad

Ciao e grazie Very Happy

Edit: al posto di google ora mi apre http://www.google.it/ig?hl=it cos'è?
Top
Profilo Invia messaggio privato
ste_95
Dio maturo
Dio maturo


Registrato: 03/08/07 13:41
Messaggi: 1920
Residenza: Italy

MessaggioInviato: 04 Mar 2008 07:41    Oggetto: Rispondi citando

Posta ancora un nuovo log di ComboFix.

Citazione:
Edit: al posto di google ora mi apre http://www.google.it/ig?hl=it cos'è?

E' una versione più "vivace" di Google, puoi tornare facilmente alla precedente cliccando in alto a destra su "Home page classica".
Top
Profilo Invia messaggio privato HomePage
johondok
Comune mortale
Comune mortale


Registrato: 25/02/08 15:46
Messaggi: 3

MessaggioInviato: 04 Mar 2008 15:15    Oggetto: Rispondi citando

ComboFix 08-03-04.2 - Giuseppe 2008-03-04 15.10.20.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.93 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Giuseppe\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\appcert

.
((((((((((((((((((((((((( Files Creati Da 2008-02-04 al 2008-03-04 )))))))))))))))))))))))))))))))))))
.

2008-03-04 15:02 . 2008-03-04 15:03 <DIR> d-------- C:\Programmi\Microsoft Silverlight
2008-03-04 14:49 . 2008-03-04 14:54 <DIR> d-------- C:\Programmi\MSN Messenger
2008-03-04 14:37 . 2008-03-04 14:37 <DIR> d-------- C:\Programmi\Windows Live
2008-03-03 21:44 . 2008-03-04 14:58 <DIR> d-------- C:\WINDOWS\LastGood
2008-03-03 20:37 . 2008-03-03 20:37 <DIR> d-------- C:\Downloaded Videos
2008-03-03 20:28 . 2007-06-11 22:04 2,267,368 --a------ C:\WINDOWS\system32\Flash.ocx
2008-03-03 20:28 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2008-03-03 20:28 . 2000-12-05 23:00 109,248 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-03-03 20:28 . 2000-07-15 05:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2008-02-29 21:17 . 2008-02-29 21:17 <DIR> d-------- C:\Programmi\CDROMSURFAMEN
2008-02-29 17:18 . 2008-02-29 21:11 <DIR> d-------- C:\Programmi\Windows Live(2)
2008-02-29 13:47 . 2008-03-01 11:48 <DIR> d-------- C:\Programmi\Incomplete
2008-02-25 17:19 . 2008-02-29 21:17 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\CDROMSURFAMEN
2008-02-25 16:38 . 2008-03-03 21:47 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-02-25 13:00 . 2008-02-25 13:03 <DIR> d-------- C:\WINDOWS\system32\it-it
2008-02-23 21:41 . 2008-02-23 21:44 2,504,160 --a------ C:\WINDOWS\dbplugin.ocx
2008-02-23 21:41 . 2008-02-23 21:44 2,347,008 --a------ C:\WINDOWS\npdbplug.dll
2008-02-23 21:41 . 2008-02-23 21:41 988,128 --a------ C:\WINDOWS\dbplugin.exe
2008-02-23 21:41 . 2008-02-23 21:44 356,352 --a------ C:\WINDOWS\eSellerateEngine.dll
2008-02-23 21:41 . 2008-02-23 21:44 172,112 --a------ C:\WINDOWS\system32\DNLEng.dll
2008-02-23 21:41 . 2008-02-23 21:41 143,360 --a------ C:\WINDOWS\picn1120.dll
2008-02-23 21:41 . 2008-02-23 21:41 143,360 --a------ C:\WINDOWS\picn1020.dll
2008-02-23 21:41 . 2008-02-23 21:44 31,984 --a------ C:\WINDOWS\dbrmdwb.exe
2008-02-23 21:41 . 2008-02-23 21:44 633 --a------ C:\WINDOWS\npdbplug.xpt
2008-02-23 21:41 . 2008-02-23 21:44 26 --a------ C:\WINDOWS\dbrmdwb.bat
2008-02-23 13:17 . 2008-02-29 21:02 1,917 --a------ C:\WINDOWS\imsins.BAK
2008-02-23 13:15 . 2007-05-17 12:29 549,376 --a------ C:\WINDOWS\system32\oleaut32.dll
2008-02-23 12:46 . 2008-02-23 12:46 16 --a------ C:\WINDOWS\system32\coh.cache
2008-02-23 12:45 . 2008-02-23 12:45 <DIR> d--h----- C:\WINDOWS\PIF
2008-02-23 12:06 . 2008-02-25 13:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2008-02-23 11:08 . 2008-02-23 11:51 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-02-15 19:48 . 2008-02-15 19:58 160 --a------ C:\WINDOWS\mafosav.INI
2008-02-15 19:24 . 2008-02-15 19:24 171,520 --a------ C:\WINDOWS\system32\cncs32.dll
2008-02-15 19:24 . 2008-02-15 19:24 18 --a------ C:\WINDOWS\gfact.ini
2008-02-11 20:53 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-11 20:52 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-11 20:52 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-11 20:52 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-11 20:52 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-11 20:52 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-11 20:52 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-11 20:52 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-09 14:26 . 2008-03-01 11:46 <DIR> d-------- C:\Programmi\LimeWire
2008-02-07 12:05 . 2008-02-07 12:05 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\Talkback
2008-02-07 12:05 . 2008-02-07 12:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-07 11:47 . 2008-02-07 11:47 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\MSN6
2008-02-06 18:56 . 2008-02-06 18:56 <DIR> d-------- C:\Programmi\Alwil Software
2008-02-06 18:51 . 2008-02-06 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Avg7
2008-02-06 18:24 . 2008-02-06 18:25 <DIR> d-------- C:\Programmi\CCleaner
2008-02-04 15:32 . 2008-02-04 15:32 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\Apple Computer
2008-02-04 15:27 . 2008-02-04 15:55 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 13:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-02-29 20:17 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CITY 64 CURB STORE
2008-02-26 06:10 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\LimeWire
2008-02-25 13:53 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-02-25 13:53 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-02-21 18:50 --------- d-----w C:\Programmi\Google
2008-01-31 13:05 --------- d-----w C:\Documents and Settings\tina\Dati applicazioni\LimeWire
2008-01-31 12:43 --------- d-----w C:\Programmi\Java
2008-01-31 12:39 --------- d-----w C:\Programmi\File comuni\Java
2008-01-24 19:59 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\MSN6
2008-01-23 21:02 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-01-23 20:40 --------- d-----w C:\Programmi\Lavasoft
2008-01-23 20:20 --------- d-----w C:\Programmi\RegCleaner
2008-01-23 19:17 --------- d-----w C:\Programmi\HP
2008-01-09 15:49 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WEBREG
2008-01-09 15:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\HP
2008-01-09 15:43 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\HP Product Assistant
2008-01-09 15:40 --------- d-----w C:\Programmi\File comuni\HP
2008-01-09 15:38 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Hewlett-Packard
2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2008-01-08 13:18 --------- d-----w C:\Programmi\File comuni\Adobe
2008-01-06 17:23 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\Leadertech
2008-01-06 17:14 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\AdobeUM
2008-01-06 17:14 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\AdobeAUM
2007-12-07 15:34 675,840 ----a-w C:\WINDOWS\is-8OFPP.exe
2007-12-07 02:04 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=

S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\E.tmp []
S4 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 22:40]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contenuto della cartella 'Scheduled Tasks'
"2008-03-04 14:00:00 C:\WINDOWS\Tasks\A451179791EE8E27.job"
- c:\docume~1\giuseppe\datiap~1\cdroms~1\scr bin size.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-04 15:12:46
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\E.tmp"
.
Ora fine scansione: 2008-03-04 15.13.39
ComboFix-quarantined-files.txt 2008-03-04 14:13:28
ComboFix2.txt 2008-02-25 13:48:05
.
2008-02-23 12:35:52 --- E O F ---


Grazie Smile
Top
Profilo Invia messaggio privato
ste_95
Dio maturo
Dio maturo


Registrato: 03/08/07 13:41
Messaggi: 1920
Residenza: Italy

MessaggioInviato: 04 Mar 2008 15:22    Oggetto: Rispondi

Il log sembra pulito.
Top
Profilo Invia messaggio privato HomePage
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi