Internet
LinkBack URLCiao a tutti.
questo è il mio primo post qui da voi.
Un caloroso saluto a tutti.
Ho un problema che mi perseguita da mesi; inspiegabilmene i browser smettono di caricare le pagine. Fin'ora ho risolto il problema eseguendo un restore della versione che funziona regolarmente.
Ho Avast come antivirus e Spyware Doctor (con licenza).
Ho fatto girare Kaspersky Virus removal tool senza successo.
Ho poi provato Combofix e automagicamente ha ripreso a funzionare l'HTTP, ma solo per una mezz'ora; poi stesso problema.
Questo è il log di ComboFix:e questo è il log di Hijackthis:Codice:ComboFix 12-02-13.01 - ASUS24 14/02/2012 8:37.4.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3327.1843 [GMT 1:00] Eseguito da: c:\users\ASUS24\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((( Files Creati Da 2012-01-14 al 2012-02-14 ))))))))))))))))))))))))))))))))))) . . 2012-02-14 07:54 . 2012-02-14 07:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-02-14 07:54 . 2012-02-14 07:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-13 20:58 . 2012-02-13 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-13 20:58 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-13 16:34 . 2012-02-13 16:34 388096 ----a-r- c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2012-02-13 16:34 . 2012-02-13 16:34 -------- d-----w- c:\program files\TrendMicro 2012-02-12 18:24 . 2011-07-29 12:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2012-02-12 18:24 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\system32\BootMan.exe 2012-02-12 18:24 . 2011-07-29 12:54 86408 ----a-w- c:\windows\system32\setupempdrv03.exe 2012-02-12 18:24 . 2011-07-29 12:54 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys 2012-02-12 18:24 . 2011-07-29 12:54 14216 ----a-w- c:\windows\system32\epmntdrv.sys 2012-02-11 14:49 . 2012-02-11 14:49 -------- d-----w- c:\users\ASUS24\AppData\Roaming\Yahoo! 2012-02-02 19:54 . 2012-02-02 19:54 601408 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-02-02 19:54 . 2012-02-02 19:54 83392 ----a-w- c:\windows\system32\drivers\vsflt53.sys 2012-02-02 19:03 . 2012-02-02 19:03 -------- d-----w- c:\users\ASUS24\AppData\Local\Software della webcam Logitech® 2012-02-02 18:56 . 2012-02-02 18:56 169088 ----a-w- c:\windows\system32\drivers\snman603.sys 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849 2012-02-02 17:23 . 2012-02-02 17:23 -------- d-----w- c:\program files\Evernote 2012-02-02 17:09 . 2012-02-02 17:09 -------- d-----w- c:\users\ASUS24\AppData\Local\Evernote 2012-02-02 17:07 . 2012-02-02 19:48 167 ----a-w- C:\user.js 2012-02-02 16:54 . 2012-02-02 16:54 766496 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2012-02-02 16:53 . 2012-02-02 16:53 77696 ----a-w- c:\windows\system32\drivers\fltsrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-02 18:56 . 2011-04-16 17:20 169088 ----a-w- c:\windows\system32\drivers\snapman.sys 2011-12-24 10:39 . 2011-05-26 06:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-21 16:35 . 2011-04-03 10:19 80488 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-12-19 10:32 . 2011-12-19 10:32 125472 ----a-w- c:\windows\system32\drivers\vididr.sys 2011-11-28 18:01 . 2011-04-24 05:53 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-04-24 05:53 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-04-24 05:54 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-04-24 05:54 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-04-24 05:54 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-04-24 05:54 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-04-24 05:54 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-04-24 05:54 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:25 . 2011-12-15 12:10 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-23 22:02 . 2011-11-23 22:02 491112 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-11-23 22:02 . 2011-11-23 22:02 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-07-09 19:42 . 2011-07-09 19:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFree.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\Freecorder\tbFree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFree.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-21 6276408] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-09 30192] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] . c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648] AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376] HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352] InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\WIF0E7~1\Datamngr\datamngr.dll c:\progra~1\WIF0E7~1\Datamngr\IEBHO.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk] backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 13:10 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] 2011-03-24 06:11 167936 ----a-w- c:\program files\Freecorder\FLVSrvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-04-01 19:36 136176 ----atw- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking] 2009-05-11 08:45 24576 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] 2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R2 Nexus Server;Nexus Server (Carbon Coder); [x] R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x] R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960] R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192] R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392] R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440] R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x] R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160] R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [2010-12-16 70536] R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-12-31 33552] R3 ThreatFire;ThreatFire;c:\program files\PC Tools Security\TFEngine\TFService.exe service [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400] S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392] S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-12-10 239168] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-12-31 51984] S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-12-31 69392] S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472] S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392] S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2011-01-17 251560] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128] S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776] S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456] S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160] S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456] S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488] S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416] S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274] S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544] S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112] S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc . Contenuto della cartella 'Scheduled Tasks' . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204 IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204 LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: Interfaces\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8 FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic) FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - user.js: extensions.softonic_i.dfltSrch - true FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.softonic_i.dnsErr - true FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc= FF - user.js: extensions.softonic_i.newTab - false FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999 FF - user.js: extensions.softonic_i.instlDay - 15372 FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48 FF - user.js: extensions.softonic_i.prtnrId - softonic FF - user.js: extensions.softonic_i.prdct - softonic FF - user.js: extensions.softonic_i.aflt - orgnl FF - user.js: extensions.softonic_i.smplGrp - eng7 FF - user.js: extensions.softonic_i.tlbrId - eng7 FF - user.js: extensions.softonic_i.instlRef - MON00001 FF - user.js: extensions.softonic_i.dfltLng - FF - user.js: extensions.softonic_i.excTlbr - false . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'Explorer.exe'(1392) c:\program files\TeamViewer\Version7\tv_w32.dll . Ora fine scansione: 2012-02-14 08:58:09 ComboFix-quarantined-files.txt 2012-02-14 07:58 ComboFix2.txt 2012-02-13 20:11 ComboFix3.txt 2012-02-13 18:38 ComboFix4.txt 2011-04-25 14:23 . Pre-Run: 64.166.551.552 byte disponibili Post-Run: 64.106.622.976 byte disponibili . - - End Of File - - 037A14489C3699075361D0CAF0EBD1D1
Codice:Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 09:07:21, on 14/02/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\Windows\system32\Dwm.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe C:\Program Files\InstantTimeZone\InstantTimeZone.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Windows\Explorer.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\ASUS24\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Servizio Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe O4 - Global Startup: HomeFreeQuick.lnk = C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe O4 - Global Startup: InstantTimeZone.lnk = C:\Program Files\InstantTimeZone\InstantTimeZone.exe O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O20 - AppInit_DLLs: C:\PROGRA~1\WIF0E7~1\Datamngr\datamngr.dll C:\PROGRA~1\WIF0E7~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Servizio Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVerNetDevice - AVerMedia Technologies, Inc. - C:\Program Files\Common Files\HomeFree\Service\AVerNetDevice.exe O23 - Service: AVerNetSchedule - Unknown owner - C:\Program Files\Common Files\HomeFree\Service\AVerNetSchedule.exe O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\PC Tools Security\TFEngine\TFService.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 11259 bytes
Che mi consigliate di fare?
Cordialità
Leo
Lista Utenti taggati
Risultati da 1 a 15 di 16
-
14-02-2012, 09:19 #1
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Help- Win7- Funziona tutto tranne il protocollo HTTP.
-
Stanco della Pubblicità? Registrati
-
14-02-2012, 13:20 #2
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Dopo aver ripulito il pc con Win XP pensiamo a quello in cui ha Windows 7;
continuamo qui:
http://www.tomshw.it/forum/sicurezza...si-blocca.html
-
14-02-2012, 21:55 #3
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
... che ne dite dei due log che ho postato?
Saluti
leo
-
14-02-2012, 22:09 #4
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Avvia Hijackthis , spunta e clicca sotto su Fix Checked le seguenti voci:
O20 - AppInit_DLLs: C:\PROGRA~1\WIF0E7~1\Datamngr\datamngr.dll C:\PROGRA~1\WIF0E7~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3. dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3. dll
O17 - HKLM\System\CS2\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.ex e" -quiet
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Scarica il file CFscript.txt che ti ho allegato e posizionalo sul desktop.
Trascina con il mouse il file CFscript.txt sull'icona di combofix (posizionata sul desktop obbligatoriamente)
Al riavvio posta un nuovo resoconto.Ultima modifica di tecnico24; 14-02-2012 alle 22:15
-
14-02-2012, 23:33 #5
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
... eccolo!
Anticipo che ora i Browser non aprono piu' le pagine HTML. Questo aggiornamento lo sto eseguendo dal notebook con XP.
Codice:ComboFix 12-02-13.01 - ASUS24 14/02/2012 22:56:11.5.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3327.1596 [GMT 1:00] Eseguito da: c:\users\ASUS24\Desktop\ComboFix.exe Opzioni usate :: c:\users\ASUS24\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . FILE :: "c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054" "c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849" . . ((((((((((((((((((((((((( Files Creati Da 2012-01-14 al 2012-02-14 ))))))))))))))))))))))))))))))))))) . . 2012-02-14 22:19 . 2012-02-14 22:19 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-02-14 22:15 . 2012-02-14 22:15 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-02-14 22:15 . 2012-02-14 22:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-14 21:43 . 2012-02-14 21:43 -------- d-----w- c:\program files\p-nand-q.com 2012-02-14 21:17 . 2012-02-14 21:17 388096 ----a-r- c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2012-02-13 20:58 . 2012-02-14 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-13 20:58 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-13 16:34 . 2012-02-13 16:34 -------- d-----w- c:\program files\TrendMicro 2012-02-12 18:24 . 2011-07-29 12:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2012-02-12 18:24 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\system32\BootMan.exe 2012-02-12 18:24 . 2011-07-29 12:54 86408 ----a-w- c:\windows\system32\setupempdrv03.exe 2012-02-12 18:24 . 2011-07-29 12:54 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys 2012-02-12 18:24 . 2011-07-29 12:54 14216 ----a-w- c:\windows\system32\epmntdrv.sys 2012-02-11 14:49 . 2012-02-11 14:49 -------- d-----w- c:\users\ASUS24\AppData\Roaming\Yahoo! 2012-02-02 19:54 . 2012-02-02 19:54 601408 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-02-02 19:54 . 2012-02-02 19:54 83392 ----a-w- c:\windows\system32\drivers\vsflt53.sys 2012-02-02 19:03 . 2012-02-02 19:03 -------- d-----w- c:\users\ASUS24\AppData\Local\Software della webcam Logitech® 2012-02-02 18:56 . 2012-02-02 18:56 169088 ----a-w- c:\windows\system32\drivers\snman603.sys 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849 2012-02-02 17:23 . 2012-02-02 17:23 -------- d-----w- c:\program files\Evernote 2012-02-02 17:09 . 2012-02-02 17:09 -------- d-----w- c:\users\ASUS24\AppData\Local\Evernote 2012-02-02 17:07 . 2012-02-02 19:48 167 ----a-w- C:\user.js 2012-02-02 16:54 . 2012-02-02 16:54 766496 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2012-02-02 16:53 . 2012-02-02 16:53 77696 ----a-w- c:\windows\system32\drivers\fltsrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-02 18:56 . 2011-04-16 17:20 169088 ----a-w- c:\windows\system32\drivers\snapman.sys 2011-12-24 10:39 . 2011-05-26 06:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-21 16:35 . 2011-04-03 10:19 80488 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-12-19 10:32 . 2011-12-19 10:32 125472 ----a-w- c:\windows\system32\drivers\vididr.sys 2011-11-28 18:01 . 2011-04-24 05:53 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-04-24 05:53 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-04-24 05:54 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-04-24 05:54 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-04-24 05:54 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-04-24 05:54 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-04-24 05:54 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-04-24 05:54 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:25 . 2011-12-15 12:10 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-23 22:02 . 2011-11-23 22:02 491112 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-11-23 22:02 . 2011-11-23 22:02 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-07-09 19:42 . 2011-07-09 19:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] . c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648] AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376] HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352] InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk] backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 13:10 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] 2011-03-24 06:11 167936 ----a-w- c:\program files\Freecorder\FLVSrvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-04-01 19:36 136176 ----atw- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking] 2009-05-11 08:45 24576 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] 2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe . R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R2 Nexus Server;Nexus Server (Carbon Coder); [x] R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x] R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960] R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192] R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392] R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440] R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x] R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160] R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400] S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392] S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696] S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472] S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392] S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128] S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776] S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456] S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160] S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456] S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488] S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416] S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274] S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544] S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112] S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc . Contenuto della cartella 'Scheduled Tasks' . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . 2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204 IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic) FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - user.js: extensions.softonic_i.dfltSrch - true FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.softonic_i.dnsErr - true FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc= FF - user.js: extensions.softonic_i.newTab - false FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999 FF - user.js: extensions.softonic_i.instlDay - 15372 FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48 FF - user.js: extensions.softonic_i.prtnrId - softonic FF - user.js: extensions.softonic_i.prdct - softonic FF - user.js: extensions.softonic_i.aflt - orgnl FF - user.js: extensions.softonic_i.smplGrp - eng7 FF - user.js: extensions.softonic_i.tlbrId - eng7 FF - user.js: extensions.softonic_i.instlRef - MON00001 FF - user.js: extensions.softonic_i.dfltLng - FF - user.js: extensions.softonic_i.excTlbr - false . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\AUDIODG.EXE c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\TeamViewer\Version7\TeamViewer.exe c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE c:\program files\TeamViewer\Version7\tv_w32.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Ora fine scansione: 2012-02-14 23:25:52 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2012-02-14 22:25 ComboFix2.txt 2012-02-14 07:58 ComboFix3.txt 2012-02-13 20:11 ComboFix4.txt 2012-02-13 18:38 ComboFix5.txt 2012-02-14 21:54 . Pre-Run: 64.289.189.888 byte disponibili Post-Run: 64.443.555.840 byte disponibili . - - End Of File - - A49D8B3C3B4470888A2CE27684D01E7D
-
15-02-2012, 00:15 #6
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Il problema si ripresenta ?
Avvia Hijackthis , dal main menu clicca su open the misc tools selections
Clicca su Open ADS SPY
Assicurati che sia tolta la spunta su Quick scan
Clicca su Start scan e attendi il termine della scansione
Quando ha finito clicca su Remove Selected
Apri il prompt dei comandi ( Start - nella casella di ricerca scrivi cmd - tasto destro e clicca su Esegui come Amministratore )
e digita in sequenza ciò seguito da invio:
netsh int ip reset C:\netsh.log.txt
netsh winsock reset
Riavvia il pc.
-
15-02-2012, 02:23 #7
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
... ho tolto il flag Quick scan e ho lasciato il flag su Ignore safe System info stream.
Lo scan ha mostrato qualche centinaia di voci. Non ne ho flaggato nessuno e ho cliccato su remove select.
Ho eseguito i due comandi netsh e riavviato.
Il browser non visualizza le pagine HTML con il messaggio : La pagina non è disponibile.
Ora il PC non va piu' in rete, .
Ho pensato di fare cosa gradita allegare il log di Hijackthis:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 02:09:21, on 15/02/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
C:\Program Files\InstantTimeZone\InstantTimeZone.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Evernote\Evernote\Evernote.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Servizio Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HomeFreeQuick.lnk = C:\Program Files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe
O4 - Global Startup: InstantTimeZone.lnk = C:\Program Files\InstantTimeZone\InstantTimeZone.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Servizio Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerNetDevice - AVerMedia Technologies, Inc. - C:\Program Files\Common Files\HomeFree\Service\AVerNetDevice.exe
O23 - Service: AVerNetSchedule - Unknown owner - C:\Program Files\Common Files\HomeFree\Service\AVerNetSchedule.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8688 bytes
---------- Post added at 02:23 ---------- Previous post was at 02:14 ----------
Per scrupolo sono andato a controllare le impostazioni della scheda di rete e tutti i valori erano a blank.
Ho reimpostato gli indirizzi IP ed ora le pagine HTML si aprono correttamente.
Sembra che tutto funzioni ... ora avvio MalwareBytes e gli faccio controllare il disco C: (160 GB utilizzato al 70%) e il disco D: (320 GB utilizzato al 80%) e vediamo domattina cosa ha trovato.
-
15-02-2012, 09:17 #8
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Ha trovato due malware nel disco D: Malware.Generic e RiskWare.Tool.CK e li ho cancellati.
Reboot.
Sembra che tutto funzioni OK.Ultima modifica di wirecut; 15-02-2012 alle 09:21
-
15-02-2012, 11:49 #9
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Ovviamente i comandi resettano il protocollo di rete TCP/IP e la sua configurazione : se hai il dhcp disabilitato è normale che tu debbia riempostare i valori a mano.
Il disco D:\ in questione non lo hai fatto analizzare , nei log era tutto inerente a C:\
-
15-02-2012, 11:58 #10
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Hai ragione, sorry.
Scusami, ma come faccio a settare l'analisi anche del disco D:?
-
15-02-2012, 12:02 #11
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Di quale software parli?
Malwarebytes ti permette di settarlo prima della scansione.
-
15-02-2012, 14:33 #12
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Per Malwarebytes ho effettuato lo scan su C:\ e D:\ e i file infetti erano su D:\
Come faccio a settare lo scan per D:\ su ComboFix?
-
15-02-2012, 14:38 #13
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Scaricalo e salvalo in D:\
Avvialo dalla partizione stessa -> tasto destro e click su Esegui come amministratore.
-
15-02-2012, 16:57 #14
- Data Registrazione
- 13-02-12
- Località
- Segrate - Milano
- Messaggi
- 19
- Specifiche del sistema
-
-
- CPU: Intel Pentium E2200 - Conroe 65nm
- Mainboard: ASUS P5QL/EPU (LGA775)
- RAM: 4GB DDR2 336 Mhz
- Hard Disk: C: Maxtor STM3160215AS - 160 GB D: WD WD3200AVJS
- Scheda Video: nVidia 256 MBQuadro NVS290
- Scheda Audio: VIA High Derfinition Audio
- Monitor: n°2 Samsung SyncMaster 940N
- Alimentatore: Scorpian - BT-52-MGAPB - 520 Watt
- Sistema Operativo: Windows 7 Ultimate 32 bit SP1
- Case: big tower
- Ringraziamenti / Mi Piace
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
... ecco il log del run sul disco D:
Codice:ComboFix 12-02-13.01 - ASUS24 15/02/2012 16:15:54.6.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3327.1959 [GMT 1:00] Eseguito da: D:\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\cseDVH.dll c:\windows\system32\zlibwapi.dll . La copia infetta di c:\windows\system32\userinit.exe è stata trovata e disinfettata ipristinata copia da - c:\windows\ERDNT\cache\userinit.exe . . ((((((((((((((((((((((((( Files Creati Da 2012-01-15 al 2012-02-15 ))))))))))))))))))))))))))))))))))) . . 2012-02-15 15:36 . 2012-02-15 15:36 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-02-15 15:32 . 2012-02-15 15:36 -------- d-----w- c:\users\ASUS24\AppData\Local\temp 2012-02-15 15:32 . 2012-02-15 15:32 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-02-15 15:32 . 2012-02-15 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-15 01:15 . 2012-02-15 01:15 -------- d-----w- c:\users\ASUS24\AppData\Local\ElevatedDiagnostics 2012-02-14 21:43 . 2012-02-14 21:43 -------- d-----w- c:\program files\p-nand-q.com 2012-02-14 21:17 . 2012-02-14 21:17 388096 ----a-r- c:\users\ASUS24\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2012-02-13 20:58 . 2012-02-14 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-13 20:58 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-13 16:34 . 2012-02-13 16:34 -------- d-----w- c:\program files\TrendMicro 2012-02-12 18:24 . 2011-07-29 12:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2012-02-12 18:24 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\system32\BootMan.exe 2012-02-12 18:24 . 2011-07-29 12:54 86408 ----a-w- c:\windows\system32\setupempdrv03.exe 2012-02-12 18:24 . 2011-07-29 12:54 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys 2012-02-12 18:24 . 2011-07-29 12:54 14216 ----a-w- c:\windows\system32\epmntdrv.sys 2012-02-11 14:49 . 2012-02-11 14:49 -------- d-----w- c:\users\ASUS24\AppData\Roaming\Yahoo! 2012-02-02 19:54 . 2012-02-02 19:54 601408 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-02-02 19:54 . 2012-02-02 19:54 83392 ----a-w- c:\windows\system32\drivers\vsflt53.sys 2012-02-02 19:03 . 2012-02-02 19:03 -------- d-----w- c:\users\ASUS24\AppData\Local\Software della webcam Logitech® 2012-02-02 18:56 . 2012-02-02 18:56 169088 ----a-w- c:\windows\system32\drivers\snman603.sys 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\00E2214D-1198-4B37-A8FD-3A9C848D6054 2012-02-02 18:18 . 2012-02-02 18:18 -------- d-----w- c:\users\ASUS24\AppData\Roaming\635E8B0A-E719-4079-8538-B44189C17849 2012-02-02 17:23 . 2012-02-02 17:23 -------- d-----w- c:\program files\Evernote 2012-02-02 17:09 . 2012-02-02 17:09 -------- d-----w- c:\users\ASUS24\AppData\Local\Evernote 2012-02-02 17:07 . 2012-02-02 19:48 167 ----a-w- C:\user.js 2012-02-02 16:54 . 2012-02-02 16:54 766496 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2012-02-02 16:53 . 2012-02-02 16:53 77696 ----a-w- c:\windows\system32\drivers\fltsrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-02 18:56 . 2011-04-16 17:20 169088 ----a-w- c:\windows\system32\drivers\snapman.sys 2011-12-24 10:39 . 2011-05-26 06:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-21 16:35 . 2011-04-03 10:19 80488 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-12-19 10:32 . 2011-12-19 10:32 125472 ----a-w- c:\windows\system32\drivers\vididr.sys 2011-11-28 18:01 . 2011-04-24 05:53 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-04-24 05:53 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-04-24 05:54 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-04-24 05:54 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-04-24 05:54 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-04-24 05:54 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-04-24 05:54 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-04-24 05:54 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:25 . 2011-12-15 12:10 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-23 22:02 . 2011-11-23 22:02 491112 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-11-23 22:02 . 2011-11-23 22:02 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-07-09 19:42 . 2011-07-09 19:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-03-13 1486848] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-07-08 2666384] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-07-08 395720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] . c:\users\ASUS24\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-9-29 155648] AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-9-29 741376] HomeFreeQuick.lnk - c:\program files\Common Files\HomeFree\AVerQuick\HomeFreeQuick.exe [2011-8-17 932352] InstantTimeZone.lnk - c:\program files\InstantTimeZone\InstantTimeZone.exe [2011-8-30 1733633] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk] backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 13:10 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] 2011-03-24 06:11 167936 ----a-w- c:\program files\Freecorder\FLVSrvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-04-01 19:36 136176 ----atw- c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking] 2009-05-11 08:45 24576 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid] 2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe . R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R2 Nexus Server;Nexus Server (Carbon Coder); [x] R3 BMDDeckLinkAudio;BMDDeckLinkAudio;c:\windows\system32\DRIVERS\deckaud.sys [x] R3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [2010-07-14 2696960] R3 DeckLink;DeckLink;c:\windows\system32\DRIVERS\Intensity.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [2011-01-22 62464] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-09 30192] R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 136176] R3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-02-02 35392] R3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpusb.sys [2004-11-22 61440] R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys [x] R3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.sys [2007-04-05 12160] R3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [2011-04-15 20232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-01-22 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2011-01-22 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [2011-01-22 25600] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-01-22 52224] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2011-01-22 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-01-22 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-01 1343400] S0 62164192;62164192 Boot Guard Driver;c:\windows\system32\DRIVERS\62164192.sys [2009-10-22 37392] S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-02 77696] S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-12-19 125472] S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-02-02 83392] S1 62164191;62164191;c:\windows\system32\DRIVERS\62164191.sys [2009-09-25 128016] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128] S2 AVerNetDevice;AVerNetDevice;c:\program files\Common Files\HomeFree\Service\AVerNetDevice.exe [2011-05-20 139776] S2 AVerNetSchedule;AVerNetSchedule;c:\program files\Common Files\HomeFree\Service\AVerNetSchedule.exe [2011-06-28 403456] S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2011-01-29 348160] S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456] S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488] S2 mvCmExtA;mvCmExtA;c:\windows\system32\Drivers\mvCmExtA.SYS [2009-08-19 12416] S2 mvCmmir;mvCmmir;c:\windows\system32\Drivers\mvCmmir.SYS [2009-08-19 12416] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] S2 Qserial;Quattro serial Lava port driver;c:\windows\system32\DRIVERS\qserial.sys [2001-07-24 59274] S2 SPARKEY;sparkey driver;c:\windows\system32\Drivers\sparkey.sys [2010-11-29 12320] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-06 378472] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] S3 mvvideoexta;MaxiVista Virtual Video ExtA;c:\windows\system32\DRIVERS\mvvideoexta.sys [2009-08-19 12544] S3 mvvideomir;MaxiVista Virtual Video Mirror;c:\windows\system32\DRIVERS\mvvideomir.sys [2009-08-19 12544] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-11-23 491112] S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62.sys [2011-10-11 2747008] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-13 1077760] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc . Contenuto della cartella 'Scheduled Tasks' . 2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-20 12:17] . 2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000Core.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . 2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-404718175-381255980-3490994032-1000UA.job - c:\users\ASUS24\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 19:36] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204 IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 TCP: Interfaces\{E2054DDA-4417-4A93-BD31-39D147565979}: NameServer = 4.2.2.2,8.8.8.8 FF - ProfilePath - c:\users\ASUS24\AppData\Roaming\Mozilla\Firefox\Profiles\w8mu35kh.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic) FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} FF - Ext: Freecorder YouTube Download Wizard: ytvdw@pgport.com - %profile%\extensions\ytvdw@pgport.com FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.softonic_i.hmpg, true FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=13&cc= FF - user.js: extensions.softonic_i.dfltSrch - true FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.softonic_i.dnsErr - true FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00081/tb_v1?SearchSource=15&cc= FF - user.js: extensions.softonic_i.newTab - false FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.softonic_i.id - f4e3d90b00000000000090e6ba3c4999 FF - user.js: extensions.softonic_i.instlDay - 15372 FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.520:48 FF - user.js: extensions.softonic_i.prtnrId - softonic FF - user.js: extensions.softonic_i.prdct - softonic FF - user.js: extensions.softonic_i.aflt - orgnl FF - user.js: extensions.softonic_i.smplGrp - eng7 FF - user.js: extensions.softonic_i.tlbrId - eng7 FF - user.js: extensions.softonic_i.instlRef - MON00001 FF - user.js: extensions.softonic_i.dfltLng - FF - user.js: extensions.softonic_i.excTlbr - false . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'Explorer.exe'(5964) c:\program files\TeamViewer\Version7\tv_w32.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\TeamViewer\Version7\TeamViewer.exe c:\windows\system32\conhost.exe c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE c:\program files\TeamViewer\Version7\tv_w32.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\AUDIODG.EXE c:\program files\windows defender\MpCmdRun.exe . ************************************************************************** . Ora fine scansione: 2012-02-15 16:46:40 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2012-02-15 15:46 ComboFix2.txt 2012-02-14 22:25 ComboFix3.txt 2012-02-14 07:58 ComboFix4.txt 2012-02-13 20:11 ComboFix5.txt 2012-02-15 15:14 . Pre-Run: 64.407.928.832 byte disponibili Post-Run: 64.408.723.456 byte disponibili . - - End Of File - - 0FF045F695C895503BAB2B83A1188FF4
-
15-02-2012, 18:29 #15
- Data Registrazione
- 26-05-07
- Messaggi
- 9,056
- Specifiche del sistema
-
- Ringraziamenti / Mi Piace
- Mentioned
- 48 Post(s)
- Tagged
- 3 Thread(s)
- Problems Posted
- 0
- Problems Solved
- 0
- Best Answers
- 0
- Good Answers
- 0
Re: Help- Win7- Funziona tutto tranne il protocollo HTTP.
Il pc è pulito.
-
Stanco della Pubblicità? Registrati
Informazioni Discussione
Utenti che Stanno Visualizzando Questa Discussione
Ci sono attualmente 1 utenti che stanno visualizzando questa discussione. (0 utenti e 1 ospiti)