le cartelle delle mie memorie esterne appaiono come collegamenti a C/windows/sistem32

[e_idos]

Salve. All'improvviso le cartelle dei miei hard disk portatili sono diventate tutte collegamentia C/Windows/sistem32. Il computer me le apre ma non mi permette dei vederne le propietà. Suppongo si tratti di azione di un virus o affine. L'antivirus non mi segnala nessuna virus ma come potrei tornare a leggere i file nelle cartelle delle memorie esterne?

ho anche formattato la partizione del disco relativa al sistema operativo ( è un Windows XP per Toshiba) ma l'inconveniente continua a persistere.

stamattina ho effettuato la scansione con hijackthis e questo è il log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10.44.10, on 10/09/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FILECO~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FILECO~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programmi\McAfee\MPF\MPFSrv.exe
C:\Programmi\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Programmi\TOSHIBA\Toshiba Online Product Information\topi.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\McAfee\MSC\mcregist.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programmi\McAfee\VirusScan\scriptsn.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [THotkey] C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [DDWMon] C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [topi] C:\Programmi\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [mcagent_exe] C:\Programmi\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FILECO~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FILECO~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programmi\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Programmi\McAfee\MSK\MskSrver.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Programmi\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe

--
End of file - 8175 bytes




come procedo?
Grazie

[menatwork]

fai questa scansione molte volte risolve i problemi piu' difficili

scarica combofix sul desktop
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
devi rinominare il file prima di salvarlo sul desktop in abc.exe
(per rinominare il file, quando lo scarichi ti chiede dove salvarlo e ti compare la casella "nome file" ,basta che cambi il nome che ti appare in abc.exe)
Fatto questo, clicca su start>esegui, nel box bianco copia e incolla questo comando, virgolette comprese:

"%userprofile%\desktop\abc.exe" /killall

Premi OK, se tutto va bene parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione),una volta terminata, se tutto è andato bene, in C:\ dovresti trovare il file combofix.txt allegalo e posta il link sul forum

[e_idos]

ciao,

ti invio i risultati delle scansioni fatte con Hijackthis e Combofix (in due parti perche molto lunghe).

Combofix l'ho già passato due volte, nella prima mi ha cancellato alcuni file, qui invece ti allego il risultado della seconda scansione con Combofix:

ComboFix 11-09-10.02 - fabio 10/09/2011 17.30.44.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1916.1153 [GMT 2:00]
Eseguito da: c:\documents and settings\fabio\Desktop\ComboFix.exe
AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-08-10 al 2011-09-10 )))))))))))))))))))))))))))))))))))
.
.
2011-09-10 08:35 . 2011-06-23 18:30 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-09-10 08:35 . 2011-06-23 18:30 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-09-10 08:35 . 2011-06-23 18:30 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-09-10 08:35 . 2011-06-23 18:30 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-09-10 08:35 . 2011-06-23 18:30 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-09-10 08:35 . 2011-06-23 18:30 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-09-10 08:35 . 2011-06-23 18:30 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-09-10 08:16 . 2011-09-10 08:16 -------- d-----w- c:\programmi\Trend Micro
2011-09-10 07:53 . 2011-09-10 07:53 -------- d-----w- c:\programmi\CCleaner
2011-09-10 07:30 . 2011-09-10 07:30 -------- d-----w- c:\windows\system32\XPSViewer
2011-09-10 07:30 . 2011-09-10 07:30 -------- d-----w- c:\programmi\MSBuild
2011-09-10 07:30 . 2011-09-10 07:30 -------- d-----w- c:\programmi\Reference Assemblies
2011-09-10 07:29 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpi pelineprintproc.dll
2011-09-10 07:29 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintpr oc.dll
2011-09-10 07:29 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-09-10 07:29 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-09-10 07:29 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-09-10 07:29 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-09-10 07:29 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-09-10 07:29 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesv c.exe
2011-09-10 07:29 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfil terpipelinesvc.exe
2011-09-10 07:29 . 2011-09-10 07:29 -------- d-----w- C:\c80379cb88fc07a47b
2011-09-10 07:27 . 2011-09-10 07:27 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-09-10 07:17 . 2011-09-10 07:17 -------- dc-h--w- c:\windows\ie8
2011-09-10 00:03 . 2008-06-14 17:32 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-09-10 00:03 . 2008-06-14 17:32 272768 ------w- c:\windows\system32\drivers\bthport.sys
2011-09-10 00:03 . 2010-09-18 06:53 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
2011-09-10 00:03 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-09-10 00:03 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-09-10 00:02 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-09-10 00:02 . 2009-11-21 15:54 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-09-10 00:01 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-09-10 00:01 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-09-10 00:01 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-09-10 00:01 . 2009-10-15 16:29 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-09-10 00:01 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-09-10 00:01 . 2009-03-06 14:19 286208 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-09-10 00:01 . 2009-02-09 11:22 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-09-10 00:01 . 2009-02-09 10:51 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-09-10 00:01 . 2009-02-09 10:51 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-09-10 00:01 . 2009-02-09 10:51 683520 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-09-10 00:01 . 2009-02-09 10:51 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-09-10 00:01 . 2009-02-06 10:39 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2011-09-10 00:00 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-09-10 00:00 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-09-10 00:00 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-09-10 00:00 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-09-10 00:00 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-09-09 23:59 . 2008-05-01 14:34 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-09-09 23:58 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-09-09 23:55 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-09-09 23:54 . 2008-10-15 16:36 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-09-09 23:54 . 2011-05-02 15:31 692736 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2011-09-09 23:53 . 2011-04-30 03:00 758784 -c--a-w- c:\windows\system32\dllcache\vgx.dll
2011-09-09 23:53 . 2010-12-09 15:15 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-09-09 23:53 . 2010-12-09 15:14 2196480 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-09-09 23:53 . 2010-12-09 15:14 2030592 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-09-09 23:53 . 2010-12-09 15:14 2152448 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-09-09 23:53 . 2010-12-09 15:14 2073088 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-09-09 23:53 . 2010-07-16 12:02 221696 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-09-09 23:53 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-09-09 23:52 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-09-09 23:52 . 2010-08-16 08:44 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-09-09 23:48 . 2011-09-10 09:01 -------- d--h--w- c:\windows\$hf_mig$
2011-09-09 23:44 . 2011-09-09 23:47 -------- d-----w- c:\programmi\File comuni\AVSMedia
2011-09-09 23:44 . 2011-09-09 23:47 -------- d-----w- c:\programmi\AVS4YOU
2011-09-09 23:44 . 2009-06-30 14:32 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-09-09 23:24 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-09 23:24 . 2011-09-09 23:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-09-09 23:24 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-09 23:24 . 2011-09-09 23:24 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-09-09 16:34 . 2011-09-10 01:16 -------- d-----w- c:\windows\SxsCaPendDel
2011-09-09 13:32 . 2011-09-09 13:32 -------- d-----w- C:\DEVICE
2011-09-09 13:31 . 2011-09-09 13:31 -------- d-----w- c:\programmi\SAGEM
2011-09-09 13:28 . 2006-03-03 09:07 143360 ----a-w- c:\windows\system32\dunzip32.dll
2011-09-09 13:27 . 2007-07-24 10:02 33800 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2011-09-09 13:27 . 2007-07-24 05:40 79304 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-09-09 13:27 . 2007-07-21 07:08 40488 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2011-09-09 13:27 . 2007-07-21 07:08 35240 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-09-09 13:27 . 2007-07-21 07:08 201288 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-09-09 13:27 . 2007-07-13 07:20 113952 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2011-09-09 13:27 . 2011-09-09 13:27 -------- d-----w- c:\programmi\File comuni\McAfee
2011-09-09 13:27 . 2011-09-10 07:13 -------- d-----w- c:\programmi\McAfee
2011-09-09 13:27 . 2011-09-09 13:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2011-09-09 13:25 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-09-09 13:23 . 2007-12-17 09:45 18432 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS
2011-09-09 13:23 . 2011-09-09 13:23 -------- d-----w- C:\Program Files
2011-09-09 13:23 . 2011-09-09 13:23 -------- d-----w- c:\windows\OPTIONS
2011-09-09 13:23 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2011-09-09 13:23 . 2011-09-09 13:23 -------- d-----w- c:\windows\system32\RTCOM
2011-09-09 13:23 . 2008-02-04 18:00 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ1.dat
2011-09-09 13:23 . 2008-02-04 18:00 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ0.dat
2011-09-09 13:23 . 2008-01-18 15:45 852 ----a-w- c:\windows\system32\drivers\RTKHDRC1.dat
2011-09-09 13:23 . 2008-01-18 15:45 852 ----a-w- c:\windows\system32\drivers\RTKHDRC0.dat
2011-09-09 13:23 . 2008-01-18 15:45 520 ----a-w- c:\windows\system32\drivers\RTEQEX1.dat
2011-09-09 13:23 . 2008-01-18 15:45 520 ----a-w- c:\windows\system32\drivers\RTEQEX0.dat
2011-09-09 13:21 . 2011-09-09 22:10 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\toshiba
2011-09-09 13:21 . 2011-09-09 22:10 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\InstallShield
2011-09-09 13:19 . 2001-08-30 18:41 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-09-09 13:19 . 2008-04-13 09:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-09-03 10:17 . 2011-09-03 10:17 603136 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2011-09-03 10:17 . 2008-08-08 06:11 603136 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2008-08-08 06:11 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-08-08 06:11 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-08-08 06:18 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:30 . 2008-08-08 06:11 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:30 . 2008-08-08 06:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:30 . 2008-08-08 06:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2008-08-08 06:11 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-08-08 06:11 293888 ----a-w- c:\windows\system32\winsrv.dll
.
.

[e_idos]

e qui è come continua il risultato della scansione con Combofix:

(((((((((((((( SnapShot@2011-09-10_12.17.30 )))))))))))).
+ 2011-09-09 13:20 . 2011-09-10 16:08 32768 c:\windows\system32\config\systemprofile\Impostazi oni locali\Cronologia\History.IE5\index.dat
- 2011-09-09 13:20 . 2011-09-10 11:50 32768 c:\windows\system32\config\systemprofile\Impostazi oni locali\Cronologia\History.IE5\index.dat
+ 2011-09-10 16:08 . 2011-09-10 16:08 16384 c:\windows\system32\config\systemprofile\Cookies\i ndex.dat
+ 2011-09-10 12:18 . 2011-09-10 12:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Pres#\343c52b741531ce9ae874ea7508831a7 \System.Windows.Presentation.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\246110974e3c48733458819b07464b23 \System.Web.DynamicData.Design.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Vsa\f9c514544c8e23220493cd42a0e20678\Micros oft.Vsa.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\Syst em.Xml.Linq.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\S ystem.Web.Routing.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3 \System.Web.RegularExpressions.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54 \System.Web.Extensions.Design.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity\2314ff800782dc85224e69e802a073f7\Sy stem.Web.Entity.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c \System.Web.Entity.Design.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\c5c96400424b85536443623f96f64581 \System.Web.DynamicData.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Abstract#\5f8e87b47465a038403e73012c6d102a \System.Web.Abstractions.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Transactions\846dd505f97805f00999ee26aec9bf75\ System.Transactions.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\70a1400affdc775d7c7398e036359286 \System.ServiceProcess.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9 \System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2011-09-10 12:18 . 2011-09-10 12:18 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Ne t.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management\6e563a58e6fc0117070d5b8fd59e4e1b\Sy stem.Management.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad \System.Management.Instrumentation.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e \System.EnterpriseServices.Wrapper.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e \System.EnterpriseServices.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\822c996e6ad4901219b7de399a6f78bf \System.DirectoryServices.AccountManagement.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10 \System.DirectoryServices.Protocols.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8 \System.Data.Services.Design.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6 \System.Data.Services.Client.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead \System.Data.Entity.Design.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuratio#\585e68739b2a8aff61ee6b2786513245 \System.Configuration.Install.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.WorkflowServ#\22229a30650a9afbac984e1093898b13 \System.WorkflowServices.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a \System.Workflow.Runtime.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e \System.Workflow.ComponentModel.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Act#\ab4b50c7c789e46a485903365765fde8 \System.Workflow.Activities.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Services\a2392c995b1bb6b63079091259222357\ System.Web.Services.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\Sy stem.Web.Mobile.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1 \System.Web.Extensions.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69 \System.ServiceModel.Web.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1 \System.DirectoryServices.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\Sy stem.Deployment.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Services\c1b9b8ce390548dcca661a5e6a908408 \System.Data.Services.ni.dll
+ 2011-09-10 12:17 . 2011-09-10 12:17 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\S ystem.Data.Entity.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.JScript\345abd035c9378667b1cac54c1f21c97\Mi crosoft.JScript.ni.dll
+ 2011-09-10 12:18 . 2011-09-10 12:18 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\40893760431f8f0dcce3e18630e45b23\System.We b.ni.dll
.
((((((((( Punti Reg Caricati ))))))))))))))))))).
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd .exe" [2005-04-12 65536]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd .exe" [2005-04-12 65536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-03 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-03 170520]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-07-03 141848]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh. exe" [2007-12-06 1024000]
"THotkey"="c:\programmi\Toshiba\Toshiba Applet\thotkey.exe" [2008-05-27 360448]
"TPSMain"="TPSMain.exe" [2008-07-31 266240]
"NDSTray.exe"="NDSTray.exe" [BU]
"SmoothView"="c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2007-05-11 143360]
"DDWMon"="c:\programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2007-04-26 495616]
"topi"="c:\programmi\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-07 16860672]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"ACU"="c:\programmi\Atheros\ACU.exe" [2008-04-14 450648]
"mcagent_exe"="c:\programmi\McAfee.com\Agent\mcage nt.exe" [2007-08-03 582992]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-05-27 40368]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"Malwarebytes' Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\File comuni\\McAfee\\MNA\\McNASvc.exe"=
.
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [10/09/2011 1.24.56 366640]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [26/03/2007 12.22.18 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [19/02/2007 12.15.32 134016]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [08/08/2008 8.59.40 5888]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [10/09/2011 1.24.51 22712]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [08/08/2008 8.52.17 110080]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [08/08/2008 8.57.42 154624]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-09-09 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-09-09 13:10]
.
2011-09-09 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-09-09 13:10]
.
2011-09-09 c:\windows\Tasks\Promemoria registrazione 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-08-08 12:00]
.
2011-09-09 c:\windows\Tasks\Promemoria registrazione 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-08-08 12:00]
.
2011-09-09 c:\windows\Tasks\Promemoria registrazione 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-08-08 12:00]
.
.
------- Scansione supplementare -------
.
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
******************************************.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-10 18:11
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwEnumerateValueKey, ZwQueryDirectoryFile
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Sisssk = c:\documents and settings\fabio\Dati applicazioni\Sisssk.exe
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.

[e_idos]

e qui la conclusione...spero possa esserti/mi di aiuto a risolvere questo problema.

GRAZIE


***************************************.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sisssk"="c:\\Documents and Settings\\fabio\\Dati applicazioni\\Sisssk.exe"
.
-------- Dlls caricate dai processi in esecuzione --------------.
- - - - - - - > 'winlogon.exe'(948)
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3868)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
- - - - - - - > 'csrss.exe'(924)
c:\windows\system32\WININET.dll
.
Ora fine scansione: 2011-09-10 18:14:25
ComboFix-quarantined-files.txt 2011-09-10 16:14
ComboFix2.txt 2011-09-10 12:24
.
Pre-Run: 70.860.357.632 byte disponibili
Post-Run: 70.874.857.472 byte disponibili
.
- - End Of File - - 3E1EDCCB49C31A46AD507F79582CCFEC

[menatwork]

Combofix l'ho già passato due volte, nella prima mi ha cancellato alcuni file, qui invece ti allego il risultado della seconda scansione con Combofix:

a me serve il primo log della scansione con combofix

allegalo su wikisend

[e_idos]

il log della prima scansione si è sovrascritto nel momento in cui ho lanciato la seconda volta e purtroppo non l'ho potuto salvare con altro nome visto che il programma salva da solo il txt del risultato.

per di più adesso riaprendo il disco locale C:/ per aprire il file txt, ho visto che tra le cartelle vi sono due che si chiamano:

32788R22FWJFW- che visualizza le unità disco e l'hardware connesso al computer

c80379cb88fc07a47b - con due sottocartelle: "amd 64" e "i386"


non ne ho la più pallida idea di cosa stia passando.

[menatwork]

scusa ma perche' non hai seguito le mie indicazioni? ti ho detto forse di fare due scansioni? combofix e' un tool molto potente e se usato in modo scorretto puo' provocare seri problemi

senza il log della prima scansione non posso andare avanti, mi dispiace

[e_idos]

la doppia scansione purtroppo l'ho fatta prima che mi rispondessi, leggendo alcuni tutor su programma...purtroppo siccome non è il mio campo suppongo che ho peddiorato le cose...

[menatwork]

dovevi seguire le mie indicazioni

Premi OK, se tutto va bene parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione),una volta terminata, se tutto è andato bene, in C:\ dovresti trovare il file combofix.txt allegalo e posta il link sul forum

senza quel log mi dici come posso regolarmi ora??? , i tutor vanno letti nel modo corretto e se leggi bene non e' scritto di effettuare una doppia scansione