C: non si apre con doppio click

**bruna471** · 23-07-2010, 23:30

Ho provato e adesso funziona! Combofix ha eliminato il solito autorun in C: che però io non riuscivo ad individuare. ùPosto il report, che però è lungo come la fame e devo dividerlo

Parte prima

ComboFix 10-07-23.01 - Bruna 23/07/2010 23.07.40.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.278 [GMT 2:00]
Eseguito da: c:\documents and settings\Bruna\Desktop\ComboFix.exe
AV: Kaspersky PURE *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.

C:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys

((((((((((((((((((((((((( Files Creati Da 2010-06-23 al 2010-07-23 )))))))))))))))))))))))))))))))))))
.

2010-07-23 18:42 . 2010-07-23 18:42 -------- d-----w- c:\programmi\Trend Micro
2010-07-23 16:17 . 2010-07-23 16:17 -------- d-----w- c:\documents and settings\Bruna\Dati applicazioni\Malwarebytes
2010-07-23 16:17 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-23 16:17 . 2010-07-23 16:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-07-23 16:17 . 2010-07-23 16:17 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-07-23 16:17 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-23 08:31 . 2001-08-17 19:52 18688 -c--a-w- c:\windows\system32\dllcache\cdaudio.sys
2010-07-23 08:31 . 2001-08-17 19:52 18688 ----a-w- c:\windows\system32\drivers\cdaudio.sys
2010-07-23 08:27 . 2010-07-23 08:27 932368 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-07-23 08:27 . 2010-07-23 08:27 678416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-07-23 08:27 . 2010-07-23 08:27 604688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-07-23 08:27 . 2010-07-23 08:27 522768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-07-23 08:27 . 2010-07-23 08:27 1096208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-07-23 08:11 . 2010-07-23 08:24 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-07-23 08:11 . 2010-07-23 08:24 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-07-23 08:10 . 2009-12-14 10:44 39352 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2010-07-23 08:10 . 2009-12-14 10:44 88632 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2010-07-23 08:09 . 2010-07-23 08:09 -------- d-----w- c:\programmi\File comuni\InfoWatch
2010-07-23 08:09 . 2010-07-23 21:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-07-23 08:09 . 2010-07-23 08:09 -------- d-----w- c:\programmi\Kaspersky Lab
2010-07-23 08:07 . 2010-07-23 08:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2010-07-16 13:28 . 2010-07-16 13:28 -------- d-----r- c:\documents and settings\LocalService\Preferiti
2010-07-16 13:27 . 2010-07-16 13:27 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-07-16 13:19 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-07-14 15:56 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2010-07-23 20:54 . 2010-02-10 13:52 -------- d-----w- c:\documents and settings\Bruna\Dati applicazioni\uTorrent
2010-06-14 14:31 . 2010-02-09 22:01 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-06 10:32 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:06 . 2006-03-02 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\KA VOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2009-12-25 14:42 129552 ----a-w- c:\programmi\Kaspersky Lab\Kaspersky PURE\shellex.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.e xe" [2010-01-22 141608]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AudioDeck"="c:\programmi\VIAudioi\SBADeck\ADeck.e xe" [2010-02-11 516096]
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\programmi\ScanSoft\OmniPageSE4.0\O pwareSE4.exe" [2006-03-21 69632]
"ScanSoft OmniPage SE 4.0-reminder"="c:\programmi\ScanSoft\OmniPageSE4.0\Ere g\Ereg.exe" [2005-06-03 729088]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky PURE\avp.exe" [2009-12-25 340456]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [23/07/2010 10.10.22 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 20.18.34 36880]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\drivers\CSVirtualDiskDr v.sys [23/07/2010 10.10.25 39352]
R2 CSObjectsSrv;Servizio di controllo CryptoStorage;c:\programmi\File comuni\InfoWatch\CryptoStorage\ProtectedObjectsSrv .exe [21/12/2009 17.34.38 743992]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 13.42.46 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/10/2009 18.39.44 19472]
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-07-23 c:\windows\Tasks\User_Feed_Synchronization-{E2E0D807-45AF-4E0A-8AC1-A7C6CAABC267}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

**bruna471** · 23-07-2010, 23:31

Parte 2

------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = *.local
IE: Aggiungi ad Anti-Banner - c:\programmi\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stampa ad alta velocità Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
TCP: {C2EA2D22-502B-4F63-96B8-2F3F5940ACE6} = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Bruna\Dati applicazioni\Mozilla\Firefox\Profiles\zo2hmbyq.def ault\
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\compone nts\KavLinkFilter.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-23 23:19
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\programmi\VIAudioi\SBADeck\ADeck.exe 1???????L??|????C:\Documents and???|???|??

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

************************************************** ************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3336)
c:\windows\system32\WININET.dll
c:\programmi\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\windows\system32\wscntfy.exe
c:\programmi\iPod\bin\iPodService.exe
.
************************************************** ************************
.
Ora fine scansione: 2010-07-23 23:24:23 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-07-23 21:24

Pre-Run: 37.146.042.368 byte disponibili
Post-Run: 37.055.381.504 byte disponibili

- - End Of File - - 573EEBFD299BB538D01F0E2D1F33048C

**bruna471** · 23-07-2010, 23:32

Che dire: Grazie!

**menatwork** · 23-07-2010, 23:35

bruna471 devo controllare bene il log, ci aggiorniamo a domani mattina

goditi il pc nel frattempo

**menatwork** · 24-07-2010, 18:27

nel log di combofix non sembra esserci altro da eliminare

per ora non rimuovere combofix, servira' tra un pochino

vai in C:\ ed elimina la cartella qoobox

poi segui questa procedura per pulire la chiavetta

tieni premuto il tasto SHIFT presente nella tastiera in basso a sinistra,( e' la freccia ''cicciottella'' per capirci ) e inserisci la chiavetta

rilascia tale tasto dopo qualche secondo e collegati QUI usando il browser I.E. e fai una scansione completa

togli tutto cio' che trova

fatto questo, vai in C:\ elimina il log della scansione con combofix e ripeti una nuova scansione

posta i due log

**bruna471** · 24-07-2010, 23:25

Scusa, non avevo visto la risposta.
Domani mattina faccio tutto.
Comunque, quando mi sono accorta che il virus era stato portato da un pc all'altro con una chiavetta, cercando un po' in internet, ho scaricato un tool Panda USB Vaccine, che in effetti ha trovato e eliminato qualcosa da due chiavette e da un hard disc esterno.

Comunque domani provo tutto l'ambaradam del combofix, che ormai è come il rosario attaccato allo specchietto della macchina.
Good night

bruna

**bruna471** · 25-07-2010, 11:08

'zz
non ho letto bene, e la scansione con bitdefendere gliela sto facendo fare con firefox?
Devo rifarla con I.E.?

**bruna471** · 25-07-2010, 11:14

Devo avere sbagliato qualcosa

QUESTO è IL LOG di Bitdefender

Ma lo rifaccio

QuickScan Beta 32-bit v0.9.9.23 ------------------------------- Scan date: Sun Jul 25 11:05:43 2010 Machine ID: AC148559 C:\Programmi\Mozilla Firefox - could not be accessed No infection found. ------------------- Processes --------- <unsigned> ADeck Application 192 C:\Programmi\VIAudioi\SBADeck\ADeck.exe <unsigned> OmniPage Pro 220 C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe <verified> Apple Mobile Device Service 1016 C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe <verified> Bonjour 1184 C:\Programmi\Bonjour\mDNSResponder.exe <verified> CryptoStorage 1256 C:\Programmi\File comuni\InfoWatch\CryptoStorage\ProtectedObjectsSrv .exe <verified> Firefox 1448 C:\Programmi\Mozilla Firefox\firefox.exe <verified> iTunes 2264 C:\Programmi\iPod\bin\iPodService.exe <verified> iTunes 2036 C:\Programmi\iTunes\iTunesHelper.exe <verified> Kaspersky Total Security 252 C:\Programmi\Kaspersky Lab\Kaspersky PURE\avp.exe <verified> Kaspersky Total Security 1068 C:\Programmi\Kaspersky Lab\Kaspersky PURE\avp.exe <verified> Kaspersky Total Security 2120 C:\Programmi\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe <verified> Messenger 268 C:\Programmi\Messenger\msmsgs.exe <verified> Microsoft® Windows® Operating System 2560 C:\WINDOWS\System32\alg.exe <verified> Microsoft® Windows® Operating System 788 C:\WINDOWS\system32\csrss.exe <verified> Microsoft® Windows® Operating System 292 C:\WINDOWS\system32\ctfmon.exe <verified> Microsoft® Windows® Operating System 872 C:\WINDOWS\system32\lsass.exe <verified> Microsoft® Windows® Operating System 1732 C:\WINDOWS\system32\spoolsv.exe <verified> Microsoft® Windows® Operating System 784 C:\WINDOWS\system32\svchost.exe <verified> Microsoft® Windows® Operating System 1036 C:\WINDOWS\system32\svchost.exe <verified> Microsoft® Windows® Operating System 1120 C:\WINDOWS\system32\svchost.exe <verified> Microsoft® Windows® Operating System 1212 C:\WINDOWS\System32\svchost.exe <verified> Microsoft® Windows® Operating System 1320 C:\WINDOWS\system32\svchost.exe <verified> Microsoft® Windows® Operating System 1436 C:\WINDOWS\system32\svchost.exe <verified> Microsoft® Windows® Operating System 1520 C:\WINDOWS\system32\svchost.exe <verified> Sistema operativo Microsoft® Windows® 1660 C:\WINDOWS\Explorer.EXE <verified> Sistema operativo Microsoft® Windows® 860 C:\WINDOWS\system32\services.exe <verified> Sistema operativo Microsoft® Windows® 740 C:\WINDOWS\System32\smss.exe <verified> Sistema operativo Microsoft® Windows® 812 C:\WINDOWS\system32\winlogon.exe Network activity ---------------- Process avp.exe (1068) connected on port 80 (HTTP) --> 151.1.244.150 Process avp.exe (1068) connected on port 80 (HTTP) --> 72.14.234.148 Process avp.exe (1068) connected on port 80 (HTTP) --> 74.125.39.145 Process avp.exe (1068) connected on port 80 (HTTP) --> 72.14.234.100 Process avp.exe (1068) connected on port 80 (HTTP) --> 72.14.234.148 Process avp.exe (1068) connected on port 80 (HTTP) --> 151.1.244.150 Process avp.exe (1068) connected on port 80 (HTTP) --> 151.1.244.150 Process avp.exe (1068) connected on port 80 (HTTP) --> 199.7.48.190 Process avp.exe (1068) connected on port 80 (HTTP) --> 88.221.197.115 Process avp.exe (1068) listens on ports: 1110, 12321, 19780 Process svchost.exe (1120) listens on ports: 135 (RPC) Autoruns and critical files --------------------------- <unsigned> ADeck Application C:\Programmi\VIAudioi\SBADeck\ADeck.exe <unsigned> Ereg.exe C:\Programmi\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe <unsigned> OmniPage Pro C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe <unsigned> QuickTime C:\Programmi\QuickTime\qttask.exe <unsigned> SSBkgdUpdate Application C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe <verified> Adobe Acrobat C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe <verified> Adobe Reader and Acrobat Manager C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe <verified> Apple Software Update C:\Programmi\Apple Software Update\SoftwareUpdate.exe <verified> iTunes C:\Programmi\iTunes\iTunesHelper.exe <verified> Kaspersky Total Security C:\Programmi\Kaspersky Lab\Kaspersky PURE\avp.exe <verified> Kaspersky Total Security c:\Programmi\Kaspersky Lab\Kaspersky PURE\kloehk.dll <verified> Kaspersky Total Security C:\WINDOWS\system32\klogon.dll <verified> Messenger C:\Programmi\Messenger\msmsgs.exe <verified> Microsoft Office XP C:\Programmi\Microsoft Office\Office10\OSA.EXE <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\browseui.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\logonui.exe <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\shell32.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\stobject.dll <verified> Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll <verified> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe <verified> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- <unsigned> Bonjour C:\Programmi\Bonjour\mdnsNSP.dll <unsigned> Easy-WebPrint c:\programmi\canon\easy-webprint\toolband.dll <unsigned> Easy-WebPrint EWPBrowseLoader Module c:\programmi\canon\easy-webprint\ewpbrowseloader.dll <unsigned> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll <unsigned> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe <unsigned> InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll <unsigned> RealPlayer Version Plugin C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll <unsigned> RealPlayer(tm) G2 LiveConnect-Enabled P C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll <verified> AcroIEHelperShim Library c:\programmi\file comuni\adobe\acrobat\activex\acroiehelpershim.dll <verified> Adobe Acrobat C:\Programmi\Mozilla Firefox\plugins\nppdf32.dll <verified> BitDefender QuickScan C:\Documents and Settings\Bruna\Dati applicazioni\Mozilla\Firefox\Profiles\zo2hmbyq.def ault\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll <verified> BitDefender QuickScan C:\Documents and Settings\Bruna\Dati applicazioni\Mozilla\Firefox\Profiles\zo2hmbyq.def ault\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll <verified> Kaspersky Total Security c:\programmi\kaspersky lab\kaspersky pure\ievkbd.dll <verified> Kaspersky Total Security c:\programmi\kaspersky lab\kaspersky pure\klwtbbho.dll <verified> Messenger C:\Programmi\Messenger\msmsgs.exe <verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll <verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll <verified> Mozilla Default Plug-in C:\Programmi\Mozilla Firefox\plugins\npnul32.dll <verified> npitunes.dll C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll <verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll <verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll <verified> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll Missing files ------------- File not found: C:\ComboFix\catchme.sys referenced in: HKLM\System\ControlSet001\services\catchme\"ImageP ath" File not found: C:\WINDOWS\System32\appmgmts.dll referenced in: HKLM\System\ControlSet001\services\AppMgmt\Paramet ers\"ServiceDll" Scan ---- <unsigned> MD5: 5a470db749bea248026e63a7cd27c28d C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\kavsys.kdl <unsigned> MD5: ae1ae6b67af9f4c342d4993d8e6af540 C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\kjim.kdl <unsigned> MD5: ddf4790977c549e5ce034f12939c84a2 C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\klavemu.kdl <unsigned> MD5: 6cd2497c4fcfdaa288f742d52b11ac2b C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\mark.kdl <unsigned> MD5: b4ae7b6ef60787bded54fa7e6e3d3ad6 C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\pdm.kdl <unsigned> MD5: 376b6469e85627d7058718d04f1acc67 C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\qscan.kdl <unsigned> MD5: 002d59a92d55ccbddcca8fba8ea8340d C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\vlns.kdl <unsigned> MD5: 987fb16f4b51f66bf7d89d0628e4f474 C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Bases\webav.kdl <unsigned> MD5: 328c110ec057c7e058471e4b274cd6a2 C:\Programmi\7-Zip\7-zip.dll <unsigned> MD5: 292f92469efb2fd402e00742c06d539d C:\Programmi\Bonjour\mdnsNSP.dll <unsigned> MD5: f2d73150ebfc69c577bb384212527596 c:\programmi\canon\easy-webprint\ewpbrowseloader.dll <unsigned> MD5: 43c52daa11438ae47fd636dee1b82bf1 c:\programmi\canon\easy-webprint\toolband.dll <unsigned> MD5: 1562865b44ea686baf8436ddfe83911f C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\pdfshell.ITA <unsigned> MD5: 1c3ca3e7807f915933bb4e08e599ddab C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe <unsigned> MD5: f0b8c822a200250edf60049f07e4cc41 C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll <unsigned> MD5: 30257426f6da31808c6698ec01de2d97 C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll <unsigned> MD5: cb21d826d9c39aed19dd431c1880f5de C:\Programmi\Kaspersky Lab\Kaspersky PURE\msvcp60.dll <unsigned> MD5: 26b018758226a5dc06de45496c394d40 C:\Programmi\Mozilla Firefox\freebl3.dll <unsigned> MD5: 9dfb30f203999a3ae0f258a33fa598f9 C:\Programmi\Mozilla Firefox\nssdbm3.dll <unsigned> MD5: 1fd6c03c0001a5e1eaf61596c2502f0c C:\Programmi\Mozilla Firefox\softokn3.dll <unsigned> MD5: 84f6b3ae2bbbfc146a27ede853eccb6b C:\Programmi\QuickTime\QTSystem\QTCF.dll <unsigned> MD5: 86d32bb043c88fd79194ff7ab2ab3434 C:\Programmi\QuickTime\QTSystem\QuickTime.qts <unsigned> MD5: 239eadd6b5ab68051c3dad1e9403b33d C:\Programmi\QuickTime\QTSystem\QuickTime.Resource s\QuickTime.dll <unsigned> MD5: 55d7a219ad8d0db8980528944152a6fd C:\Programmi\QuickTime\qttask.exe <unsigned> MD5: 4cd91cf79c5127b93e054bfdbb83694f C:\Programmi\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe <unsigned> MD5: b7fa1ebcba2f4718f9171a766a27a457 C:\Programmi\ScanSoft\OmniPageSE4.0\OpHookSE4.dll <unsigned> MD5: 98c9d8b03a6dec5975a0e19ee2685cf5 C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe <unsigned> MD5: 911bf63a4dad83c5d7efd2a396c8fa06 C:\Programmi\VIAudioi\SBADeck\ADeck.exe <unsigned> MD5: 3fea9d2edf23b0283c7a66c8dea380bd C:\WINDOWS\Downloaded Program Files\dwusplay.dll <unsigned> MD5: cdbe35ea59bc9223e4f800bd1db82d27 C:\WINDOWS\Downloaded Program Files\dwusplay.exe <unsigned> MD5: 3f4413dcd8d3bbabf08f68f25e6d60e1 C:\WINDOWS\Downloaded Program Files\isusweb.dll <unsigned> MD5: a6fcca426660d3fc5a5cb7c0623a257b C:\WINDOWS\system32\drivers\vinyl97.sys

**bruna471** · 25-07-2010, 11:15

mancava questo pezzo, perchè il messaggio era troppo lungo

No file uploaded.

Scan finished - communication took 3 sec
Total traffic - 0.07 MB sent, 2.36 KB recvd
Scanned 1060 files and modules - 293 seconds

**menatwork** · 25-07-2010, 12:19

bruna471 non postarlo col quote, viene tutto ììammucchiato'' e si capisce poco...

prova a caricarlo qui copia il primo link appena ha caricato e postalo

Discussione: C: non si apre con doppio click

Strumenti discussione

Ricerca discussione

Visualizza

Permessi di invio