non si aprono pagine internet e non riesco a inviare email

[FDAC]

Scarica ComboFix da qui:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Quando lo salvi hai la possibilità di rinominare il file: rinomina l’exe in pippo.exe

● posiziona pippo.exe sul Desktop
● disconnettiti da Internet
● sconnetti, fisicamente, il modem dal computer
● accedi al sistema in modalità provvisoria con un account con privilegi di Amministratore
● lancia ComboFix e segui le istruzioni che verranno rilasciate per eseguire la scansione
● senza eseguire altre operazioni, lascia che il tool completi la scansione e la fase di creazione del log
● al termine della operazione, il sistema verrà riavviato automaticamente (in caso contrario, riavvialo tu)

Note - durante la scansione:
● verranno creati alcuni file sul desktop e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop
● potrebbe venire rilasciato un messaggio in relazione all' antivirus in uso: prosegui ignorando il messaggio
● il firewall, se attivo, potrebbe rilasciare un avviso che verranno rimossi alcuni driver (consenti pure)

Verrà creato un log in Disco Locale C: dal nome combofix.txt che dovrai inviare qui.

Conclusa la scansione:
● riavvia il sistema in modalità normale
● ricollega, fisicamente, il modem al computer
● connettiti a Internet e invia il file di testo

N.B. Se non riuscissi in alcun modo ad utilizzare Combofix, segui questi semplici passi:

start > esegui, nel box bianco copia e incolla questo comando, virgolette comprese:
"%userprofile%\desktop\pippo.exe" /killall
Premi OK, si dovrebbe avviare la scansione.

[lell@]

Ho fatto la scansione con combofix in modalità provvisoria da esegui, perchè normalmente non lo caricava.

Ecco il log file. Grazie mille per il tuo aiuto!!!

ComboFix 10-10-21.07 - Laura 22/10/2010 16.25.45.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2046.1420 [GMT 2:00]
Eseguito da: c:\documents and settings\Laura\desktop\pippo.exe
Opzioni usate :: /killall
AV: avast! antivirus 4.8.1368 [VPS 101021-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.

c:\documents and settings\Laura\Impostazioni locali\Dati applicazioni\ffrkkv.dat
c:\documents and settings\Laura\Impostazioni locali\Dati applicazioni\ffrkkv_nav.dat
c:\documents and settings\Laura\Impostazioni locali\Dati applicazioni\ffrkkv_navps.dat

La copia infetta di c:\windows\system32\drivers\mouclass.sys è stata trovata e disinfettata
ipristinata copia da - Kitty had a snack
.
((((((((((((((((((((((((( Files Creati Da 2010-09-22 al 2010-10-22 )))))))))))))))))))))))))))))))))))
.

2010-10-22 14:32 . 2010-10-22 14:32 -------- d-----w- c:\windows\system32\Lang
2010-10-22 13:38 . 2010-10-22 13:38 -------- d-----w- c:\documents and settings\Administrator
2010-10-22 06:43 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-22 06:43 . 2010-10-22 06:43 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-10-22 06:43 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-21 13:17 . 2010-10-21 13:17 388096 ----a-r- c:\documents and settings\Laura\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-21 13:17 . 2010-10-21 13:17 -------- d-----w- c:\programmi\Trend Micro
2010-10-21 10:13 . 2010-10-21 10:13 -------- d-----w- c:\programmi\CCleaner
2010-10-20 16:57 . 2010-10-20 16:57 -------- d-----r- c:\windows\system32\config\systemprofile\Preferiti
2010-10-15 13:07 . 2010-10-15 13:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2010-10-15 12:59 . 2010-10-15 12:59 -------- d-----w- c:\programmi\File comuni\Macrovision Shared
2010-10-15 12:54 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-10-15 12:54 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-10-15 12:54 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-10-15 12:53 . 2010-10-15 12:53 -------- d-----w- c:\windows\Logs
2010-10-15 12:53 . 2010-10-15 13:05 -------- d-----w- c:\programmi\File comuni\Autodesk Shared
2010-10-15 12:53 . 2010-10-15 12:57 -------- d-----w- c:\programmi\Autodesk
2010-10-15 12:28 . 2010-10-15 12:28 -------- d-----w- C:\Autodesk
2010-10-15 06:46 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-15 06:46 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-12 14:52 . 2010-10-15 13:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autodesk
2010-10-12 06:49 . 2010-10-12 06:49 -------- d-----w- c:\programmi\uTorrent
2010-10-12 06:48 . 2010-10-21 15:25 -------- d-----w- c:\documents and settings\Laura\Dati applicazioni\uTorrent
2010-10-11 09:09 . 2010-10-11 09:09 14808 ----a-w- c:\programmi\Mozilla Firefox\plugin-container.exe
2010-10-11 09:09 . 2010-10-11 09:09 718296 ----a-w- c:\programmi\Mozilla Firefox\mozcpp19.dll
2010-09-29 08:56 . 2010-09-29 08:56 -------- d-----w- C:\ConvertTemp
2010-09-27 08:47 . 2010-09-27 08:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-09-24 09:03 . 2010-09-24 09:03 -------- d-----w- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2010-09-18 10:23 . 2004-08-19 13:39 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-19 13:39 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-08-31 15:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-08-31 15:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 13:33 . 2004-08-19 13:39 832512 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 13:33 . 2004-08-19 13:39 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 13:33 . 2004-08-19 13:39 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-09-09 13:33 . 2004-08-19 13:39 17408 ----a-w- c:\windows\system32\corpol.dll
2010-09-08 15:57 . 2004-08-19 13:26 389120 ----a-w- c:\windows\system32\html.iec
2010-09-01 11:51 . 2004-08-19 13:37 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:54 . 2004-08-19 13:31 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-19 13:39 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:58 . 2004-08-19 13:39 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-19 13:39 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-19 13:39 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44 . 2004-08-19 13:39 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

------- Sigcheck -------

[-] 2009-04-22 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS
[-] 2009-04-22 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\TCPIP.SYS
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"Skype"="c:\programmi\Skype\\Phone\Skype.exe" [2010-09-02 13351304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2009-11-24 81000]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-04-24 385024]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-12 16239616]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\j usched.exe" [2008-12-17 136600]
"NeroFilterCheck"="c:\programmi\File comuni\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"Ad-Watch"="c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-02 524632]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.e xe" [2009-09-08 305440]
"AppleSyncNotifier"="c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"disableregistrytoosl"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/08/2009 15.12.08 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [19/04/2010 15.13.48 28552]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01/10/2008 21.44.04 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [01/10/2008 21.44.04 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23.34.37 1029456]
.
Contenuto della cartella 'Scheduled Tasks'

2010-10-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:12]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = iexplore
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Laura\Dati applicazioni\Mozilla\Firefox\Profiles\7a1h9hip.def ault\
FF - prefs.js: browser.search.selectedEngine - Trova Rapido
FF - prefs.js: browser.startup.homepage - hxxp://www.lifegate.it/gaatle/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-DivXUpdate - c:\programmi\DivX\DivX Update\DivXUpdate.exe
AddRemove-ffrkkv - c:\documents and settings\laura\impostazioni locali\dati applicazioni\ffrkkv.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\programmi\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\programmi\DivX\DivXCodecUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\programmi\DivX\DivXConverterUninstall.exe
AddRemove-{D050D7362D214723AD585B541FFB6C11} - c:\programmi\DivX\DivXContentUploaderUninstall.exe


.

[lell@]

--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1724)
c:\windows\system32\WININET.dll
c:\windows\system32\AcSignIcon.dll
c:\windows\system32\btmmhook.dll
c:\programmi\File comuni\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\programmi\Windows Media Player\WMPNetwk.exe
c:\windows\RTHDCPL.EXE
c:\programmi\Skype\Phone\Skype.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\programmi\Alwil Software\Avast4\ashMaiSv.exe
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
c:\programmi\File comuni\Nero\Lib\NMIndexingService.exe
c:\programmi\iPod\bin\iPodService.exe
c:\programmi\Skype\Plugin Manager\skypePM.exe
.
************************************************** ************************
.
Ora fine scansione: 2010-10-22 16:37:56 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-10-22 14:37
ComboFix2.txt 2009-03-07 12:07

Pre-Run: 889.044.992 byte disponibili
Post-Run: 975.171.584 byte disponibili

- - End Of File - - F127C233CEBDC21DB4D1E63FA495371C

[FDAC]

Come va il PC?
Notato miglioramenti?
Posta un log aggiornato di Hijackthis