Hijackthis

[OpheliaNemesi]

Buongiorno a tutti, sono nuova iscritta, ma ho seguito più o meno le regole del forum
Ho letto un post in cui si spiegava passo passo cosa fare nel caso in cui si riscontri la presenza di Malware sul pc. In ultimo c'era scritto di utilizzare il programma Hijackthis per riportare i file di log, e di aprire una discussione postando il risultato. Dato che non ero riuscita a risolvere con i passaggi precenti sono approdata qui. Spero mi aiutiate a capire dov'è l'errore senza che io possa creare degli altri danni -.-
lo posto in due parti ò.ò
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.43.50, on 09/06/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-

8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\rundll32.exe
C:\Users\Sabrina\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Sabrina\AppData\Local\khdzwti.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering

Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EX E
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Common Files\Microsoft

Shared\Ink\InputPersonalization.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page

=

http://it.rd.yahoo.com/customize/yco.../*http://it.ya

hoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

about:blank
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page

= http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://it.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,SearchAssistant = http://search.babylon.com/?

babsrc=SP_ss&q={searchTerms}

&mntrId=002dcd46000000000000001cbfa5b91e&tlver=1.4 .19.19&affID=1

7160
R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,

(Default) =

http://it.rd.yahoo.com/customize/yco.../*http://it.ya

hoo.com
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-

7695ECA05670} - C:\Program Files\Yahoo!

\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-

B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -

C:\Program Files\Common Files\Symantec

Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Increase performance and video formats for your HTML5

<video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program

Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with

less interruptions and smoother playback on supported sites -

{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program

Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}

- C:\Program Files\Microsoft\Search Enhancement Pack\Search

Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-

8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-

4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google

Toolbar\Component\fastsearch_A8904FB862BD9564.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-

BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-

477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-

FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec

Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB

-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!

\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows

Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program

Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering

Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering

Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common

Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet

Security\osCheck.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade

Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe

C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [Acer Tour Reminder]

C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp]

C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix

Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program

Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F

-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common

Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-

2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32

\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil

Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX

Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program

[OpheliaNemesi]

Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common

Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program

Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)]

"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"

/runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows

Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet

Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Google Update]

"C:\Users\Sabrina\AppData\Local\Google\Update\Goog leUpdate.exe"

/c
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program

Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program

Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [khdzwti]

"c:\users\sabrina\appdata\local\khdzwti.exe" khdzwti
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media

Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows

Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe

oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows

Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program

Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk =

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows

Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-

8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows

Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-

8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-

5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-

4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12

\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61}

(DownloaderActiveX Control) -

http://c6.community.virgilio.it/down...derActiveX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave

Flash Object) -

http://fpdownload2.macromedia.com/ge...bs/flash/swfla

sh.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live

Hotmail Photo Upload Tool) -

http://gfx2.hotmail.com/mail/w4/pr01...ntrol/VistaMSN

PUpldit-it.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{94855534-3589-4CF9-

B477-24660C1520A9}: NameServer = 212.216.112.112,151.99.125.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{D296D74B-5D1E-4EA8-

9A99-1204260EDD81}: NameServer = 212.216.112.112,151.99.125.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-

1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -

C:\Program Files\Windows Live\Photo

Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -

C:\Program Files\Google\Google

Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner

- C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation -

c:\xampp\apache\bin\httpd.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program

Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService)

- Symantec Corporation - C:\Program Files\Common Files\Symantec

Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation -

C:\Program Files\Common Files\Symantec

Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT

- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. -

C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering

Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc.

- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown

owner - C:\Acer\Empowering

Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) -

Intel(R) Corporation - C:\Program

Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) -

Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) -

Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON)

- Intel Corporation - C:\Program Files\Intel\Intel Matrix

Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -

Macrovision Corporation - C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) -

Symantec Corporation - C:\Program Files\Norton Internet

Security\isPwdSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited -

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service

(LightScribeService) - Hewlett-Packard Company - C:\Program

Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice

Ex) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation

- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-

8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation -

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MobilityService - Unknown owner -

C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: mysql - Unknown owner -

c:\xampp\mysql\bin\mysqld.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc)

- Intel(R) Corporation - C:\Program Files\Common

Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) -

Unknown owner - C:\Program Files\CyberLink\Shared

Files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. -

C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program

Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer -

C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. -

C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15461 bytes

[OpheliaNemesi]

Grazie e speriamo non abbia sbagliato a postare

[menatwork]

ciao OpheliaNemesi

dal log vedo questa voce che non mi piace per niente

C:\Users\Sabrina\AppData\Local\khdzwti.exe


analizzalo su virus total e posta il rapporto...se non riesci a farlo salva la pagina e posta il link che rilascia

[OpheliaNemesi]

Grazie moltissimo!
Avevo il dubbio proprio su quel file, volevo cancellarne il processo tramite Hijackthis... l'ho fatto stamattina dopo aver visto che anche tu menatwork l'avevi individuato e sembra che tutto vada bene adesso...
Poi volevo chiedere se il fatto che ieri sera il pc mi si sia bloccato due volte durante la deframmentazione, possa dipendere da questo... se si allora dovrei rideframmnentare e vedere cosa succede ò.ò
grazie

PS: tralaltro questo khdzwti.exe portava come descrizione mortadelle, su windows defender -.- dovrei essere più sveglia -_________-

[menatwork]

per sicurezza fai questa scansione dovrebbe essere rimasto qualche rimasuglio

scarica combofix sul desktop (non installare la recovery console quando te lo chiede)

disconnetiti da internet
- disattiva l'antivirus
- esegui ComboFix.exe

- segui le instruzioni

- finita la scansione portati in C:\ e allega nella tua prossima risposta, il contenuto del file di testo Combofix.txt

[OpheliaNemesi]

mi si è impallato il pc appena ho scaricato, avast mi ucciderà per questo -.-

[marcosx86]

il pc ti si impalla sempre in punti precisi o casualmente dopo tot tempo?
comunque tutte le varie scansioni falle SEMPRE da modalità provvisoria.

[menatwork]

devi disattivare l'antivirus prima di scaricarlo
se non dovesse partire fai in questo modo:

clicca su start>esegui, nel box bianco copia e incolla questo comando, virgolette comprese:

"%userprofile%\desktop\combofix.exe" /killall

Premi OK, se tutto va bene parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione),una volta terminata la scansione, riavvia il computer e posta il reprot C:\combofix.txt



come usare correttamente combofix

[OpheliaNemesi]

Sei stato gentilissimo ma non so se lo farò, non sono molto esperta e preferisco evitare di disattivare antivirus e scaricare programma... un pò rischioso :/ in ogni caso se ci ripenso posto qui il risultato
bye bye