finestra di debug di windows all'avvio di programmi

**massimo77mr** · 29-08-2015, 14:50

Originariamente inviata da massimo77mr

Non si riesce a installare l'antivirus come mai?

Sono riuscito a fare la scansione di combofix ecco il log se può servire grazie:

ComboFix 15-08-24.01 - Pc-Ufficio 26/08/2015 17.46.55.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.511.200 [GMT 2:00]
Eseguito da: g:\download\ComboFix.exe
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\documents and settings\Pc-Ufficio\WINDOWS
C:\InfoSat.txt
c:\windows\IsUn0407.exe
c:\windows\IsUn0410.exe
c:\windows\unin0410.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2015-07-26 al 2015-08-26 )))))))))))))))))))))))))))))))))))
.
.
2015-08-26 14:30 . 2015-08-26 14:32 -------- d-----w- C:\KVRT_Data
2015-08-26 13:46 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2015-08-26 13:45 . 2015-08-26 13:45 -------- d-----w- c:\windows\LastGood
2015-08-26 13:40 . 2015-08-26 13:40 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2015-08-26 13:40 . 2015-08-26 13:40 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2015-08-26 13:40 . 2015-08-26 13:41 -------- dc----w- c:\windows\system32\DRVSTORE
2015-08-26 13:37 . 2015-08-26 13:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ProductData
2015-08-26 13:36 . 2015-08-26 13:36 -------- d-----w- c:\documents and settings\Pc-Ufficio\Dati applicazioni\IObit
2015-08-26 13:36 . 2015-08-26 13:36 -------- d-----w- c:\documents and settings\Pc-Ufficio\LocalLow
2015-08-26 13:36 . 2015-08-26 13:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\IObit
2015-08-26 13:36 . 2015-08-26 13:36 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-08-26 13:30 . 2015-08-26 13:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVAST Software
2015-08-18 19:41 . 2015-08-18 19:41 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Softland
2015-08-18 19:39 . 2008-08-14 09:30 21656 ----a-w- c:\windows\system32\dopdfmn6.dll
2015-08-18 19:39 . 2008-08-14 09:30 18072 ----a-w- c:\windows\system32\dopdfmi6.dll
2015-08-18 19:39 . 2015-08-18 19:39 -------- d-----w- c:\programmi\Softland
2015-08-11 12:31 . 2015-08-11 12:31 -------- d-----w- c:\documents and settings\Pc-Ufficio\.android
2015-08-11 12:29 . 2015-08-11 12:29 -------- d-----w- c:\documents and settings\Pc-Ufficio\Dati applicazioni\HMYGSetting
2015-08-11 12:27 . 2015-08-11 12:27 -------- d-----w- c:\documents and settings\Pc-Ufficio\Impostazioni locali\Dati applicazioni\Wondershare
2015-08-11 12:27 . 2015-08-11 12:27 -------- d-----w- c:\programmi\Common Files
2015-08-11 12:22 . 2015-08-11 12:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Wondershare
2015-08-11 12:22 . 2015-08-11 12:39 -------- d--h--w- c:\programmi\DrFoneAndroid_Temp
2015-08-11 12:22 . 2015-08-11 12:39 -------- d-----w- c:\documents and settings\Pc-Ufficio\Dati applicazioni\Wondershare
2015-08-11 12:22 . 2015-08-11 12:22 -------- d-----w- c:\programmi\Wondershare
2015-08-09 10:51 . 2015-08-09 10:51 -------- d-----w- c:\programmi\Empire Interactive
2015-08-08 17:19 . 2015-08-08 14:30 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
2015-08-08 17:19 . 2015-08-08 14:30 687600 ----a-w- c:\windows\system32\deployJava1.dll
2015-08-08 17:18 . 2015-08-08 17:18 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-08-08 17:17 . 2015-08-08 17:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Oracle
2015-08-08 14:31 . 2015-08-08 17:18 146432 ----a-w- c:\windows\system32\javacpl.cpl
2015-08-08 14:30 . 2015-08-08 17:19 -------- d-----w- c:\programmi\Java
2015-08-08 12:24 . 2015-08-08 12:24 -------- d-----w- c:\documents and settings\Pc-Ufficio\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2015-08-08 05:31 . 2015-08-08 05:31 -------- d-----w- c:\documents and settings\Pc-Ufficio\Impostazioni locali\Dati applicazioni\Gearbox Software
2015-08-08 04:58 . 2000-01-04 04:39 212992 ----a-w- c:\programmi\File comuni\InstallShield\Engine\6\Intel 32\ILog.dll
2015-08-07 18:28 . 2015-08-07 18:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MinigolfAdventures
2015-08-07 18:27 . 2015-08-07 18:33 -------- d-----w- c:\programmi\Gamenext
2015-08-07 17:33 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-08-07 17:33 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-08-07 17:32 . 2015-08-09 06:47 -------- d-----w- c:\windows\Logs
2015-08-04 06:49 . 2015-08-04 06:49 -------- d-----w- c:\documents and settings\Pc-Ufficio\Dati applicazioni\Malwarebytes
2015-08-04 06:46 . 2015-08-04 06:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2015-08-04 06:13 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2015-08-09 10:21 . 2014-02-10 19:58 152576 -c--a-w- c:\windows\system32\drivers\BazisPortableCDBus.sys
2015-08-08 13:56 . 2014-02-01 02:05 778416 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-08 13:56 . 2014-02-01 02:05 142512 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"RocketDock"="c:\programmi\RocketDock\RocketDock.e xe" [2007-09-02 495616]
"Kalender"="g:\google drive 15gb\Kalender(ok buono portable)\Kalender.exe" [2014-02-22 991232]
"POP Peeper"="g:\google drive 15gb\Prog. per la posta elettronica\Prog. per visualizzare la posta nella tray icon della barra\Pop Peepers 3.4(Ok Buono)\POP Peeper(Gia pronto)\POPPeeper.exe" [2011-11-16 1613824]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ClientManager3.lnk - c:\programmi\BUFFALO\Client Manager3\cm3_tray.exe [2014-2-8 589312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\Paragon Software\Partition Manager 9.0 Personal\bluescrn\bluescrn.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"c:\\Programmi\\TeamViewer\\Version6\\TeamViewer.e xe"=
"c:\\Programmi\\TeamViewer\\Version6\\TeamViewer_S ervice.exe"=
"c:\\Programmi\\WebSite X5 v8 - Evolution\\WebSite.exe"=
"c:\\Programmi\\Free Download Manager\\fdm.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
.
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [20/05/2008 9.32.40 15328]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [26/08/2015 15.36.47 23840]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectServic e.exe [12/11/2009 14.50.18 220128]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programmi\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [07/05/2010 18.15.22 1051976]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programmi \TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25/02/2010 12.18.08 10064]
S3 BazisPortableCDBus;Portable WinCDEmu driver;c:\windows\system32\drivers\BazisPortableCD Bus.sys [10/02/2014 21.58.32 152576]
S3 BioNT_BS;BioNT_BS;\??\c:\programmi\Paragon Software\Partition Manager 9.0 Personal\bluescrn\BioNT_bs.sys --> c:\programmi\Paragon Software\Partition Manager 9.0 Personal\bluescrn\BioNT_bs.sys [?]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [01/01/2003 3.37.59 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [01/01/2003 3.37.59 11088]
S3 ucg300n;BUFFALO WLI-UC-G300N Wireless LAN Driver;c:\windows\system32\drivers\ucg300n.sys [01/01/2003 2.12.05 650624]
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - 08089677
*NewlyCreated* - D586A694
*NewlyCreated* - WDF01000
*Deregistered* - 08089677
*Deregistered* - D586A694
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Scarica con Free Download Manager - file://c:\programmi\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager - file://c:\programmi\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager - file://c:\programmi\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager - file://c:\programmi\Free Download Manager\dlall.htm
TCP: Interfaces\{9A8DBDEF-AE19-4F3C-B693-32E7D6779A7D}: NameServer = 8.8.8.8,8.8.4.4
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Pc-Ufficio\Dati applicazioni\Mozilla\Firefox\Profiles\xksdi2uk.def ault\
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-08-26 17:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
************************************************** ************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
c:\programmi\BUFFALO\Client Manager3\BwcProv.dll
.
Ora fine scansione: 2015-08-26 17:55:29
ComboFix-quarantined-files.txt 2015-08-26 15:55
.
Pre-Run: 5.927.591.936 byte disponibili
Post-Run: 5.886.042.112 byte disponibili
.
- - End Of File - - 431794BF08BA4D68EB34F025F019C736
828E02D5C4A4FBE53441EE9DBEE51F43

Ora che faccio?...grazie?

Discussione: finestra di debug di windows all'avvio di programmi

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio