Jump to content

Gwenelan

Members
  • Posts

    19
  • Joined

  • Last visited

Everything posted by Gwenelan

  1. @Elise025: I've read all the post and I'm following the steps . Thank you very very much for your time and expertise, I'll be much more careful ! @dreamhouse: I can't help you, but be patient: surely someone will answer you as soon as they can .
  2. Done . [system Process] 0 TCP 192.168.0.3 1068 74.125.232.120 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1070 74.125.232.120 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1072 74.125.232.120 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1109 184.173.97.194 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1110 184.173.97.194 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1111 184.173.97.194 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1112 184.173.97.194 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1054 74.125.39.105 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1055 74.125.39.105 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1098 64.4.241.33 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1108 209.85.147.113 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1052 74.125.232.140 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1073 74.125.232.125 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1066 74.125.232.159 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1096 72.233.44.61 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1065 209.85.147.132 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1069 74.125.232.159 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1075 209.85.147.102 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1053 74.125.39.105 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1058 209.85.147.102 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1060 74.125.232.120 443 TIME_WAIT alg.exe 536 TCP 127.0.0.1 1025 0.0.0.0 0 LISTENING btdna.exe 1968 TCP 0.0.0.0 20364 0.0.0.0 0 LISTENING btdna.exe 1968 UDP 192.168.0.3 1900 * * btdna.exe 1968 UDP 0.0.0.0 20364 * * btdna.exe 1968 UDP 192.168.0.3 1030 * * DivXUpdate.exe 1612 UDP 127.0.0.1 1027 * * firefox.exe 272 TCP 127.0.0.1 1118 127.0.0.1 1117 ESTABLISHED firefox.exe 272 TCP 127.0.0.1 1117 127.0.0.1 1118 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1119 74.125.39.105 80 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1120 74.125.39.105 80 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1121 74.125.39.105 80 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1123 74.125.39.105 80 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1124 74.125.232.140 80 ESTABLISHED firefox.exe 272 TCP 192.168.0.3 1122 74.125.232.159 80 ESTABLISHED firefox.exe 272 TCP 127.0.0.1 1115 127.0.0.1 1116 ESTABLISHED firefox.exe 272 TCP 127.0.0.1 1116 127.0.0.1 1115 ESTABLISHED jqs.exe 1768 TCP 127.0.0.1 5152 0.0.0.0 0 LISTENING svchost.exe 1072 TCP 0.0.0.0 135 0.0.0.0 0 LISTENING svchost.exe 1280 UDP 0.0.0.0 1089 * * svchost.exe 1280 UDP 0.0.0.0 1090 * * svchost.exe 1280 UDP 0.0.0.0 1087 * * svchost.exe 1280 UDP 0.0.0.0 1056 * * svchost.exe 1280 UDP 0.0.0.0 1088 * * svchost.exe 1280 UDP 0.0.0.0 1026 * * System 4 TCP 0.0.0.0 445 0.0.0.0 0 LISTENING System 4 TCP 192.168.0.3 139 0.0.0.0 0 LISTENING System 4 UDP 192.168.0.3 137 * * System 4 UDP 192.168.0.3 138 * * System 4 UDP 0.0.0.0 445 * *
  3. One (probably stupid) question: I unchecked the "Enabled Protection" on the Malwarebytes; should I also uncheck "Websites Blocking"? I didn't; and this is the log result: [system Process] 0 TCP 192.168.0.3 1520 74.125.232.118 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1545 74.125.232.123 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1530 74.125.232.132 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1546 74.125.232.123 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1551 209.85.147.132 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1547 74.125.232.140 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1532 74.125.232.131 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1533 74.125.232.131 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1550 74.125.232.132 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1542 209.85.147.101 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1534 74.125.232.131 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1544 209.85.147.101 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1557 207.46.140.150 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1528 74.125.232.118 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1549 74.125.237.1 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1554 74.125.232.118 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1522 209.85.148.147 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1529 209.85.229.97 443 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1538 209.85.147.138 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1535 74.125.232.135 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1540 209.85.147.138 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1541 209.85.147.138 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1539 209.85.147.139 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1543 209.85.147.139 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1517 209.85.148.147 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1526 209.85.147.113 80 TIME_WAIT [system Process] 0 TCP 192.168.0.3 1567 78.141.177.75 80 TIME_WAIT alg.exe 624 TCP 127.0.0.1 1025 0.0.0.0 0 LISTENING btdna.exe 292 TCP 0.0.0.0 20364 0.0.0.0 0 LISTENING btdna.exe 292 UDP 192.168.0.3 1900 * * btdna.exe 292 UDP 192.168.0.3 1029 * * btdna.exe 292 UDP 0.0.0.0 20364 * * DivXUpdate.exe 1604 UDP 127.0.0.1 1027 * * firefox.exe 3220 TCP 192.168.0.3 1563 74.125.39.104 80 ESTABLISHED firefox.exe 3220 TCP 192.168.0.3 1564 74.125.232.135 80 ESTABLISHED firefox.exe 3220 TCP 192.168.0.3 1566 209.85.147.113 80 ESTABLISHED firefox.exe 3220 TCP 192.168.0.3 1562 209.85.148.147 80 ESTABLISHED firefox.exe 3220 TCP 127.0.0.1 1559 127.0.0.1 1558 ESTABLISHED firefox.exe 3220 TCP 127.0.0.1 1558 127.0.0.1 1559 ESTABLISHED firefox.exe 3220 TCP 127.0.0.1 1561 127.0.0.1 1560 ESTABLISHED firefox.exe 3220 TCP 127.0.0.1 1560 127.0.0.1 1561 ESTABLISHED jqs.exe 1768 TCP 127.0.0.1 5152 0.0.0.0 0 LISTENING svchost.exe 1072 TCP 0.0.0.0 135 0.0.0.0 0 LISTENING svchost.exe 1288 UDP 0.0.0.0 1062 * * svchost.exe 1288 UDP 0.0.0.0 1078 * * svchost.exe 1288 UDP 0.0.0.0 1051 * * svchost.exe 1288 UDP 0.0.0.0 1079 * * svchost.exe 1288 UDP 0.0.0.0 1060 * * svchost.exe 1288 UDP 0.0.0.0 1026 * * svchost.exe 1288 UDP 0.0.0.0 1061 * * System 4 TCP 0.0.0.0 445 0.0.0.0 0 LISTENING System 4 TCP 192.168.0.3 139 0.0.0.0 0 LISTENING System 4 UDP 192.168.0.3 137 * * System 4 UDP 192.168.0.3 138 * * System 4 UDP 0.0.0.0 445 * *
  4. I reset the router, and restarted the computer. Now, there was no message when I started the pc. There was one when I opened the internet browser: "Successfully blocked access to a potentially malicious website: 77.78.240.232 (Type: outgoing)"
  5. By "blocks" you mean the messages that pops up? If so, I get them only at startup, and when I'm normally web surfing (no strange websites: gmail, youtube, and some blogs). Skype doesn't run at startup already, I have to manually run it.
  6. Yes; it's always a different IP. This morning was: "Successfully blocked access to potentially malicious website 62.45.155.226 (Type: outgoing)" This evening was: "Successfully blocked access to potentially malicious website 89.28.64.76 (Type: outgoing)" I restarted again now, and two messages pop up, one after another: "Successfully blocked access to potentially malicious website 91.218.38.154 (Type: incoming)" and "Successfully blocked access to potentially malicious website 218.7.123.132 (Type: outgoing)"
  7. He said: "Successfully blocked access to potentially malicious website" but I wasn't quick enough to write down the IP associated. He did so during the ESET scan, and one time as soon as windows finished loading. It's ok if it's normal , I thought it was important.
  8. Done all. Here's the scan results: C:\Documents and Settings\utente\Documenti\MsgPlusLive-470.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined C:\Documents and Settings\utente\Documenti\WORM\aTube_Catcher.exe Win32/OpenCandy application deleted - quarantined C:\Documents and Settings\utente\Documenti\WORM\Per ora\aTube_Catcher.exe Win32/OpenCandy application deleted - quarantined This time, Malwarebytes gave me a pop up as soon as I turned on the pc (after uninstalling Java components), and some other messages while I was running the scan.
  9. Malwarebytes is not giving me any more pop ups . There were many virus? Meanwhile, still thank you for the help and the kindness !
  10. I did it! I did also the scan with ComboFix, here is the new report. ComboFix.txt
  11. I am sorry, but I have another problem. I never did any update of Windows because when I bought the computer it was told me not to, and since I'm not an expert, I was afraid to cause troubles. Now, I read the instructions, I went to the site (using Internet Explorer), I allowed ActiveX to work, but the site blocks me. It says: "403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied." I did the process two times, and I think I'm doing it right... am I missing something?
  12. Thanks again for the patience, I followed the instructions. Here is the ComboFix repost (I hope I understoos well how I had to include it). Should I reinstall AVG now, or should I wait untill the clean process is complete? ComboFix.txt
  13. I have a little problem. I have the AVG 8.5 Free Edition; I disabled the Resident Shield (I don0t have the Firwall), but ComboFix tells me that he can't work with AVG installed on my pc. The exact message is: "ComboFix cannot run when AVG is installed. This is due to AVG's targeting of ComboFix's file/processes. It would be dangerous to continue. Please uninstall AVG or use another tool." Should I uninstall AVG?
  14. The TDSS Killer didn't found anything. Here's the scan: 2011/06/22 21:22:20.0859 0128 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15 2011/06/22 21:22:21.0203 0128 ================================================================================ 2011/06/22 21:22:21.0203 0128 SystemInfo: 2011/06/22 21:22:21.0203 0128 2011/06/22 21:22:21.0203 0128 OS Version: 5.1.2600 ServicePack: 2.0 2011/06/22 21:22:21.0203 0128 Product type: Workstation 2011/06/22 21:22:21.0203 0128 ComputerName: UTENTE-4DFACC7C 2011/06/22 21:22:21.0203 0128 UserName: utente 2011/06/22 21:22:21.0203 0128 Windows directory: C:\WINDOWS 2011/06/22 21:22:21.0203 0128 System windows directory: C:\WINDOWS 2011/06/22 21:22:21.0203 0128 Processor architecture: Intel x86 2011/06/22 21:22:21.0203 0128 Number of processors: 4 2011/06/22 21:22:21.0203 0128 Page size: 0x1000 2011/06/22 21:22:21.0203 0128 Boot type: Normal boot 2011/06/22 21:22:21.0203 0128 ================================================================================ 2011/06/22 21:22:22.0359 0128 Initialize success 2011/06/22 21:22:26.0218 2872 ================================================================================ 2011/06/22 21:22:26.0218 2872 Scan started 2011/06/22 21:22:26.0218 2872 Mode: Manual; 2011/06/22 21:22:26.0218 2872 ================================================================================ 2011/06/22 21:22:27.0468 2872 ACPI (ad825cb3397c837d1fb91d566d78de04) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/06/22 21:22:27.0515 2872 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/06/22 21:22:27.0625 2872 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys 2011/06/22 21:22:27.0687 2872 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys 2011/06/22 21:22:27.0953 2872 Aspi32 (20d04091eba710f6988f710507d85868) C:\WINDOWS\system32\drivers\Aspi32.sys 2011/06/22 21:22:28.0015 2872 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/06/22 21:22:28.0078 2872 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/06/22 21:22:28.0140 2872 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys 2011/06/22 21:22:28.0203 2872 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/06/22 21:22:28.0250 2872 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/06/22 21:22:28.0296 2872 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys 2011/06/22 21:22:28.0343 2872 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys 2011/06/22 21:22:28.0406 2872 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys 2011/06/22 21:22:28.0500 2872 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/06/22 21:22:28.0562 2872 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/06/22 21:22:28.0593 2872 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/06/22 21:22:28.0703 2872 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/06/22 21:22:28.0734 2872 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/06/22 21:22:28.0859 2872 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/06/22 21:22:28.0937 2872 dmboot (6570b4c952f0d8fee4c6ef2ff5e10c08) C:\WINDOWS\system32\drivers\dmboot.sys 2011/06/22 21:22:28.0984 2872 dmio (c57d35621782c7f40770f3e5ca20a182) C:\WINDOWS\system32\drivers\dmio.sys 2011/06/22 21:22:29.0031 2872 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/06/22 21:22:29.0109 2872 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 2011/06/22 21:22:29.0171 2872 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/06/22 21:22:29.0250 2872 EAPPkt (efacd8d57a42a93e244a0dbd357e8cb8) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys 2011/06/22 21:22:29.0312 2872 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/06/22 21:22:29.0375 2872 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/06/22 21:22:29.0390 2872 Fips (333fbbc71bdcbb46c58a3b51b3d51184) C:\WINDOWS\system32\drivers\Fips.sys 2011/06/22 21:22:29.0453 2872 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/06/22 21:22:29.0593 2872 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2011/06/22 21:22:29.0625 2872 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/06/22 21:22:29.0718 2872 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/06/22 21:22:29.0796 2872 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/06/22 21:22:29.0921 2872 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/06/22 21:22:29.0968 2872 hid7906 (4ea8b2ce92cee1201313d4792d47cafc) C:\WINDOWS\system32\drivers\hid7906.sys 2011/06/22 21:22:30.0093 2872 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/06/22 21:22:30.0187 2872 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/06/22 21:22:30.0234 2872 i8042prt (30e64dfa4efaacc8142ea07766181fb4) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/06/22 21:22:30.0562 2872 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/06/22 21:22:30.0687 2872 intelppm (ebc07787034bbe312020d30198a9f362) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/06/22 21:22:30.0718 2872 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2011/06/22 21:22:30.0796 2872 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/06/22 21:22:30.0828 2872 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/06/22 21:22:30.0906 2872 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/06/22 21:22:30.0921 2872 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/06/22 21:22:31.0062 2872 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/06/22 21:22:31.0109 2872 isapnp (ea3245a8e8758d6b84de189a5caaa75e) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/06/22 21:22:31.0156 2872 Kbdclass (e883ae6ea0b313e659225aa32e449ce9) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/06/22 21:22:31.0234 2872 kbdhid (24f4d51e89822c349044c28be255c8a5) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/06/22 21:22:31.0265 2872 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys 2011/06/22 21:22:31.0328 2872 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/06/22 21:22:31.0515 2872 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 2011/06/22 21:22:31.0562 2872 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 2011/06/22 21:22:31.0593 2872 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys 2011/06/22 21:22:31.0734 2872 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/06/22 21:22:31.0796 2872 Modem (b30d2db351e3191bd71232036cfe711a) C:\WINDOWS\system32\drivers\Modem.sys 2011/06/22 21:22:31.0953 2872 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys 2011/06/22 21:22:32.0203 2872 Mouclass (c458e314b8722253897c94a714c2e0c0) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/06/22 21:22:32.0218 2872 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/06/22 21:22:32.0265 2872 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/06/22 21:22:32.0296 2872 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/06/22 21:22:32.0359 2872 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/06/22 21:22:32.0515 2872 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 2011/06/22 21:22:32.0546 2872 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/06/22 21:22:32.0578 2872 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/06/22 21:22:32.0593 2872 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/06/22 21:22:32.0640 2872 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/06/22 21:22:32.0687 2872 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys 2011/06/22 21:22:32.0718 2872 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys 2011/06/22 21:22:32.0750 2872 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys 2011/06/22 21:22:32.0812 2872 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/06/22 21:22:32.0875 2872 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/06/22 21:22:32.0937 2872 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/06/22 21:22:33.0015 2872 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/06/22 21:22:33.0093 2872 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/06/22 21:22:33.0125 2872 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/06/22 21:22:33.0156 2872 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 2011/06/22 21:22:33.0187 2872 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/06/22 21:22:33.0234 2872 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/06/22 21:22:33.0390 2872 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/06/22 21:22:33.0734 2872 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/06/22 21:22:33.0750 2872 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/06/22 21:22:33.0859 2872 Parport (3490ead0612bfd0e7c1b864ee24e6a4a) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/06/22 21:22:33.0921 2872 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/06/22 21:22:33.0984 2872 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/06/22 21:22:34.0046 2872 PCI (91fc1d483d900b1c0600a08b871c39d5) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/06/22 21:22:34.0109 2872 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/06/22 21:22:34.0187 2872 Pcmcia (28f3538a2091993a03506311a05053e8) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/06/22 21:22:34.0328 2872 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/06/22 21:22:34.0390 2872 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/06/22 21:22:34.0421 2872 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/06/22 21:22:34.0484 2872 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/06/22 21:22:34.0625 2872 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/06/22 21:22:34.0687 2872 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/06/22 21:22:34.0765 2872 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/06/22 21:22:34.0812 2872 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/06/22 21:22:34.0843 2872 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/06/22 21:22:34.0875 2872 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/06/22 21:22:34.0937 2872 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/06/22 21:22:35.0015 2872 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/06/22 21:22:35.0093 2872 redbook (a8eee004a16af1d583d9de9f6de250e0) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/06/22 21:22:35.0203 2872 RTLE8023xp (1814434b1a9be6ae3e740053119fb003) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 2011/06/22 21:22:35.0281 2872 RTLWUSB (463b8ac0130adf01a85daebf646b3db3) C:\WINDOWS\system32\DRIVERS\wg111v2.sys 2011/06/22 21:22:35.0328 2872 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/06/22 21:22:35.0359 2872 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/06/22 21:22:35.0390 2872 Serial (dbab3260e7eb3398cb87267d1410fad4) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/06/22 21:22:35.0468 2872 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/06/22 21:22:35.0593 2872 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys 2011/06/22 21:22:35.0640 2872 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys 2011/06/22 21:22:35.0765 2872 sr (896f566afc498077172eae8a50e8baf8) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/06/22 21:22:35.0828 2872 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/06/22 21:22:35.0859 2872 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/06/22 21:22:35.0906 2872 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 2011/06/22 21:22:36.0031 2872 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/06/22 21:22:36.0093 2872 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/06/22 21:22:36.0218 2872 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/06/22 21:22:36.0250 2872 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/06/22 21:22:36.0281 2872 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/06/22 21:22:36.0343 2872 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys 2011/06/22 21:22:36.0406 2872 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys 2011/06/22 21:22:36.0468 2872 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/06/22 21:22:36.0546 2872 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/06/22 21:22:36.0609 2872 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/06/22 21:22:36.0656 2872 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/06/22 21:22:36.0765 2872 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/06/22 21:22:36.0828 2872 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/06/22 21:22:36.0843 2872 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 2011/06/22 21:22:36.0906 2872 VIAHdAudAddService (6b2c9ee4c16616e9398bbd0bc80ceb22) C:\WINDOWS\system32\drivers\viahduaa.sys 2011/06/22 21:22:36.0984 2872 VolSnap (698869e82c57169f2140c04a272bf12b) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/06/22 21:22:37.0015 2872 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/06/22 21:22:37.0093 2872 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/06/22 21:22:37.0171 2872 WN5301 (b72d232e46ff5ee2bd8f61498b748df7) C:\WINDOWS\system32\DRIVERS\wn5301.sys 2011/06/22 21:22:37.0296 2872 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/06/22 21:22:37.0343 2872 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/06/22 21:22:37.0390 2872 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/06/22 21:22:37.0453 2872 ZD1211BU(Atlantis-Land) (d125e1445bb9dc951c250d4192e70841) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys 2011/06/22 21:22:37.0531 2872 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys 2011/06/22 21:22:37.0562 2872 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0 2011/06/22 21:22:37.0687 2872 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 2011/06/22 21:22:37.0687 2872 ================================================================================ 2011/06/22 21:22:37.0687 2872 Scan finished 2011/06/22 21:22:37.0687 2872 ================================================================================ 2011/06/22 21:22:37.0687 2996 Detected object count: 0 2011/06/22 21:22:37.0687 2996 Actual detected object count: 0 Thanks for the advices, I surely won't use bittorrent, or any p2p program while cleaning up .
  15. Thank you very much for the help. I think I noticed another something today: now the Malwarebytes messages don't appear when I'm not web surfing. They appear when I'm web surfing or when I'm using bittorrent. Here is the DDS scan: . DDS (Ver_2011-06-12.02) - NTFSx86 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20 Run by utente at 19:59:39 on 2011-06-22 Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.3071.2098 [GMT 2:00] . AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programmi\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Programmi\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe C:\Programmi\DivX\DivX Update\DivXUpdate.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe C:\Programmi\DNA\btdna.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\Skype\Plugin Manager\skypePM.exe C:\Programmi\Mozilla Firefox\plugin-container.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.ask.com/?o=101764&l=dis uInternet Connection Wizard,ShellNext = hxxp://go.divx.com/divx/webplayerdemo/en?yrv=1&yoc=divx&ydt=divxdotcom&ybt=DFW&ybv=6.8&yo=iet BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\programmi\orbitdownloader\orbitcth.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: PDF Suite Helper: {1ad61d5b-58a3-4592-9b34-dc84688ff805} - c:\programmi\pdf suite 2010\PDFIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmi\avg\avg8\avgssie.dll BHO: {53707962-6f74-2d53-2644-206d7942484f} - c:\programmi\spybot - search & destroy\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Guida per l'accesso a Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmi\file comuni\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\programmi\orbitdownloader\GrabPro.dll TB: PDF Suite Toolbar: {261f6a8b-7aaf-4bf5-8552-6610f4d67819} - c:\programmi\pdf suite 2010\PDFIEPlugin.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [bitTorrent DNA] "c:\programmi\dna\btdna.exe" uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmi\file comuni\ahead\lib\NMBgMonitor.exe" uRun: [VeohPlugin] "c:\programmi\veoh networks\veohwebplayer\veohwebplayer.exe" uRun: [MSMSGS] "c:\programmi\messenger\msmsgs.exe" /background uRun: [steam] "c:\programmi\steam\Steam.exe" -silent mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [HDAudDeck] c:\programmi\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [sunJavaUpdateSched] "c:\programmi\java\j2re1.4.2_01\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\programmi\quicktime\QTTask.exe" -atboottime mRun: [uSB Gamepad] c:\windows\usb vibration\7906\USB Gamepad.exe -boot mRun: [DivXUpdate] "c:\programmi\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [Malwarebytes' Anti-Malware] "c:\programmi\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\utente\menuav~1\progra~1\esecuz~1\adobeg~1.lnk - c:\programmi\file comuni\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\wg111v~1.lnk - c:\programmi\netgear\wg111v2 configuration utility\RtlWake.exe IE: &Download by Orbit - c:\programmi\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\programmi\orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\programmi\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\programmi\orbitdownloader\orbitmxt.dll/202 IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmi\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{12C812B9-3D7F-4E0D-B9E5-0F55E288B0A3} : NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{FFBBB324-AEDB-4077-A230-47C803FC6C9C} : DhcpNameServer = 192.168.1.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmi\avg\avg8\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fileco~1\skype\SKYPE4~1.DLL Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 66.98.148.65 auto.search.msn.com Hosts: 66.98.148.65 auto.search.msn.es ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\utente\dati applicazioni\mozilla\firefox\profiles\d1hviuxc.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q= FF - component: c:\documents and settings\utente\dati applicazioni\mozilla\firefox\profiles\d1hviuxc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\utente\dati applicazioni\mozilla\firefox\profiles\d1hviuxc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: c:\programmi\pdf suite 2010\firefoxextension\components\FFPDFConverter.dll FF - plugin: c:\programmi\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\programmi\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\programmi\divx\divx plus web player\npdivx32.dll FF - plugin: c:\programmi\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\programmi\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\programmi\mozilla firefox\plugins\npbittorrent.dll FF - plugin: c:\programmi\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\programmi\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\programmi\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll . ============= SERVICES / DRIVERS =============== . R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-4 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-4 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-4 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-4 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-4 297752] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-7-5 66048] R2 MBAMService;MBAMService;c:\programmi\malwarebytes' anti-malware\mbamservice.exe [2011-6-21 366640] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-21 22712] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-2-4 222976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 hid7906;MAP2A10K;c:\windows\system32\drivers\hid7906.sys [2011-4-16 34793] S3 idrmkl;idrmkl;\??\c:\docume~1\utente\impost~1\temp\idrmkl.sys --> c:\docume~1\utente\impost~1\temp\idrmkl.sys [?] S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2009-7-5 167808] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2009-3-30 468768] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 ZD1211BU(Atlantis-Land);NetFly U54 Wireless USB Adapter Driver(Atlantis-Land);c:\windows\system32\drivers\ZD1211BU.sys [2009-3-27 500736] S4 PDF Suite 2010 Service;PDF Suite 2010 Service;c:\programmi\pdf suite 2010\ConversionService.exe [2010-6-1 799552] S4 StarWindServiceAE;StarWind AE Service;c:\programmi\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688] . =============== Created Last 30 ================ . 2011-06-21 05:39:42 -------- d-----w- c:\documents and settings\utente\dati applicazioni\Malwarebytes 2011-06-21 04:44:53 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-21 04:44:53 -------- d-----w- c:\documents and settings\all users\dati applicazioni\Malwarebytes 2011-06-21 04:44:50 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-21 04:44:50 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware 2011-06-19 10:16:37 -------- d-----w- c:\programmi\Darksiders 2011-06-19 10:09:20 -------- d-----w- c:\programmi\Steam 2011-06-19 10:07:01 -------- d-----w- c:\programmi\THQ 2011-06-19 08:40:05 -------- d-----w- c:\documents and settings\utente\impostazioni locali\dati applicazioni\Darksiders 2011-06-07 11:22:31 -------- d-----w- c:\documents and settings\utente\dati applicazioni\TS3Client 2011-06-07 10:35:34 103864 ----a-w- c:\programmi\mozilla firefox\plugins\nppdf32.dll 2011-06-07 10:35:34 103864 ----a-w- c:\programmi\internet explorer\plugins\nppdf32.dll 2011-06-02 20:23:11 -------- d-----w- c:\documents and settings\utente\impostazioni locali\dati applicazioni\Turbine 2011-06-02 18:56:11 -------- d-----w- c:\programmi\Turbine . ==================== Find3M ==================== . 2011-06-18 14:20:23 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-04-08 11:36:10 86016 ----a-w- c:\windows\system32\custmon32.dll 2011-03-31 09:18:18 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-03-31 09:18:16 20304 ----a-w- c:\windows\system32\dopdfmi7.dll 2011-03-28 09:29:07 716153 ----a-w- c:\windows\system32\unins000.exe 2009-05-17 02:06:59 58652 ----a-w- c:\programmi\AMVapp-uninst.exe 2008-03-09 05:25:10 236 ----a-w- c:\programmi\file comuni\dx.reg 2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll . ============= FINISH: 20.00.20,89 =============== attach.rar
  16. Hi, Today I found the BitDefender on my pc. I followed some instructions to remove it, and I think I managed to do it. I installed the Malwarebytes in the process. Now, it is saying that he "successfully blocked content to potentially malicious website". It does it both when I am on the internet (also with just googhle page open) and when I'm not web surfing at all, though the pop ups don't appear often. I am afraid I am still infected; I run a full scan with Malwarebytes, and it found nothing. I attach here the two logs. Anyone has any idea what I have to do? Thanks for the patience! protection-log-2011-06-21.txt mbam-log-2011-06-21 (09-48-14).txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.