Condividi:        

VIRUS NELLA MEMORIA

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Re: VIRUS NELLA MEMORIA

Postdi Luke57 » 29/11/08 17:48

MIKI68 ha scritto:Scompatta significa aprire un file compresso con winzip o winrar ( giusto per avere una idea) ;)

Giusto ;)
anche "estrai il file eseguibile di gmer (gmer.exe) dalla cartella .zip"
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Sponsor
 

Re: VIRUS NELLA MEMORIA

Postdi annonio » 29/11/08 17:50

Allora: ho "scompattato"!!
La scansione relativa ai Rookit la riesco a salvare ma quella relativa all'Autostart no...perche' non c'e' un tasto "save" ...forse non ho capito bene....potreste dirmi semplicemente clicca qui oppure clicca li?? Sono un po'confuso :(
Ad ogni modo questo e' il log dei Rookit:
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-11-29 17:39:43
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.14 ----



Spiegatemi bene per favore!!

Attendo sviluppi

Antonio
Richiesta aiuto urgente
annonio
Utente Senior
 
Post: 101
Iscritto il: 10/09/06 15:31

Re: VIRUS NELLA MEMORIA

Postdi annonio » 29/11/08 18:08

Non riesco a salvare la scansione dell'Autostart....se clicco su copy mi esce una scritta in inglese che mi dice(se il mio inglese non mi inganna) di premere Ctrl+V keys...ma come si fa a salvarla??Non riesco proprio!
La prima scansione dei Rookit riesco a salvarla ed e' questa:
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-11-29 17:39:43
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.14 ----


Attendo sviluppi!
Richiesta aiuto urgente
annonio
Utente Senior
 
Post: 101
Iscritto il: 10/09/06 15:31

Re: VIRUS NELLA MEMORIA

Postdi Luke57 » 29/11/08 18:34

Ciao, nel primo report non c'è niente, ctrl+v non è altro che la funzione copy mediante la tastiera, premi qui deu tasti e poi apri un file di testo (dal blocco note di windows, strat>programmi>blocco note) ci incolli il testo, salvi il file e lo alleghi a un post.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: VIRUS NELLA MEMORIA

Postdi annonio » 29/11/08 19:50

Grazie Luke!! :D
Ci sono riuscito finalmente!!
Di seguito il secondo report (relativo all'Autostart):




GMER 1.0.14.14536 - httpwww.gmer.net
Autostart scan 2008-11-29 194401
Windows 5.1.2600 Service Pack 2


HKLMSYSTEMCurrentControlSetControlSession ManagerSubSystems@Windows = %SystemRoot%system32csrss.exe ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrvUserServerDllInitialization,3 ServerDll=winsrvConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon@Userinit = CWINDOWSsystem32userinit.exe,

HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify
igfxcui@DLLName = igfxdev.dll
WgaLogon@DLLName = WgaLogon.dll

HKLMSYSTEMCurrentControlSetServices
AcerMemUsageCheckService@ = CAcerEmpowering TechnologyePerformanceMemCheck.exe
aswUpdSv@ = CProgrammiAlwil SoftwareAvast4aswUpdSv.exe
avast! Antivirus@ = CProgrammiAlwil SoftwareAvast4ashServ.exe
ehRecvr@ = CWINDOWSeHomeehRecvr.exe
ehSched@ = CWINDOWSeHomeehSched.exe
eLockService@ = CAcerEmpowering TechnologyeLockServiceeLockServ.exe
EvtEng@ = CProgrammiIntelWirelessBinEvtEng.exe
Fax@ = %systemroot%system32fxssvc.exe
LVPrcSrv@ = cprogrammifile comunilogitechlvmvfmLVPrcSrv.exe
McrdSvc@ = CWINDOWSehomemcrdsvc.exe
Pml Driver HPZ12@ = CWINDOWSsystem32HPZipm12.exe
RegSrvc@ = CProgrammiIntelWirelessBinRegSrvc.exe
S24EventMonitor@ = CProgrammiIntelWirelessBinS24EvMon.exe
Utilità di pianificazione di LiveUpdate automatico@ = CProgrammiSymantecLiveUpdateALUSchedulerSvc.exe

HKLMSoftwareMicrosoftWindowsCurrentVersionRun
@ehTrayCWINDOWSehomeehtray.exe = CWINDOWSehomeehtray.exe
@preloadCWindowsRUNXMLPL.exe = CWindowsRUNXMLPL.exe
@SynTPEnhCProgrammiSynapticsSynTPSynTPEnh.exe = CProgrammiSynapticsSynTPSynTPEnh.exe
@AzMixerSelCProgrammiRealtekInstallShieldAzMixerSel.exe = CProgrammiRealtekInstallShieldAzMixerSel.exe
@AGRSMMSGAGRSMMSG.exe = AGRSMMSG.exe
@ntiMUICProgrammiNewTech InfosystemsNTI CD & DVD-Maker 7ntiMUI.exe = CProgrammiNewTech InfosystemsNTI CD & DVD-Maker 7ntiMUI.exe
@ file not found = file not found
@IMJPMIG8.1CWINDOWSIMEimjp8_1IMJPMIG.EXE Spoil RemAdvDef Migration32 = CWINDOWSIMEimjp8_1IMJPMIG.EXE Spoil RemAdvDef Migration32
@MSPY2002CWINDOWSsystem32IMEPINTLGNTImScInst.exe SYNC = CWINDOWSsystem32IMEPINTLGNTImScInst.exe SYNC
@PHIME2002ASyncCWINDOWSsystem32IMETINTLGNTTINTSETP.EXE SYNC = CWINDOWSsystem32IMETINTLGNTTINTSETP.EXE SYNC
@PHIME2002ACWINDOWSsystem32IMETINTLGNTTINTSETP.EXE IMEName = CWINDOWSsystem32IMETINTLGNTTINTSETP.EXE IMEName
@igfxtrayCWINDOWSsystem32igfxtray.exe = CWINDOWSsystem32igfxtray.exe
@igfxhkcmdCWINDOWSsystem32hkcmd.exe = CWINDOWSsystem32hkcmd.exe
@igfxpersCWINDOWSsystem32igfxpers.exe = CWINDOWSsystem32igfxpers.exe
@RTHDCPLRTHDCPL.EXE = RTHDCPL.EXE
@SkyTelSkyTel.EXE = SkyTel.EXE
@AlcmtrALCMTR.EXE = ALCMTR.EXE
@LaunchApCProgrammiLaunch ManagerLaunchAp.exe = CProgrammiLaunch ManagerLaunchAp.exe
@LManagerCProgrammiLaunch ManagerHotkeyApp.exe = CProgrammiLaunch ManagerHotkeyApp.exe
@CtrlVolCProgrammiLaunch ManagerCtrlVol.exe = CProgrammiLaunch ManagerCtrlVol.exe
@LMgrOSDCProgrammiLaunch ManagerOSDCtrl.exe = CProgrammiLaunch ManagerOSDCtrl.exe
@WbuttonCProgrammiLaunch ManagerWbutton.exe = CProgrammiLaunch ManagerWbutton.exe
@eLockMonitorCAcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe file not found = CAcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe file not found
@eDataSecurity LoaderCAcerEmpowering TechnologyeDataSecurityeDSloader.exe 0 file not found = CAcerEmpowering TechnologyeDataSecurityeDSloader.exe 0 file not found
@ePower_DMCCAcerEmpowering TechnologyePowerePower_DMC.exe = CAcerEmpowering TechnologyePowerePower_DMC.exe
@BootCAcerEmpowering TechnologyePowerBoot.exe = CAcerEmpowering TechnologyePowerBoot.exe
@Acer ePresentation HPDCAcerEmpowering TechnologyePresentationePresentation.exe = CAcerEmpowering TechnologyePresentationePresentation.exe
@eRecoveryServiceCAcerEmpowering TechnologyeRecoveryeRAgent.exe = CAcerEmpowering TechnologyeRecoveryeRAgent.exe
@LVCOMSXCWINDOWSsystem32LVCOMSX.EXE = CWINDOWSsystem32LVCOMSX.EXE
@LogitechCameraAssistantCProgrammiAcerOrbiCamCameraAssistant.exe = CProgrammiAcerOrbiCamCameraAssistant.exe
@LogitechVideo[inspector]CProgrammiAcerOrbiCamInstallHelper.exe inspect = CProgrammiAcerOrbiCamInstallHelper.exe inspect
@LogitechCameraService(E)CWINDOWSsystem32ElkCtrl.exe automation = CWINDOWSsystem32ElkCtrl.exe automation
@Samsung PanelMgrCWINDOWSSamsungPanelMgrssmmgr.exe autorun = CWINDOWSSamsungPanelMgrssmmgr.exe autorun
@HP Software UpdateCProgrammiHPHP Software UpdateHPWuSchd2.exe = CProgrammiHPHP Software UpdateHPWuSchd2.exe
@avast!CPROGRA~1ALWILS~1Avast4ashDisp.exe = CPROGRA~1ALWILS~1Avast4ashDisp.exe

HKCUSoftwareMicrosoftWindowsCurrentVers ... CTFMON.EXE = CWINDOWSsystem32ctfmon.exe

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
@{42071714-76d4-11d1-8b24-00a0c9068ff3} Estensione panoramica video del Pannello di controllodeskpan.dll file not found = deskpan.dll file not found
@{596AB062-B4D2-4215-9F74-E9109B0A8153} Pagina proprietà versioni precedenti%SystemRoot%system32twext.dll = %SystemRoot%system32twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} Versioni precedenti%SystemRoot%system32twext.dll = %SystemRoot%system32twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} IE Search BandCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject ViewerCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcutCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} Microsoft Url History ServiceCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} HistoryCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} Temporary Internet FilesCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} Temporary Internet FilesCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Microsoft Url Search HookCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} The InternetCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} Internet Name SpaceCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} Autoplay for SlideShow(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager FolderCWINDOWSsystem32extmgr.dll = CWINDOWSsystem32extmgr.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} Synaptics Control PanelCProgrammiSynapticsSynTPSynTPCpl.dll = CProgrammiSynapticsSynTPSynTPCpl.dll
@{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} EPM-PO Shell Extensionepm-po.dll = epm-po.dll
@{59850401-6664-101B-B21C-00AA004BA90B} Microsoft Office Binder UnbindCPROGRA~1MICROS~2Office1040UNBIND.DLL = CPROGRA~1MICROS~2Office1040UNBIND.DLL
@{0006F045-0000-0000-C000-000000000046} Microsoft Outlook Custom Icon HandlerCPROGRA~1MICROS~2OfficeOLKFSTUB.DLL = CPROGRA~1MICROS~2OfficeOLKFSTUB.DLL
@{E0D79304-84BE-11CE-9641-444553540000} WinZipCPROGRA~1WINZIPWZSHLSTB.DLL = CPROGRA~1WINZIPWZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} WinZipCPROGRA~1WINZIPWZSHLSTB.DLL = CPROGRA~1WINZIPWZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} WinZipCPROGRA~1WINZIPWZSHLSTB.DLL = CPROGRA~1WINZIPWZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} WinZipCPROGRA~1WINZIPWZSHLSTB.DLL = CPROGRA~1WINZIPWZSHLSTB.DLL
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} IE Microsoft BrowserBandCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} IE Fade TaskCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} IE Menu Desk BarCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} IE AutoCompleteCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} IE Navigation BarCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} IE Menu SiteCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} IE Menu BandCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} IE Microsoft History AutoComplete ListCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} IE Tracking Shell MenuCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} IE IShellFolderBandCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} IE BandProxyCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} IE MRU AutoComplete ListCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} IE RSS Feeder FolderCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} IE Microsoft Shell Folder AutoComplete ListCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} IE Microsoft Multiple AutoComplete List ContainerCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} Microsoft Browser ArchitectureCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} IE Shell Rebar BandSiteCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} IE Shell Band Site MenuCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} &LinksCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} IE Registry Tree Options UtilityCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} IE User AssistCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} IE Custom MRU AutoCompleted ListCWINDOWSsystem32ieframe.dll = CWINDOWSsystem32ieframe.dll
@{C169E5F0-E2B3-41F3-B81A-7BA529CBE193} ZipGenius Shell ExtensionCPROGRA~1ZIPGEN~1contmenu.dll = CPROGRA~1ZIPGEN~1contmenu.dll
@{472083B0-C522-11CF-8763-00608CC02F24} avastCProgrammiAlwil SoftwareAvast4ashShell.dll = CProgrammiAlwil SoftwareAvast4ashShell.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} Messenger Sharing FoldersCProgrammiMSN Messengerfsshext.8.1.0178.00.dll = CProgrammiMSN Messengerfsshext.8.1.0178.00.dll

HKCUSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved@{BDEADF00-C265-11d0-BCED-00A0C90AB50F} Cartelle Web = CPROGRA~1FILECO~1MICROS~1WEBFOL~1MSONSEXT.DLL

HKLMSoftwareClassesshellexContextMenuHandlers
avast@{472083B0-C522-11CF-8763-00608CC02F24} = CProgrammiAlwil SoftwareAvast4ashShell.dll
EDSshellExt@{29FF7AB0-BE34-4992-A30B-53A9D86EE239} = CWINDOWSsystem32eDSshellExt.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = CPROGRA~1WINZIPWZSHLSTB.DLL
ZipGenius 6@{C169E5F0-E2B3-41F3-B81A-7BA529CBE193} = CPROGRA~1ZIPGEN~1contmenu.dll

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers
EDSshellExt@{29FF7AB0-BE34-4992-A30B-53A9D86EE239} = CWINDOWSsystem32eDSshellExt.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = CPROGRA~1WINZIPWZSHLSTB.DLL
ZipGenius 6@{C169E5F0-E2B3-41F3-B81A-7BA529CBE193} = CPROGRA~1ZIPGEN~1contmenu.dll

HKLMSoftwareClassesFoldershellexContextMenuHandlers
avast@{472083B0-C522-11CF-8763-00608CC02F24} = CProgrammiAlwil SoftwareAvast4ashShell.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = CPROGRA~1WINZIPWZSHLSTB.DLL

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}CProgrammiYahoo!CompanionInstallscpnyt.dll = CProgrammiYahoo!CompanionInstallscpnyt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}CProgrammiAdobeAcrobat 7.0ActiveXAcroIEHelper.dll = CProgrammiAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}CPROGRA~1SPYBOT~1SDHelper.dll = CPROGRA~1SPYBOT~1SDHelper.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}CProgrammiFile comuniMicrosoft SharedWindows LiveWindowsLiveLogin.dll = CProgrammiFile comuniMicrosoft SharedWindows LiveWindowsLiveLogin.dll

HKLMSoftwareMicrosoftInternet ExplorerMain
@Default_Page_URLhttpgo.microsoft.comfwlinkLinkId=69157 = httpgo.microsoft.comfwlinkLinkId=69157
@Start Pagehttpgo.microsoft.comfwlinkLinkId=69157 = httpgo.microsoft.comfwlinkLinkId=69157
@Local Page%SystemRoot%system32blank.htm = %SystemRoot%system32blank.htm

HKCUSoftwareMicrosoftInternet ExplorerMain
@Start Pagehttpwww.libero.it = httpwww.libero.it
@Local PageCWINDOWSsystem32blank.htm = CWINDOWSsystem32blank.htm

HKLMSoftwareClassesPROTOCOLSHandler
dvd@CLSID = CWINDOWSsystem32msvidctl.dll
its@CLSID = CWINDOWSsystem32itss.dll
livecall@CLSID = CPROGRA~1MSNMES~1MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%system32inetcomm.dll
ms-its@CLSID = CWINDOWSsystem32itss.dll
msnim@CLSID = CPROGRA~1MSNMES~1MSGRAP~1.DLL
tv@CLSID = CWINDOWSsystem32msvidctl.dll

HKLMSoftwareClassesPROTOCOLSHandlerwia@CLSID = CWINDOWSsystem32wiascr.dll

CDocuments and SettingsAll UsersMenu AvvioProgrammiEsecuzione automatica
Microsoft Office.lnk = Microsoft Office.lnk
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk

---- EOF - GMER 1.0.14 ---


Attendo sviluppi!!
:undecided:
Richiesta aiuto urgente
annonio
Utente Senior
 
Post: 101
Iscritto il: 10/09/06 15:31

Re: VIRUS NELLA MEMORIA

Postdi Luke57 » 30/11/08 11:41

Ciao, nel report non scorgo niente di minaccioso, se l'antivirus rileva nuovamente la presunta infezione, posta tutto quello che segnala, percorso del file infetto compreso.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: VIRUS NELLA MEMORIA

Postdi annonio » 01/12/08 09:45

Va bene...ti faccio sapere!!

Intanto grazie mille per la disponabilita' e la pazienza!!



Antonio :)
Richiesta aiuto urgente
annonio
Utente Senior
 
Post: 101
Iscritto il: 10/09/06 15:31

Precedente

Torna a Sicurezza e Privacy


Topic correlati a "VIRUS NELLA MEMORIA":

memoria esaurita
Autore: themisterx
Forum: Software Windows
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 86 ospiti

cron