Condividi:        

PROBLEMI DI VIRUS

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

PROBLEMI DI VIRUS

Postdi ISpanico2703 » 03/09/08 20:47

Ciao ragazzi del forum di pcfacile.....
mi servirebbe il vostro aiuto vorrei eliminare i miei virus...
non so come fare vi prego di aiutarmi... vi mando il mio topic....
grazie della cortesia che avrete x me!!!!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:47: VIRUS ALERT!, on 03/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Nero\Nero8\InCD\NBHGui.exe
C:\Programmi\Nero\Nero8\InCD\InCD.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe
C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Programmi\Babylon\Babylon-Pro\Babylon.exe
C:\Programmi\PowerISO\PWRISOVM.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\windows\system32\ctfmon.exe
C:\Programmi\Windows Sidebar\sidebar.exe
C:\Programmi\LClock\LClock.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Documents and Settings\Administrator\Dati applicazioni\Adobe\Manager.exe
C:\Programmi\Windows Sidebar\sidebar.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Nero\Nero8\InCD\InCDsrv.exe
C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmi\Maxtor\OneTouch\Utils\SyncServices.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\windows\system32\svchost.exe
C:\Programmi\UPHClean\uphclean.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\AVG\AVG8\avgui.exe
C:\windows\system32\wuauclt.exe
C:\Programmi\AVG\AVG8\avgscanx.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe
C:\Programmi\AVG\AVG8\aAvgApi.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Windows Live Toolbar\msn_sl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wm ... Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - C:\Programmi\Starware371\bin\Starware371.dll (file missing)
O2 - BHO: D - {5F970550-C427-37A8-9B2F-9A6C54E9E3C2} - C:\WINDOWS\system32\mmx84445.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: QXK Olive - {D3CECC49-A0F2-4CB5-BFCA-A79C22C08059} - C:\windows\vanwxemgvdp.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Starware Toolbar di Musica - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Programmi\Starware371\bin\Starware371.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: gksraemq - {F661BA6B-FAF4-4165-A701-F65A7585AC91} - C:\WINDOWS\gksraemq.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Programmi\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Keyboard Mouse Application\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Programmi\Nortek Keyboard Mouse Application\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Programmi\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Nero\Nero8\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [Babylon Client] C:\Programmi\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programmi\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Programmi\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LClock] C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Run] "C:\Documents and Settings\Administrator\Dati applicazioni\Adobe\Manager.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Programmi\Windows Sidebar\sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC378495-9632-4B4E-97F8-790E4B2393CA}: NameServer = 85.37.17.46 85.38.28.84
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O21 - SSODL: xrdwbfgn - {F0E20698-FA53-482A-BB3A-03F72D29C732} - C:\windows\xrdwbfgn.dll
O21 - SSODL: dgksvbpn - {69DE4DD8-175A-4088-8D10-60EF977D15F1} - C:\WINDOWS\dgksvbpn.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: MaxSyncService (NTService1) - - C:\Programmi\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Start BT in service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 12432 bytes



grazie..!!!!
ISpanico2703
Newbie
 
Post: 3
Iscritto il: 03/09/08 20:42

Sponsor
 

Re: PROBLEMI DI VIRUS

Postdi shel » 03/09/08 22:21

scarica ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

appena lo lanci ti fara' la scansione primaria

dopo, appena finita, scegli la completa e togli tutto cio' che trova
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: PROBLEMI DI VIRUS

Postdi ISpanico2703 » 04/09/08 13:52

dopo che ho fatto la scanzione con quel programma,
ho eliminato dei virus xo ne devo avere molti altri,
visto che su start nn mi appare la barra dove c e scritto programmi
ora vi mando il mio topic aggiornato....


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:48: VIRUS ALERT!, on 04/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Nero\Nero8\InCD\InCDsrv.exe
C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Maxtor\OneTouch\Utils\SyncServices.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\windows\system32\svchost.exe
C:\Programmi\UPHClean\uphclean.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\RUNDLL32.EXE
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Nero\Nero8\InCD\NBHGui.exe
C:\Programmi\Nero\Nero8\InCD\InCD.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe
C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Programmi\Babylon\Babylon-Pro\Babylon.exe
C:\Programmi\PowerISO\PWRISOVM.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Windows Sidebar\sidebar.exe
C:\Programmi\LClock\LClock.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\Windows Sidebar\sidebar.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\windows\system32\wuauclt.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe
C:\Programmi\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wm ... Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - C:\Programmi\Starware371\bin\Starware371.dll (file missing)
O2 - BHO: D - {5F970550-C427-37A8-9B2F-9A6C54E9E3C2} - C:\WINDOWS\system32\mmx84445.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: QXK Olive - {D3CECC49-A0F2-4CB5-BFCA-A79C22C08059} - C:\windows\vanwxemgvdp.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Starware Toolbar di Musica - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Programmi\Starware371\bin\Starware371.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: gksraemq - {F661BA6B-FAF4-4165-A701-F65A7585AC91} - C:\WINDOWS\gksraemq.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Programmi\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Keyboard Mouse Application\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Programmi\Nortek Keyboard Mouse Application\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Programmi\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Nero\Nero8\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [Babylon Client] C:\Programmi\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programmi\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Programmi\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LClock] C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Programmi\Windows Sidebar\sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC378495-9632-4B4E-97F8-790E4B2393CA}: NameServer = 85.37.17.46 85.38.28.84
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O21 - SSODL: xrdwbfgn - {F0E20698-FA53-482A-BB3A-03F72D29C732} - C:\windows\xrdwbfgn.dll
O21 - SSODL: dgksvbpn - {69DE4DD8-175A-4088-8D10-60EF977D15F1} - C:\WINDOWS\dgksvbpn.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: MaxSyncService (NTService1) - - C:\Programmi\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Start BT in service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 12353 bytes

grazie ancora
ISpanico2703
Newbie
 
Post: 3
Iscritto il: 03/09/08 20:42

Re: PROBLEMI DI VIRUS

Postdi shel » 04/09/08 17:33

scarica Combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
salvalo sul desktop. Doppio click su combofix.exe, comparirà la seguente videata:
http://img.bleepingcomputer.com/comb...disclaimer.jpg

prima di fare questa operazione esci dalla rete e spegni il tuo antivirus
premi 1, premi Invio e segui le indicazioni.
al termine, verrà creato un file log chiamato C:\ComboFix.txt.
allega il log creato al prossimo post in formato .TXT
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: PROBLEMI DI VIRUS

Postdi ISpanico2703 » 04/09/08 19:28

grazie del tuo aiuto questo e il risultato di combofix....

ComboFix 08-09-03.06 - Administrator 2008-09-04 20.25.20.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.1463 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((( Files Creati Da 2008-08-04 al 2008-09-04 )))))))))))))))))))))))))))))))))))
.

2008-09-03 23:23 . 2008-09-03 23:23 <DIR> d-------- C:\Documents and Settings\Administrator\DoctorWeb
2008-09-03 20:26 . 2008-09-03 11:31 143,360 --a------ C:\WINDOWS\sxmaokgf.exe
2008-09-03 20:25 . 2008-09-03 20:25 159,744 --a------ C:\WINDOWS\system32\mx84445.dll
2008-09-03 15:18 . 2008-09-03 20:25 <DIR> d-------- C:\Programmi\Euro Truck Simulator
2008-09-01 12:00 . 2008-09-01 12:00 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\vlc
2008-09-01 11:59 . 2008-09-01 11:59 <DIR> d-------- C:\Programmi\VideoLAN
2008-08-31 17:16 . 2008-08-31 17:16 <DIR> d-------- C:\Documents and Settings\Administrator\pd2
2008-08-30 00:39 . 2008-08-30 00:39 <DIR> d-------- C:\Programmi\iTunes
2008-08-30 00:39 . 2008-08-30 00:39 <DIR> d-------- C:\Programmi\iPod
2008-08-30 00:39 . 2008-08-30 00:39 <DIR> d-------- C:\Programmi\Bonjour
2008-08-30 00:39 . 2008-08-30 00:39 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Apple Computer
2008-08-30 00:38 . 2008-08-30 00:39 <DIR> d-------- C:\Programmi\QuickTime
2008-08-30 00:38 . 2008-08-30 00:38 <DIR> d-------- C:\Programmi\File comuni\Apple
2008-08-30 00:38 . 2008-08-30 00:38 <DIR> d-------- C:\Programmi\Apple Software Update
2008-08-30 00:38 . 2008-08-30 00:38 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2008-08-30 00:38 . 2008-08-30 00:38 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple
2008-08-29 13:59 . 2008-08-29 13:59 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Codemasters
2008-08-28 23:02 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008-08-28 22:54 . 2008-08-28 22:54 <DIR> d-------- C:\Programmi\File comuni\snpstd
2008-08-28 22:54 . 2004-11-19 18:46 367,488 --a------ C:\WINDOWS\system32\drivers\snpstd.sys
2008-08-28 22:54 . 2004-06-10 13:48 286,720 --a------ C:\WINDOWS\vsnpstd.exe
2008-08-28 22:54 . 2004-10-27 16:22 61,440 --a------ C:\WINDOWS\system32\rsnpstd.dll
2008-08-28 22:54 . 2004-02-16 13:59 61,440 --a------ C:\WINDOWS\system32\csnpstd.dll
2008-08-28 22:54 . 2004-05-06 11:22 53,248 --a------ C:\WINDOWS\system32\dsnpstd.dll
2008-08-28 22:54 . 2002-07-03 11:44 53,248 --a------ C:\WINDOWS\amcap.exe
2008-08-28 22:54 . 2004-09-24 10:58 36,864 --a------ C:\WINDOWS\system32\vsnpstd.dll
2008-08-28 22:54 . 2004-09-24 10:42 36,864 --a------ C:\WINDOWS\system32\dsnpstd.ax
2008-08-28 22:54 . 2004-11-01 17:29 20,480 --a------ C:\WINDOWS\usnpstd.exe
2008-08-28 22:54 . 2003-01-17 17:34 15,541 --a------ C:\WINDOWS\snpstd.ini
2008-08-28 22:54 . 2003-01-17 17:35 13,023 --a------ C:\WINDOWS\snpstd.src
2008-08-28 22:20 . 2008-08-28 22:20 <DIR> d-------- C:\WINDOWS\Sun
2008-08-28 14:28 . 2008-08-28 20:00 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Test Drive Unlimited
2008-08-26 18:02 . 2008-08-29 20:16 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\LimeWire
2008-08-26 18:01 . 2008-08-26 18:01 <DIR> d-------- C:\Programmi\Sun
2008-08-26 18:00 . 2008-08-26 18:00 <DIR> d-------- C:\Programmi\Java
2008-08-26 18:00 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-26 17:59 . 2008-08-26 17:59 <DIR> d-------- C:\Programmi\File comuni\Java
2008-08-26 17:29 . 2008-08-26 17:30 <DIR> d-------- C:\Programmi\LimeWire
2008-08-25 15:10 . 2008-08-29 13:59 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2008-08-25 15:10 . 2008-08-25 15:10 <DIR> d-------- C:\Programmi\ffdshow
2008-08-25 15:10 . 2007-04-24 16:30 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2008-08-25 15:10 . 2008-03-04 12:33 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-25 15:10 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-25 15:09 . 2008-08-25 15:09 <DIR> d--h-c--- C:\Documents and Settings\All Users\Dati applicazioni\{ECF27DA6-61FA-4DDA-870F-1766B3B8A74E}
2008-08-25 15:04 . 2008-08-25 15:04 <DIR> d-------- C:\Programmi\Utherverse Digital Inc
2008-08-23 13:16 . 2008-08-23 13:16 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-08-23 13:16 . 2008-08-23 13:16 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-08-23 13:15 . 2008-09-04 11:31 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-08-23 13:15 . 2008-08-23 14:55 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\AVGTOOLBAR
2008-08-23 13:15 . 2008-08-29 10:52 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-23 13:09 . 2008-08-23 13:15 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Avg8
2008-08-21 19:19 . 2008-08-21 19:19 <DIR> d-------- C:\Programmi\Atari
2008-08-21 17:31 . 2008-08-21 17:31 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
2008-08-21 17:28 . 2008-08-21 17:28 <DIR> d-------- C:\Programmi\Messenger Plus! Live
2008-08-20 19:45 . 2008-08-20 19:45 <DIR> d-------- C:\WINDOWS\Logs
2008-08-20 19:44 . 2008-08-20 19:44 <DIR> d-------- C:\Programmi\OpenAL
2008-08-20 19:44 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp6.tmp
2008-08-20 19:44 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp5.tmp
2008-08-20 19:44 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp4.tmp
2008-08-20 19:44 . 2008-08-29 13:59 444,952 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-08-20 19:44 . 2008-08-29 13:59 109,080 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-08-19 20:18 . 2008-08-19 20:18 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-08-19 20:18 . 2008-08-19 20:18 <DIR> d--h----- C:\Documents and Settings\All Users\Dati applicazioni\CanonBJ
2008-08-19 20:18 . 2006-04-23 21:00 161,792 --a------ C:\WINDOWS\system32\CNMLM85.DLL
2008-08-19 20:17 . 2008-08-19 20:17 <DIR> d--h----- C:\Programmi\CanonBJ
2008-08-19 15:36 . 2008-08-19 15:36 <DIR> d-------- C:\Programmi\CyberLink
2008-08-19 15:36 . 2008-08-19 15:36 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
2008-08-19 14:55 . 2008-08-19 14:55 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Sports Interactive
2008-08-19 14:54 . 2008-08-19 14:55 <DIR> d--h----- C:\Programmi\Zero G Registry
2008-08-19 14:53 . 2008-08-19 14:53 <DIR> d--h----- C:\Documents and Settings\Administrator\InstallAnywhere
2008-08-18 19:30 . 2008-08-18 19:30 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dati applicazioni\SecuROM
2008-08-16 13:02 . 2008-08-16 13:02 <DIR> d-------- C:\Programmi\Web Publish
2008-08-16 12:56 . 1998-04-24 16:25 5 --a------ C:\WINDOWS\VS98ENT.MIF
2008-08-14 10:50 . 2008-08-14 10:50 <DIR> d-------- C:\Programmi\File comuni\AVSMedia
2008-08-14 10:50 . 2008-08-14 10:50 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\AVS4YOU
2008-08-14 10:50 . 2008-08-14 10:50 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\AVS4YOU
2008-08-14 10:49 . 2008-08-14 10:50 <DIR> d-------- C:\Programmi\AVS4YOU
2008-08-14 10:49 . 2007-02-27 19:36 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2008-08-14 10:49 . 2007-02-27 19:36 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2008-08-14 10:49 . 2007-02-27 19:36 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2008-08-14 10:49 . 2007-02-27 19:36 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2008-08-14 10:49 . 2007-02-27 19:36 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-08-14 10:46 . 2008-08-14 10:47 <DIR> d-------- C:\Programmi\mp3Tag 5
2008-08-14 10:46 . 2005-01-12 18:56 335,872 --a------ C:\WINDOWS\system32\m4atag.dll
2008-08-14 10:31 . 2008-08-14 10:31 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Samsung
2008-08-14 09:21 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-14 09:18 . 2008-04-11 20:40 683,520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-11 19:50 . 2008-08-11 19:50 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-08-11 19:50 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-08-11 19:50 . 2007-07-03 16:58 106,792 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2008-08-11 19:50 . 2007-07-03 16:54 80,552 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2008-08-11 19:50 . 2007-07-03 16:57 11,944 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2008-08-11 19:50 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2008-08-11 19:50 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2008-08-11 19:50 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2008-08-11 19:50 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2008-08-11 19:49 . 2008-08-11 19:49 <DIR> d-------- C:\Programmi\Samsung
2008-08-11 19:49 . 2008-08-11 20:06 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-08-11 19:49 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-08-07 10:40 . 2008-08-07 10:40 <DIR> d-------- C:\Programmi\EA GAMES
2008-08-07 10:40 . 2004-08-18 10:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2008-08-06 21:33 . 2008-08-06 21:33 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-08-06 21:26 . 2008-08-06 21:26 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-08-06 21:26 . 2008-08-06 21:26 <DIR> d-------- C:\Programmi\Electronic Arts
2008-08-06 21:26 . 2008-08-06 21:26 <DIR> d-------- C:\Programmi\AGEIA Technologies
2008-08-06 21:25 . 2008-08-06 21:25 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-08-06 20:17 . 2008-08-09 22:41 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-08-06 20:15 . 2008-08-06 20:15 <DIR> d-------- C:\Programmi\File comuni\DirectX
2008-08-06 20:12 . 2008-08-25 20:46 <DIR> d-------- C:\Programmi\DAEMON Tools
2008-08-06 20:10 . 2007-09-14 06:21 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2008-08-06 20:10 . 2007-09-14 06:21 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-08-06 20:10 . 2003-02-21 18:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-08-06 19:54 . 2008-08-06 19:54 <DIR> d-------- C:\Programmi\PowerISO
2008-08-06 19:39 . 2008-08-06 19:39 646,392 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-06 13:42 . 2008-08-06 13:42 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Bluetooth
2008-08-06 13:24 . 2004-08-03 22:58 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2008-08-06 13:24 . 2004-08-03 22:58 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2008-08-06 13:23 . 2008-08-06 13:23 <DIR> d-------- C:\Programmi\IVT Corporation
2008-08-05 23:39 . 2008-08-05 23:39 <DIR> d-------- C:\Programmi\Babylon
2008-08-05 23:39 . 2008-08-05 23:40 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Babylon
2008-08-05 23:39 . 2008-09-04 12:07 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Babylon
2008-08-05 22:05 . 2008-08-05 22:05 <DIR> d-------- C:\Programmi\Black Bean
2008-08-05 16:46 . 2008-08-05 16:46 <DIR> d-------- C:\Programmi\Google
2008-08-05 16:09 . 2004-08-03 22:58 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2008-08-05 15:55 . 2008-09-04 12:20 69 --a------ C:\WINDOWS\NeroDigital.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-04 10:13 --------- d-----w C:\Documents and Settings\Administrator\Dati applicazioni\Azureus
2008-09-03 13:24 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-08-26 18:03 --------- d-----w C:\Programmi\Unlocker
2008-08-14 09:37 --------- d-----w C:\Documents and Settings\Administrator\Dati applicazioni\BearShare
2008-08-05 20:05 --------- d-----w C:\Programmi\File comuni\InstallShield
2008-08-01 19:34 --------- d-----w C:\Programmi\Windows Live
2008-08-01 17:45 --------- d-----w C:\Programmi\eMule
2008-08-01 17:28 --------- d-----w C:\Programmi\BearShare Applications
2008-08-01 16:27 --------- d-----w C:\Programmi\Nortek
2008-08-01 16:27 --------- d-----w C:\Programmi\File comuni\PCCamera
2008-08-01 09:03 --------- d-----w C:\Programmi\AskTBar
2008-07-31 13:51 --------- d-----w C:\Programmi\CDex_150
2008-07-31 13:43 --------- d-----w C:\Programmi\MP3 Converter
2008-07-31 13:41 --------- d-----w C:\Programmi\Free WMA to MP3 Converter
2008-07-31 11:42 --------- d-----w C:\Programmi\Azureus
2008-07-31 09:42 --------- d-----w C:\Programmi\Microsoft SQL Server Compact Edition
2008-07-31 09:41 --------- d-----w C:\Programmi\Windows Live Toolbar
2008-07-31 09:41 --------- d-----w C:\Programmi\Windows Live Favorites
2008-07-31 09:36 --------- dcsh--w C:\Programmi\File comuni\WindowsLiveInstaller
2008-07-31 09:25 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-07-31 09:06 --------- d-----w C:\Programmi\File comuni\Adobe
2008-07-31 08:57 --------- d-----w C:\Programmi\Microsoft.NET
2008-07-31 08:41 68,616 ----a-w C:\windows\system32\XAPOFX1_1.dll
2008-07-31 08:41 238,088 ----a-w C:\windows\system32\xactengine3_2.dll
2008-07-31 08:40 509,448 ----a-w C:\windows\system32\XAudio2_2.dll
2008-07-29 18:43 --------- d-----w C:\Programmi\AVG
2008-07-29 18:41 883 --sh--w C:\Documents and Settings\Administrator\SetupDL.exe
2008-07-29 18:41 883 --sh--w C:\Documents and Settings\Administrator\MediaTubeCodec_ver1.1463.0.exe
2008-07-29 18:34 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Azureus
2008-07-29 18:09 155,995 ----a-w C:\windows\java\Packages\53XNTNJZ.ZIP
2008-07-29 18:09 --------- d-----w C:\Programmi\Motive
2008-07-29 18:09 --------- d-----w C:\Programmi\Common Files
2008-07-29 18:09 --------- d-----w C:\Programmi\Alice ti aiuta
2008-07-29 18:08 --------- d-----w C:\Programmi\Telecom Italia
2008-07-29 18:05 --------- d-----w C:\Programmi\Nortek Keyboard Mouse Application
2008-07-29 13:41 --------- d-----w C:\Programmi\WinFlip
2008-07-29 13:41 --------- d-----w C:\Programmi\VisualToolTip
2008-07-29 13:41 --------- d-----w C:\Programmi\Stardock
2008-07-29 13:41 --------- d-----w C:\Programmi\File comuni\Stardock
2008-07-29 13:40 --------- d-----w C:\Programmi\Vista Drive Icon
2008-07-29 13:40 --------- d-----w C:\Programmi\Vista Crystal Gadjets
2008-07-29 13:40 --------- d-----w C:\Programmi\TrueTransparency
2008-07-29 13:40 --------- d-----w C:\Programmi\Glass2k
2008-07-29 13:39 --------- d-----w C:\Programmi\UPHClean
2008-07-29 13:39 --------- d-----w C:\Programmi\HighMAT CD Writing Wizard
2008-07-29 13:35 89 ----a-w C:\windows\system32\config\systemprofile\Del1E2F.bat
2008-07-29 13:35 89 ----a-w C:\Documents and Settings\Default User\Del1E2F.bat
2008-07-29 13:35 89 ----a-w C:\Documents and Settings\Administrator\Del1E2F.bat
2008-07-29 13:34 --------- d-----w C:\Programmi\Reference Assemblies
2008-07-29 13:34 --------- d-----w C:\Programmi\MSBuild
2008-07-29 13:32 --------- d-----w C:\Programmi\MSXML 6.0
2008-07-29 13:32 --------- d-----w C:\Programmi\MSXML 4.0
2008-07-29 13:30 --------- d-----w C:\Programmi\Servizi in linea
2008-07-29 13:28 --------- d-----w C:\Programmi\Windows Sidebar
2008-07-29 13:26 --------- d-----w C:\Programmi\Alky for Applications
2008-07-29 13:24 --------- d-----w C:\Programmi\Windows Media Connect 2
2008-07-29 13:24 --------- d-----w C:\Programmi\Microsoft PowerToys
2008-07-29 13:24 --------- d-----w C:\Programmi\HashTab Shell Extension
2008-07-18 20:10 94,920 ----a-w C:\windows\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\windows\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\windows\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\windows\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\windows\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\windows\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\windows\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\windows\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\windows\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\windows\system32\muweb.dll
2008-07-18 18:38 586,752 ----a-w C:\windows\WLXPGSS.SCR
2008-07-12 06:18 467,984 ----a-w C:\windows\system32\d3dx10_39.dll
2008-07-12 06:18 3,851,784 ----a-w C:\windows\system32\D3DX9_39.dll
2008-07-12 06:18 1,493,528 ----a-w C:\windows\system32\D3DCompiler_39.dll
2008-07-07 20:17 253,952 ----a-w C:\windows\system32\es.dll
2008-07-07 20:17 253,952 ------w C:\windows\system32\dllcache\es.dll
2008-06-24 16:30 74,240 ----a-w C:\windows\system32\mscms.dll
2008-06-24 16:30 74,240 ------w C:\windows\system32\dllcache\mscms.dll
2008-06-23 08:23 70,656 ------w C:\windows\system32\dllcache\ie4uinit.exe
2008-06-23 08:23 625,664 ------w C:\windows\system32\dllcache\iexplore.exe
2008-06-23 08:23 13,824 ------w C:\windows\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\windows\system32\dllcache\ieakui.dll
2008-06-20 17:36 247,296 ----a-w C:\windows\system32\mswsock.dll
2008-06-20 17:36 247,296 ------w C:\windows\system32\dllcache\mswsock.dll
2008-06-20 17:36 147,968 ------w C:\windows\system32\dllcache\dnsapi.dll
2008-06-20 10:44 360,960 ------w C:\windows\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\windows\system32\dllcache\afd.sys
2008-06-20 09:32 225,920 ------w C:\windows\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\windows\system32\dllcache\bthport.sys
.

------- Sigcheck -------

2008-01-13 08:28 544256 e6f62282ebaa63ba07fa2dc7198b8d0d C:\windows\system32\winlogon.exe

2008-01-16 15:01 2155008 0b9146e4bdecebf8a16ccf5615f9a4bb C:\windows\system32\ntoskrnl.exe

2008-01-16 21:08 1618944 b749c7bd63c18c18b6448c574c4ab53b C:\windows\explorer.exe

2008-01-13 08:24 25088 40de117b6ccfc031d2dc8b73d82020cf C:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "C:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2008-08-01 57344]

[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2008-01-13 25088]
"Sidebar"="C:\Programmi\Windows Sidebar\sidebar.exe" [2007-08-29 1233408]
"LClock"="C:\Programmi\LClock\LClock.exe" [2004-09-19 65536]
"MsnMsgr"="C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" [2006-11-12 157592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-07-13 8466432]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-07-13 81920]
"UnlockerAssistant"="C:\Programmi\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"WireLessMouse"="C:\Programmi\Nortek Keyboard Mouse Application\MouseDrv.exe" [2005-09-08 503808]
"WireLessKeyboard"="C:\Programmi\Nortek Keyboard Mouse Application\PS2USBKbdDrv.exe" [2005-10-11 647168]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="C:\Programmi\Nero\Nero8\InCD\NBHGui.exe" [2007-09-20 2044712]
"InCD"="C:\Programmi\Nero\Nero8\InCD\InCD.exe" [2007-09-20 1077032]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"MaxtorOneTouch"="C:\Programmi\Maxtor\OneTouch\utils\Onetouch.exe" [2006-03-27 712704]
"mxomssmenu"="C:\Programmi\Maxtor\OneTouch Status\maxmenumgr.exe" [2005-10-17 81920]
"Babylon Client"="C:\Programmi\Babylon\Babylon-Pro\Babylon.exe" [2006-04-23 2655272]
"PWRISOVM.EXE"="C:\Programmi\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-29 1235736]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AppleSyncNotifier"="C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"nwiz"="nwiz.exe" [2007-07-13 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-01-13 25088]
"Sidebar"="C:\Programmi\Windows Sidebar\sidebar.exe" [2007-08-29 1233408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-06-23 C:\WINDOWS\system32\advpack.dll]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2008-07-29 212992]
BlueSoleil.lnk - C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-04-21 1441792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Azureus\\Azureus.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"C:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\windows\system32\Drivers\avgldx86.sys [2008-08-29 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;C:\windows\system32\Drivers\avgtdix.sys [2008-08-23 76040]
R3 usbstor;Driver archiviazione di massa USB;C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 PAC207;NX-Vega;C:\windows\system32\DRIVERS\pfc027.sys [2005-01-25 154112]
S3 Start BT in service;Start BT in service;C:\Programmi\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenuto della cartella 'Scheduled Tasks'
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\plyinn57.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://italian.eazel.com/it/index.php?r ... d=79919173
FF -: plugin - C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-04 20:26:08
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-09-04 20:26:37
ComboFix-quarantined-files.txt 2008-09-04 18:26:33
ComboFix2.txt 2008-09-04 18:22:40

Pre-Run: 463,307,087,872 byte disponibili
Post-Run: 463,297,540,096 byte disponibili

343 --- E O F --- 2008-08-31 15:44:39

grazie
ISpanico2703
Newbie
 
Post: 3
Iscritto il: 03/09/08 20:42

Re: PROBLEMI DI VIRUS

Postdi shel » 04/09/08 20:42

hai ancora problemi col pc?
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: PROBLEMI DI VIRUS

Postdi Luke57 » 04/09/08 22:09

Ciao, apri un file di testo (dal blocco note di windows), copia questo codice:

Codice: Seleziona tutto
File::
C:\WINDOWS\sxmaokgf.exe
C:\WINDOWS\system32\mx84445.dll
C:\WINDOWS\system32\tmp6.tmp
C:\WINDOWS\system32\tmp5.tmp
C:\WINDOWS\system32\tmp4.tmp





incollalo nel file di testo, salva il file nella stessa direzione di combofix, chiamandolo obbligatoriamente CFScript.txt trascinalo con il puntatore del mouse sull'icona di combofix per una nuova scansione e riavvio. Posta il nuovo report, se prodotto.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "PROBLEMI DI VIRUS":


Chi c’è in linea

Visitano il forum: Nessuno e 30 ospiti