Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
AIUTO .. VORREI RIVISIONARE IL COMPUTER ..Probabili virus
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 14:10    Oggetto: AIUTO .. VORREI RIVISIONARE IL COMPUTER ..Probabili virus Rispondi citando
Ciao mi sn rivolto a qst forum perkè mi hanno detto ke è ottimo e siete molto bravi per risolvere i problemi.

Vi spiego la mia situazione :

Io ho come sistema operativo windows vista premium e come sapete alcuni compagnie informatiche nn hanno creato dei driver per vista e ci n un pò di errori ad esempio il lettore memory card mi dice errore 10 , ho provato a disinstallarlo e attivarlo ma nulla di ke, infatti quando ho messo la trasnflash nel lettore memory card nn me la riconosce.

Poi vorrei vedere se ci sn virus , ho fatto la scansione cn nod32 e mi ha trovato virus ma altri nn riesco a toglierli...

Inoltre la cpu oscilla tra i 5%e il 30 % in particolare quando aprò tante finestre di internet explorer e faccio la scansione , vorrei sapere se è normale ??
Mentre c'è un modo per velocizzare il computer al meglio , nn so aggiornando la memoria .. mm me ne intendo di qst per qst mi sn rivolto a voi..

Spero ke mi aiuterete ...

Intanto ho annalizzato il programma cn HijackThis


Logfile of HijackThis v1.99.1
Scan saved at 14.57.35, on 10/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Windows\system32\mioengine.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice.it/oggi/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: My Vodafone.it.lnk = C:\Users\Saitta\AppData\Roaming\mioObjects\[objects]\69GWEU9386MTAR08.mio
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: MultiFrame.lnk = ?
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CEC1BF8-8152-4366-BB99-7B7DFEA1628B}: NameServer = 85.37.17.50 85.38.28.76
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\Asus\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 16:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 10 Ago 2007 17:35    Oggetto: Rispondi citando
Ciao Very Happy
Avvia HJT e metti la spunta a sinistra di queste voci:-
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: MultiFrame.lnk = ?
O13 - Gopher Prefix:
Clicca Fix Checked
Riavvia il PC e posta un nuovo log di Hijackthis.

Scarica CWShredder da quì: http://www.trendmicro.com/ftp/products/online-tools/cwshredder.exe
Basta avviarlo e cliccare su Fix
Alla fine incolla quì il risultato. Ci potrebbero essere tracce di CoolWebSrearch.

Poi, fai anche questi passaggi:
http://forum.zeusnews.com/viewtopic.php?p=194965#194965 passaggio 1 -

http://forum.zeusnews.com/viewtopic.php?p=194966#194966 passaggio 2 -
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 20:55    Oggetto: Rispondi citando
ciao.... ho appena fatto la scansione con HijackThis e ho messo la spunta sui programmi ke mi hai detto. , poi ho riavviato il computer e ho rifatto la scanzione .
Questo è il log:


Logfile of HijackThis v1.99.1
Scan saved at 21.46.46, on 10/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\mioengine.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: My Vodafone.it.lnk = C:\Users\Saitta\AppData\Roaming\mioObjects\[objects]\69GWEU9386MTAR08.mio
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\Asus\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 21:02    Oggetto: Rispondi citando
ho avviato CWShredder e ho fatto il fix e poi ho incollato il report.





**** Run Keys ****

RUN: [openFileBackup]
RUN: [ehTray.exe] C:\Windows\ehome\ehTray.exe
RUN: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
RUN: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe


**** Browser Helper Objects ****

BHO: [Yahoo! Toolbar Helper] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: [Supporto di collegamento per Adobe PDF Reader] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: [Groove GFS Browser Helper] C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
BHO: [SSVHelper Class] C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
BHO: [SSVHelper Class] C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
BHO: [Adobe PDF Conversion Toolbar Helper] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll


**** IE Toolbars ****

TOOLBAR: [Adobe PDF] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
TOOLBAR: [Yahoo! Toolbar] C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll


**** IE Extensions ****

IEExt: []
IEExt: [Invia a OneNote]
IEExt: [@C:\Windows\WindowsMobile\INetRepl.dll,-222]
IEExt: [@C:\Windows\WindowsMobile\INetRepl.dll,-222]
IEExt: [Research]


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: ::1 localhost
HOSTS: ::1 localhost


**** IE Settings ****

Default Page: http://www.asus.com
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page: C:\Windows\system32\blank.htm
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch


**** IE Context Menu (Right click) ****

IEContext: [Converti destinazione link in Adobe PDF] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IEContext: [Converti destinazione link in file PDF esistente] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IEContext: [Converti i link selezionati in Adobe PDF] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IEContext: [Converti i link selezionati in file PDF esistente] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IEContext: [Converti in Adobe PDF] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IEContext: [Converti nel file PDF esistente] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IEContext: [Converti selezione in Adobe PDF] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IEContext: [Converti selezione in file PDF esistente] res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IEContext: [E&sporta in Microsoft Excel] res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000


**** Layered Service Providers ****

LSP: NOD32 protected [MSAFD Tcpip [TCP/IP]]
LSP: NOD32 protected [MSAFD Tcpip [UDP/IP]]
LSP: NOD32 protected [MSAFD Tcpip [TCP/IPv6]]
LSP: NOD32 protected [MSAFD Tcpip [UDP/IPv6]]
LSP: NOD32 protected [Provider di servizi TCPv6 RSVP]
LSP: NOD32 protected [Provider di servizi TCP RSVP]
LSP: NOD32 protected [Provider di servizi UDPv6 RSVP]
LSP: NOD32 protected [Provider di servizi UDP RSVP]
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: MSAFD Tcpip [TCP/IPv6]
LSP: MSAFD Tcpip [UDP/IPv6]
LSP: Provider di servizi TCPv6 RSVP
LSP: Provider di servizi TCP RSVP
LSP: Provider di servizi UDPv6 RSVP
LSP: Provider di servizi UDP RSVP
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{750F5845-B541-4938-AD8B-9756E15957EA}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{750F5845-B541-4938-AD8B-9756E15957EA}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{75847C5F-C1CB-4343-94F0-BB584DF2C9E8}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{75847C5F-C1CB-4343-94F0-BB584DF2C9E8}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{20272598-B582-46AE-8B2C-82F028BE671F}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{20272598-B582-46AE-8B2C-82F028BE671F}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{750F5845-B541-4938-AD8B-9756E15957EA}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{750F5845-B541-4938-AD8B-9756E15957EA}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{75847C5F-C1CB-4343-94F0-BB584DF2C9E8}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{75847C5F-C1CB-4343-94F0-BB584DF2C9E8}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{20272598-B582-46AE-8B2C-82F028BE671F}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{20272598-B582-46AE-8B2C-82F028BE671F}] DATAGRAM 5


**** Blocked Control Panel Items ****

BLOCKED: [odbccp32.cpl] No


**** Downloaded Program Files ****

{6B75345B-AA36-438A-BBE6-4078B4C6984D} [http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab]


**** Windows Services ****

[Adobe LM Service] "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
[AeLookupSvc] %systemroot%\system32\svchost.exe -k netsvcs
[ALG] %SystemRoot%\System32\alg.exe
[Appinfo] %SystemRoot%\system32\svchost.exe -k netsvcs
[Apple Mobile Device] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
[ASLDRService] C:\Program Files\ATK Hotkey\ASLDRSrv.exe
[AudioEndpointBuilder] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[Audiosrv] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[BFE] %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[CertPropSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[clr_optimization_v2.0.50727_32] %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[COMSysApp] %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k NetworkService
[DcomLaunch] %SystemRoot%\system32\svchost.exe -k DcomLaunch
[DFSR] %SystemRoot%\system32\DFSR.exe
[Dhcp] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[dot3svc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[DPS] %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
[EapHost] %SystemRoot%\System32\svchost.exe -k netsvcs
[ehRecvr] %systemroot%\ehome\ehRecvr.exe
[ehSched] %systemroot%\ehome\ehsched.exe
[ehstart] %windir%\system32\svchost.exe -k LocalServiceNoNetwork
[EMDMgmt] %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[Eventlog] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[EventSystem] %SystemRoot%\system32\svchost.exe -k LocalService
[fdPHost] %SystemRoot%\system32\svchost.exe -k LocalService
[FDResPub] %SystemRoot%\system32\svchost.exe -k LocalService
[FontCache3.0.0.0] %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
[gpsvc] %systemroot%\system32\svchost.exe -k netsvcs
[hidserv] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[hkmsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[idsvc] "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
[IKEEXT] %systemroot%\system32\svchost.exe -k netsvcs
[IPBusEnum] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[iphlpsvc] %SystemRoot%\System32\svchost.exe -k NetSvcs
[KeyIso] %SystemRoot%\system32\lsass.exe
[KtmRm] %SystemRoot%\System32\svchost.exe -k NetworkService
[LanmanServer] %SystemRoot%\system32\svchost.exe -k netsvcs
[LanmanWorkstation] %SystemRoot%\System32\svchost.exe -k LocalService
[LightScribeService] "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
[lltdsvc] %SystemRoot%\System32\svchost.exe -k LocalService
[lmhosts] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[Mcx2Svc] %SystemRoot%\system32\svchost.exe -k LocalService
[MDM] "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
[MHN] C:\WINDOWS\System32\svchost.exe -k netsvcs
[Microsoft Office Groove Audit Service] "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
[MMCSS] %SystemRoot%\system32\svchost.exe -k netsvcs
[MpsSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
[MSDTC] %SystemRoot%\System32\msdtc.exe
[MSiSCSI] %systemroot%\system32\svchost.exe -k netsvcs
[msiserver] %systemroot%\system32\msiexec /V
[napagent] %SystemRoot%\System32\svchost.exe -k NetworkService
[Netlogon] %systemroot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[netprofm] %SystemRoot%\System32\svchost.exe -k LocalService
[NetTcpPortSharing] "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[NlaSvc] %SystemRoot%\System32\svchost.exe -k NetworkService
[NMIndexingService] "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"
[NOD32krn] "C:\Program Files\Eset\nod32krn.exe"
[nsi] %systemroot%\system32\svchost.exe -k LocalService
[odserv] "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
[ose] "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[p2pimsvc] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[p2psvc] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[PcaSvc] %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[PDAgent] "C:\Program Files\Raxco\PerfectDisk\PDAgent.exe"
[PDEngine] "C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"
[pla] %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
[PlugPlay] %SystemRoot%\system32\svchost.exe -k DcomLaunch
[PNRPAutoReg] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[PNRPsvc] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[PolicyAgent] %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
[ProfSvc] %systemroot%\system32\svchost.exe -k netsvcs
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[QWAVE] %windir%\system32\svchost.exe -k LocalService
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k regsvc
[RichVideo] "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost.exe -k rpcss
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\system32\svchost.exe -k LocalService
[Schedule] %systemroot%\system32\svchost.exe -k netsvcs
[SCPolicySvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[SDRSVC] %SystemRoot%\system32\svchost.exe -k SDRSVC
[seclogon] %windir%\system32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[ServiceLayer] "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
[SessionEnv] %SystemRoot%\System32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[slsvc] %SystemRoot%\system32\SLsvc.exe
[SLUINotify] %SystemRoot%\system32\svchost.exe -k LocalService
[SNMPTRAP] %SystemRoot%\System32\snmptrap.exe
[spmgr] C:\Program Files\Asus\NB Probe\SPM\spmgr.exe
[Spooler] %SystemRoot%\System32\spoolsv.exe
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[StkSSrv] %SystemRoot%\System32\StkCSrv.exe
[swprv] %SystemRoot%\System32\svchost.exe -k swprv
[Symantec Core LC] "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
[SysMain] %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[TabletInputService] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[TapiSrv] %SystemRoot%\System32\svchost.exe -k NetworkService
[TBS] %SystemRoot%\System32\svchost.exe -k LocalService
[TermService] %SystemRoot%\System32\svchost.exe -k NetworkService
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[THREADORDER] %SystemRoot%\system32\svchost.exe -k LocalService
[TlntSvr] %SystemRoot%\System32\tlntsvr.exe
[TOSHIBA Bluetooth Service] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
[TrkWks] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[TrustedInstaller] %SystemRoot%\servicing\TrustedInstaller.exe
[UI0Detect] %SystemRoot%\system32\UI0Detect.exe
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[usnjsvc] "C:\Program Files\MSN Messenger\usnsvc.exe"
[UxSms] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[vds] %SystemRoot%\System32\vds.exe
[VSS] %systemroot%\system32\vssvc.exe
[W32Time] %SystemRoot%\system32\svchost.exe -k LocalService
[wcncsvc] %SystemRoot%\System32\svchost.exe -k LocalService
[WcsPlugInService] %SystemRoot%\system32\svchost.exe -k wcssvc
[WdiServiceHost] %SystemRoot%\System32\svchost.exe -k wdisvc
[WdiSystemHost] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[Wecsvc] %SystemRoot%\system32\svchost.exe -k NetworkService
[wercplsupport] %SystemRoot%\System32\svchost.exe -k netsvcs
[WerSvc] %SystemRoot%\System32\svchost.exe -k WerSvcGroup
[WinDefend] %SystemRoot%\System32\svchost.exe -k secsvcs
[WinHttpAutoProxySvc] %SystemRoot%\system32\svchost.exe -k LocalService
[Winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WinRM] %SystemRoot%\System32\svchost.exe -k NetworkService
[Wlansvc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[wmiApSrv] %systemroot%\system32\wbem\WmiApSrv.exe
[WMPNetworkSvc] "%ProgramFiles%\Windows Media Player\wmpnetwk.exe"
[WPCSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[WPDBusEnum] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[wscsvc] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[WSearch] %systemroot%\system32\SearchIndexer.exe /Embedding
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[wudfsvc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted


**** Custom IE Search Items ****

SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


**** Complete IE Options ****

IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Check_Associations] no
IEOPT: [CompatibilityFlags]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Display Inline Images] yes
IEOPT: [Display Inline Videos] no
IEOPT: [Do404Search]
IEOPT: [Enable Browser Extensions] yes
IEOPT: [FormSuggest Passwords] yes
IEOPT: [FormSuggest PW Ask] yes
IEOPT: [FullScreen] no
IEOPT: [Local Page] C:\Windows\system32\blank.htm
IEOPT: [NoJITSetup]
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [NoUpdateCheck]
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [RunOnceComplete]
IEOPT: [RunOnceHasShown]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [SearchMigrated]
IEOPT: [Show_ChannelBand] No
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [Start Page] http://www.alice.it/oggi/index.html
IEOPT: [StartPageCache]
IEOPT: [Use FormSuggest] yes
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [UseClearType] yes
IEOPT: [Window_Placement] ,
IEOPT: [XMLHTTP]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Friendly http errors] no
IEOPT: [Print_Background] no
IEOPT: [SmoothScroll]
IEOPT: [AutoHide] yes
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Default_Page_URL] http://www.asus.com
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Search Bar] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IEOPT: [Wizard_Version] 6.00.2800.1017
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 21:10    Oggetto: Rispondi citando
ho fatto il seguente passaggio numero 1

questo è riusltato:

Forum Link:

scansionegmr.txt

Direct Link:

http://www.freefilehosting.net/download/MTAzNDM=


spero di essere stato bravo... Wink
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 11:05
Messaggi: 14300
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 10 Ago 2007 21:27    Oggetto: Rispondi citando
Solo una domanda: Windows Vista?
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 21:28    Oggetto: Rispondi citando
ho fatto il seguente passaggio numero 2:

questo è il report finale:

Link:

http://www.freefilehosting.net/download/MTAzNDY=

Forum Link:

passaggio numero 2 .txt

passaggio numero 2 .txt
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 21:29    Oggetto: Rispondi citando
bdoriano ha scritto:
Solo una domanda: Windows Vista?



si ... ha qualke problema il computer ???
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 11:05
Messaggi: 14300
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 10 Ago 2007 21:36    Oggetto: Rispondi citando
blackhole ha scritto:
bdoriano ha scritto:
Solo una domanda: Windows Vista?

si ... ha qualke problema il computer ???

No, sarà una bella lotta... Sad

PS: GMER andava scompattato in una sua cartella non temporanea e non sul desktop.
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 21:46    Oggetto: Rispondi citando
ho scaricato gmer in c e l'ho scompattato sempre in c ..ok...

questo è il report:

http://www.freefilehosting.net/download/MTAzNDc=
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 10 Ago 2007 22:15    Oggetto: Rispondi citando
blackhole ha scritto:
ho scaricato gmer in c e l'ho scompattato sempre in c ..ok...

questo è il report:

http://www.freefilehosting.net/download/MTAzNDc=



avete analizzato????

Wink Wink
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 16:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 10 Ago 2007 22:22    Oggetto: Rispondi citando
I log di GmER pare non evidenzino nulla.

Avvia Hijackthis e metti la spunta a sinistra di questa riga però col browser chiuso:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
clica fix checked

Per favore fai quest'altro passaggio che hai dimenticato:-

Scarica FindAWF da quì: http://noahdfear.geekstogo.com/FindAWF.exe
Fai la scansione del PC e poi incolla quì il risultato.
Intanto dimmi come va il PC... Wink
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 11 Ago 2007 12:19    Oggetto: Rispondi citando
ciao... ho avviato Hijackthis e ho messo la spunta a sinistra di questa riga però col browser chiuso:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
clica fix checked

dopo fatto ciò ho fatto riporto il log:



Logfile of HijackThis v1.99.1
Scan saved at 13.14.42, on 11/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\mioengine.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: My Vodafone.it.lnk = C:\Users\Saitta\AppData\Roaming\mioObjects\[objects]\69GWEU9386MTAR08.mio
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CEC1BF8-8152-4366-BB99-7B7DFEA1628B}: NameServer = 85.37.17.50 85.38.28.76
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\Asus\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 11 Ago 2007 12:25    Oggetto: Rispondi citando
ho scaricato FINDAWF in C e ho fatto la scansione , cliccando sul numero 1 ovvero : scan for back folders

questo è il risultato ::


Find AWF report by noahdfear ©2006
Version 1.39



bak folders found
~~~~~~~~~~~



Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 11 Ago 2007 12:46    Oggetto: Rispondi citando
ho aperto task manager andando su processi e ho riportato il grafico:


Shot at 2007-08-11
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 11 Ago 2007 12:57    Oggetto: Rispondi citando
Poi come tu sai su windows vista se si va su start----->Panello di controllo-------->Centro attività iniziali----->Visulaizza i dettagli del computer c'è un punteggio , ovvero si kiama indice di prestazione .



Shot at 2007-08-11
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 16:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 11 Ago 2007 19:01    Oggetto: Rispondi citando
Il log di HJT sembra pulito, fino ad ora non si vedono tracce di infezioni.
C'è solo da ripristinare il Winsock, ma prima facciamo un altro controllo.

Fai una scansione online con Kaspersky, quì è scritto come fare:
http://forum.zeusnews.com/viewtopic.php?t=21705
Quando sta scaricando i file necessari, disattiva momentaneamente l'antivirus ed eventualmente anche il firewall. Non appena inizia la scansione del PC disconnettiti da internet.
Alla fine carica il risultato su www.freefilehosting.net, riportando quì il link che ti viene assegnato.

PS: Ancora non conosco bene Windows Vista. Non vedo nessun firewall.
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 11:05
Messaggi: 14300
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 11 Ago 2007 19:20    Oggetto: Rispondi citando
Sante62 ha scritto:
C'è solo da ripristinare il Winsock, ma prima facciamo un altro controllo.

Aspetta a toccare il WinSock, sembra che siano file legittimi di Windows Vista. Think

@blackhole:
Purtroppo con Vista ho avuto un'esperienza negativa...
Il pc di un mio vicino di casa si era riempito e i classici sistemi di scansione ed eliminazione non hanno funzionato.
Ho dovuto staccare fisicamente il disco dal suo pc, collegarlo su porta USB al mio e fare una scansione con alcuni antivirus per ripulirlo.

Oltre alla scansione consigliata da Sante62, collegati a Panda Activescan, fai lo scan completo, salva il risultato in un file, caricalo su http://www.freefilehosting.net e posta qui il link che ti viene assegnato.
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 12 Ago 2007 21:04    Oggetto: Rispondi citando
Ciao.... ho fatto la scansione cn Kaspersky on line , disattivando sia windows firwell e sia l' antivrus nod32...

Alla fine ha trovato numero di virus trovati 3 ed numero di oggetti infetti 7.

Ho copiato il report:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, August 12, 2007 9:52:40 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 12/08/2007
Kaspersky Anti-Virus database records: 379021
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 108986
Number of viruses found: 3
Number of infected objects: 7
Number of suspicious objects: 0
Duration of the scan process: 01:07:41

Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\NTDETECT.COM Object is locked skipped
C:\ntldr Object is locked skipped
C:\Program Files\Asus\Net4Switch\Resource.bin Object is locked skipped
C:\Program Files\Eset\cache\CACHE.NDB Object is locked skipped
C:\Program Files\Eset\infected\PWF2JRCA.NQF Infected: Backdoor.Win32.Agent.aou skipped
C:\Program Files\Eset\logs\virlog.dat Object is locked skipped
C:\Program Files\Eset\logs\warnlog.dat Object is locked skipped
C:\Program Files\Player Tool\3wPlayer-1.0.0.3-setup-0312.exe/file8 Infected: Trojan.Win32.Obfuscated.en skipped
C:\Program Files\Player Tool\3wPlayer-1.0.0.3-setup-0312.exe Inno: infected - 1 skipped
C:\ProgramData\Microsoft\eHome\Recording\Recordings.xml Object is locked skipped
C:\ProgramData\Microsoft\User Account Pictures\Administrator.dat Object is locked skipped
C:\ProgramData\Microsoft\User Account Pictures\Guest.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat{d1fe8c94-459f-11dc-b417-0018f3a1e4ca}.TM.blf Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat{d1fe8c94-459f-11dc-b417-0018f3a1e4ca}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Windows\UsrClass.dat{d1fe8c94-459f-11dc-b417-0018f3a1e4ca}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Saitta\AppData\Local\Temp\IH1D46.tmp Object is locked skipped
C:\Users\Saitta\AppData\Local\Temp\Low\~DFB1CD.tmp Object is locked skipped
C:\Users\Saitta\AppData\Local\Temp\Low\~DFB1D3.tmp Object is locked skipped
C:\Users\Saitta\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4f39c291-3a01faf7/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Users\Saitta\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4f39c291-3a01faf7/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Users\Saitta\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4f39c291-3a01faf7/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Users\Saitta\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4f39c291-3a01faf7 ZIP: infected - 3 skipped
C:\Users\Saitta\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Saitta\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped
C:\Users\Saitta\ntuser.dat Object is locked skipped
C:\Users\Saitta\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Saitta\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Saitta\ntuser.dat{d1fe8c92-459f-11dc-b417-0018f3a1e4ca}.TM.blf Object is locked skipped
C:\Users\Saitta\ntuser.dat{d1fe8c92-459f-11dc-b417-0018f3a1e4ca}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Saitta\ntuser.dat{d1fe8c92-459f-11dc-b417-0018f3a1e4ca}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\bthservsdp.dat Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\Installer\MSI43E8.tmp Object is locked skipped
C:\Windows\Installer\MSI7851.tmp Object is locked skipped
C:\Windows\Installer\MSICA8D.tmp Object is locked skipped
C:\Windows\Logs\CBS\CBS.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped
C:\Windows\Logs\DPX\setupact.log Object is locked skipped
C:\Windows\Logs\DPX\setuperr.log Object is locked skipped
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
C:\Windows\Panther\catalogs\OfflineUpgradeStore.dat Object is locked skipped
C:\Windows\Panther\catalogs\OnlineEnvStore.dat Object is locked skipped
C:\Windows\Panther\catalogs\OnlineMigStore.dat Object is locked skipped
C:\Windows\Panther\catalogs\OnlineUpgradeStore.dat Object is locked skipped
C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped
C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped
C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped
C:\Windows\security\database\secedit.sdb Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\COMPONENTS Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\DEFAULT Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\SAM Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\SECURITY Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\SOFTWARE Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\SYSTEM Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{ea5b9c03-3c3c-11dc-a006-0018f38cd090}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{ea5b9c03-3c3c-11dc-a006-0018f38cd090}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{ea5b9c03-3c3c-11dc-a006-0018f38cd090}.TxR.2.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{ea5b9c03-3c3c-11dc-a006-0018f38cd090}.TxR.blf Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-MSDT%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MeetingSpace%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Admin.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wired-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\desktop.ini Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\tracing\BAP.LOG Object is locked skipped
C:\Windows\tracing\IpHlpSvc.LOG Object is locked skipped
C:\Windows\tracing\KMDDSP.LOG Object is locked skipped
C:\Windows\tracing\NDPTSP.LOG Object is locked skipped
C:\Windows\tracing\PPP.LOG Object is locked skipped
C:\Windows\tracing\RASAPI32.LOG Object is locked skipped
C:\Windows\tracing\RASBACP.LOG Object is locked skipped
C:\Windows\tracing\RASCCP.LOG Object is locked skipped
C:\Windows\tracing\RASDLG.LOG Object is locked skipped
C:\Windows\tracing\RASEAP.LOG Object is locked skipped
C:\Windows\tracing\RASIPCP.LOG Object is locked skipped
C:\Windows\tracing\RASIPHLP.LOG Object is locked skipped
C:\Windows\tracing\RASIPV6CP.LOG Object is locked skipped
C:\Windows\tracing\RASMAN.LOG Object is locked skipped
C:\Windows\tracing\RASPAP.LOG Object is locked skipped
C:\Windows\tracing\RASQEC.LOG Object is locked skipped
C:\Windows\tracing\RASTAPI.LOG Object is locked skipped
C:\Windows\tracing\svchost_RASCHAP.LOG Object is locked skipped
C:\Windows\tracing\svchost_RASTLS.LOG Object is locked skipped
C:\Windows\tracing\tapi32.LOG Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped

Scan process completed.
Top
Profilo Invia messaggio privato
blackhole
Mortale adepto
Mortale adepto


Registrato: 10/08/07 12:09
Messaggi: 33
MessaggioInviato: 12 Ago 2007 21:08    Oggetto: Rispondi
Ciao poi ho provato a fare la scansione cn Panda ma nn la posso fare perchè il sistema operativo nn è supportato.

Guardate qui:

Operating system not supported.ActiveScan is currently not available for Windows Vista. There will shortly be a new version for this operating system.Minimum requirements
Operating system:
Windows 95/98/Me/NT/2000/XP
RAM:
32 Mb (Win 95/98/Me)
64 Mb (Win NT/2000/XP)
Browser:
Internet Explorer 5.0 or later
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 1 ora
Vai a 1, 2  Successivo
Pagina 1 di 2

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi