Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
CommDrv.sys
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
ziguli
Comune mortale
Comune mortale


Registrato: 21/01/08 14:38
Messaggi: 4
Residenza: cagliari
MessaggioInviato: 21 Gen 2008 15:49    Oggetto: CommDrv.sys Rispondi citando
Ciao ,
è la prima volta per me. ho Windows XP professional SP2 antivirus Avast AVG Anti-Spyware 7.5.
Ho eseguito quanto consigliato per poter debellare il virus CommDrv.sys dal vostro sito.
ho usato Hijackthis ,il risultato lo salvato su blocco notes come mi avete consigliato .ma non so se devo mandarlo inquanto è molto grande .
potete consigliarmi al meglio !!
Grazie
Top
Profilo Invia messaggio privato
ziguli
Comune mortale
Comune mortale


Registrato: 21/01/08 14:38
Messaggi: 4
Residenza: cagliari
MessaggioInviato: 21 Gen 2008 15:53    Oggetto: re:CommDrv.sys Rispondi citando
ecco il risultato della scansione:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.36.29, on 21/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\DLink\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\BitTorrent_DNA\dna.exe
C:\Programmi\DLink\Software Bluetooth\BTTray.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\TEMP\489109.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Outlook Express\msimn.exe
C:\DOCUME~1\ziguli\IMPOST~1\Temp\Rar$EX00.953\StartupList.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: wbspark - {634B1F24-7B42-56C5-74F5-37A97B71F205} - C:\WINDOWS\system32\winspooly.dll
O2 - BHO: (no name) - {7117D5B6-51AD-4024-8F18-5DC9430CCF2A} - C:\WINDOWS\system32\ssqpo.dll (file missing)
O2 - BHO: Web Mon - {7428F943-BC4F-4A39-3B43-AB433C523B34} - C:\WINDOWS\system32\WebMon.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {c44a6a09-cf25-d91a-5544-e1c67cdd616a} - {a616ddc7-6c1e-4455-a19d-52fc90a6a44c} - C:\WINDOWS\system32\uyifvecw.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P40 "EPSON Stylus Photo R220 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [f4ba2bcd] rundll32.exe "C:\WINDOWS\system32\rwvosanr.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SysDrv] C:\WINDOWS\TEMP\489109.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [BitTorrent Turbo Accelerator] "C:\Programmi\BitTorrent Turbo Accelerator\BitTorrent Turbo Accelerator.exe" -tray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Advanced Uninstaller PRO Installation Monitor] "C:\Programmi\Innovative Solutions\Advanced Uninstaller PRO - Version 8\monitor.exe"
O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: zzpgum.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\DLink\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\DLink\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\DLink\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\DLink\Software Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 9628 bytes
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 21 Gen 2008 17:07    Oggetto: Rispondi citando
Ciao ziguli, Ciao

Segui le istruzioni di questo topic per postare il log di combofix.

PS: se vuoi, puoi presentarti qui
Top
Profilo Invia messaggio privato
ziguli
Comune mortale
Comune mortale


Registrato: 21/01/08 14:38
Messaggi: 4
Residenza: cagliari
MessaggioInviato: 22 Gen 2008 01:07    Oggetto: re: Rispondi citando
questo è il risultato di una scansione di ComboFix:
ComboFix 08-01-20.1 - ziguli 2008-01-21 23.48.13.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.520 [GMT 1:00]
Eseguito da: C:\Documents and Settings\ziguli\Desktop\download intenet\ComboFix(5).exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\ziguli\Dati applicazioni\inst.exe
C:\Documents and Settings\ziguli\Impostazioni locali\Dati applicazioni\acbdxysuha.dat
C:\Documents and Settings\ziguli\Impostazioni locali\Dati applicazioni\acbdxysuha_navps.dat
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\2_exception.nls
C:\WINDOWS\system32\bdsusulx.dll
C:\WINDOWS\system32\dxbjccyk.dll
C:\WINDOWS\system32\gxtqfgql.dll
C:\WINDOWS\system32\hiygntre.dll
C:\WINDOWS\system32\iocgjdwx.dll
C:\WINDOWS\system32\isrfcjpd.dll
C:\WINDOWS\system32\iyswtktw.ini
C:\WINDOWS\system32\kpixcyst.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\ntos.exe
C:\WINDOWS\system32\opqss.ini
C:\WINDOWS\system32\opqss.ini2
C:\WINDOWS\system32\qbncovxd.dll
C:\WINDOWS\system32\rnasovwr.ini
C:\WINDOWS\system32\rwvosanr.dll
C:\WINDOWS\system32\utlawaaa.dll
C:\WINDOWS\system32\uyenlebr.dll
C:\WINDOWS\system32\uyifvecw.dll
C:\WINDOWS\system32\wsnpoem\audio.dll
C:\WINDOWS\system32\wsnpoem\audio.dll.cla
C:\WINDOWS\system32\wsnpoem\video.dll
C:\WINDOWS\system32\wtktwsyi.dll
C:\WINDOWS\Temp\123625.exe
C:\WINDOWS\Temp\124015.exe
C:\WINDOWS\Temp\124265.exe
C:\WINDOWS\Temp\124515.exe
C:\WINDOWS\Temp\125203.exe
C:\WINDOWS\Temp\125531.exe
C:\WINDOWS\Temp\125546.exe
C:\WINDOWS\Temp\125875.exe
C:\WINDOWS\Temp\126046.exe
C:\WINDOWS\Temp\126234.exe
C:\WINDOWS\Temp\126500.exe
C:\WINDOWS\Temp\126796.exe
C:\WINDOWS\Temp\127359.exe
C:\WINDOWS\Temp\127375.exe
C:\WINDOWS\Temp\127406.exe
C:\WINDOWS\Temp\127718.exe
C:\WINDOWS\Temp\127984.exe
C:\WINDOWS\Temp\130046.exe
C:\WINDOWS\Temp\132140.exe
C:\WINDOWS\Temp\132296.exe
C:\WINDOWS\Temp\132343.exe
C:\WINDOWS\Temp\133296.exe
C:\WINDOWS\Temp\133578.exe
C:\WINDOWS\Temp\133890.exe
C:\WINDOWS\Temp\134171.exe
C:\WINDOWS\Temp\136015.exe
C:\WINDOWS\Temp\136437.exe
C:\WINDOWS\Temp\136765.exe
C:\WINDOWS\Temp\137843.exe
C:\WINDOWS\Temp\137890.exe
C:\WINDOWS\Temp\139984.exe
C:\WINDOWS\Temp\140562.exe
C:\WINDOWS\Temp\145703.exe
C:\WINDOWS\Temp\147437.exe
C:\WINDOWS\Temp\147562.exe
C:\WINDOWS\Temp\147593.exe
C:\WINDOWS\Temp\147609.exe
C:\WINDOWS\Temp\147656.exe
C:\WINDOWS\Temp\147671.exe
C:\WINDOWS\Temp\147781.exe
C:\WINDOWS\Temp\148546.exe
C:\WINDOWS\Temp\148578.exe
C:\WINDOWS\Temp\148843.exe
C:\WINDOWS\Temp\149281.exe
C:\WINDOWS\Temp\150984.exe
C:\WINDOWS\Temp\152453.exe
C:\WINDOWS\Temp\153046.exe
C:\WINDOWS\Temp\159062.exe
C:\WINDOWS\Temp\160234.exe
C:\WINDOWS\Temp\164468.exe
C:\WINDOWS\Temp\166593.exe
C:\WINDOWS\Temp\168750.exe
C:\WINDOWS\Temp\168968.exe
C:\WINDOWS\Temp\169359.exe
C:\WINDOWS\Temp\169921.exe
C:\WINDOWS\Temp\169937.exe
C:\WINDOWS\Temp\170437.exe
C:\WINDOWS\Temp\4595500.exe
C:\WINDOWS\Temp\489109.exe
C:\WINDOWS\Temp\626546.exe
C:\WINDOWS\system32\wsnpoem

----- Unknown downloads made by BITS: ----
http://192.115.70.23

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\runtime


((((((((((((((((((((((((( Files Creati Da 2007-12-21 al 2008-01-21 )))))))))))))))))))))))))))))))))))
.

2008-01-21 23:49 . 2008-01-21 23:49 268 --ah----- C:\sqmdata09.sqm
2008-01-21 23:49 . 2008-01-21 23:49 244 --ah----- C:\sqmnoopt09.sqm
2008-01-21 23:46 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-21 15:51 . 2008-01-21 15:52 <DIR> d-------- C:\Programmi\RogueRemover FREE
2008-01-21 14:36 . 2008-01-21 14:36 <DIR> d-------- C:\Programmi\Trend Micro
2008-01-21 13:32 . 2008-01-21 13:32 268 --ah----- C:\sqmdata08.sqm
2008-01-21 13:32 . 2008-01-21 13:32 244 --ah----- C:\sqmnoopt08.sqm
2008-01-21 13:07 . 2008-01-21 13:07 <DIR> dr------- C:\Documents and Settings\Administrator\Documenti
2008-01-18 23:52 . 2008-01-18 23:52 <DIR> d-------- C:\Programmi\MSECache
2008-01-17 23:35 . 2008-01-17 23:35 52,736 --a------ C:\info.exe
2008-01-17 23:10 . 2008-01-17 23:10 <DIR> d-------- C:\Documents and Settings\ziguli\Dati applicazioni\Grisoft
2008-01-17 22:33 . 2008-01-17 22:33 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Grisoft
2008-01-17 22:33 . 2008-01-17 22:33 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Grisoft
2008-01-17 22:33 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-16 14:29 . 2008-01-16 14:29 <DIR> dr------- C:\Documents and Settings\Administrator\Preferiti
2008-01-15 13:01 . 2008-01-19 21:35 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-01-15 12:34 . 2008-01-21 23:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-15 12:34 . 2008-01-15 12:34 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 12:32 . 2008-01-15 12:32 <DIR> d-------- C:\Programmi\iTunes
2008-01-15 12:32 . 2008-01-15 12:32 <DIR> d-------- C:\Programmi\iPod
2008-01-15 12:30 . 2008-01-15 12:30 <DIR> d-------- C:\Programmi\Apple Software Update
2008-01-13 20:07 . 2008-01-13 20:08 <DIR> d-------- C:\Programmi\Burraconline
2008-01-10 21:44 . 2008-01-20 21:53 <DIR> d-------- C:\Programmi\ClubDelGioco
2008-01-09 22:27 . 2008-01-09 22:27 <DIR> d-------- C:\Programmi\File comuni\NSV
2008-01-09 21:12 . 2008-01-09 21:12 <DIR> d-------- C:\Documents and Settings\ziguli\Bluetooth Software
2008-01-09 21:02 . 2008-01-19 21:35 <DIR> d-------- C:\Drivers
2008-01-09 14:47 . 2004-08-19 15:39 153,600 --a------ C:\WINDOWS\system32\irftp.exe
2008-01-09 14:47 . 2004-08-19 15:39 153,600 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-01-09 14:47 . 2004-08-19 15:39 28,672 --a------ C:\WINDOWS\system32\irmon.dll
2008-01-09 14:47 . 2004-08-19 15:39 28,672 --a--c--- C:\WINDOWS\system32\dllcache\irmon.dll
2008-01-09 14:47 . 2004-08-19 15:39 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-01-09 14:47 . 2004-08-19 15:39 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-01-09 13:39 . 2008-01-21 23:57 25,984 --a------ C:\WINDOWS\system32\drivers\Jhg46.sys
2008-01-07 03:12 . 2008-01-07 03:12 268 --ah----- C:\sqmdata07.sqm
2008-01-07 03:12 . 2008-01-07 03:12 244 --ah----- C:\sqmnoopt07.sqm
2008-01-07 03:00 . 2006-11-13 14:45 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-01-07 03:00 . 2007-06-18 14:18 23,680 --a------ C:\WINDOWS\system32\drivers\motmodem.sys
2008-01-07 01:41 . 2008-01-07 01:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\BVRP Software
2008-01-07 01:12 . 2008-01-07 01:12 268 --ah----- C:\sqmdata06.sqm
2008-01-07 01:12 . 2008-01-07 01:12 244 --ah----- C:\sqmnoopt06.sqm
2008-01-07 00:53 . 2008-01-07 00:53 268 --ah----- C:\sqmdata05.sqm
2008-01-07 00:53 . 2008-01-07 00:53 244 --ah----- C:\sqmnoopt05.sqm
2008-01-05 16:24 . 2008-01-19 11:27 <DIR> d-------- C:\Programmi\EPSON Print CD
2008-01-05 16:21 . 2008-01-05 16:24 <DIR> d-------- C:\Programmi\EPSON
2008-01-05 15:52 . 2008-01-05 15:52 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\InstallShield
2008-01-05 15:31 . 2008-01-05 15:31 6,312 --a------ C:\WINDOWS\EPSTPLOG.BAK
2008-01-05 15:31 . 2008-01-05 15:31 25 --a------ C:\WINDOWS\CDER220.ini
2008-01-05 13:05 . 2008-01-05 16:10 <DIR> d-------- C:\Programmi\File comuni\Nero
2008-01-04 21:14 . 2001-08-31 16:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-01-04 21:13 . 2001-08-31 16:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-01-04 21:12 . 2004-08-19 14:39 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-01-04 21:11 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-01-04 21:05 . 2008-01-04 21:05 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-01-04 21:05 . 2008-01-04 21:05 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-01-04 21:05 . 2008-01-04 21:05 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-01-04 21:05 . 2008-01-04 21:05 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-01-04 21:05 . 2008-01-04 21:05 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-01-04 21:05 . 2008-01-04 21:05 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-01-04 21:03 . 2001-08-31 16:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-01-04 20:24 . 2001-08-31 16:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-01-04 20:24 . 2001-08-31 16:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-01-04 20:24 . 2001-08-31 16:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-01-04 20:24 . 2001-08-31 16:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2008-01-04 20:23 . 2008-01-04 20:23 <DIR> d--h----- C:\Documents and Settings\Default User\Risorse di stampa
2008-01-04 20:23 . 2008-01-04 20:23 <DIR> d--h----- C:\Documents and Settings\Default User\Risorse di rete
2008-01-04 20:23 . 2008-01-04 20:23 <DIR> d-------- C:\Documents and Settings\Default User\Preferiti
2008-01-04 20:23 . 2008-01-04 20:23 <DIR> d-------- C:\Documents and Settings\Default User\Documenti
2008-01-04 14:01 . 2008-01-06 13:08 1,046,380 --ahs---- C:\WINDOWS\system32\lqferxdc.ini
2008-01-04 01:45 . 2008-01-04 01:45 <DIR> d-------- C:\Programmi\File comuni\ODBC
2008-01-04 01:44 . 2008-01-04 01:44 <DIR> d--h----- C:\Documents and Settings\All Users\Modelli
2008-01-03 14:14 . 2008-01-04 13:32 1,038,142 --ahs---- C:\WINDOWS\system32\xvibtoqv.ini
2008-01-02 13:57 . 2008-01-03 13:58 1,037,962 --ahs---- C:\WINDOWS\system32\edvqkjor.ini
2008-01-01 15:51 . 2008-01-09 00:07 21,760 --a------ C:\WINDOWS\Dxb40.sys
2008-01-01 13:25 . 2008-01-01 13:25 21,760 --a------ C:\WINDOWS\system32\drivers\Dxb40.sys
2008-01-01 12:18 . 2008-01-02 13:53 1,033,018 --ahs---- C:\WINDOWS\system32\gafxkiyj.ini
2007-12-30 21:04 . 2008-01-01 12:13 1,032,519 --ahs---- C:\WINDOWS\system32\elxqmrkh.ini
2007-12-29 14:14 . 2007-12-30 21:03 1,032,159 --ahs---- C:\WINDOWS\system32\jawegupf.ini
2007-12-28 22:07 . 2007-12-28 22:07 <DIR> d-------- C:\Programmi\File comuni\xing shared
2007-12-27 23:35 . 2007-12-29 14:13 1,031,979 --ahs---- C:\WINDOWS\system32\wyfskyom.ini
2007-12-26 18:24 . 2007-12-27 23:26 1,031,619 --ahs---- C:\WINDOWS\system32\mdduyevs.ini
2007-12-25 15:17 . 2007-12-26 18:23 1,027,702 --ahs---- C:\WINDOWS\system32\alicrctn.ini
2007-12-25 10:07 . 2008-01-05 13:05 <DIR> d-------- C:\Programmi\Nero
2007-12-25 10:07 . 2007-12-25 10:09 <DIR> d-------- C:\Programmi\File comuni\Ahead
2007-12-25 00:19 . 2008-01-04 21:10 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2007-12-25 00:19 . 2008-01-04 21:10 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2007-12-24 21:36 . 2007-12-24 21:36 0 --a------ C:\WINDOWS\Irremote.ini
2007-12-24 15:06 . 2007-12-25 10:00 878,605 --ahs---- C:\WINDOWS\system32\lcxwcurl.ini
2007-12-23 14:38 . 2007-12-23 14:38 268 --ah----- C:\sqmdata04.sqm
2007-12-23 14:38 . 2007-12-23 14:38 244 --ah----- C:\sqmnoopt04.sqm
2007-12-23 14:29 . 2007-12-23 14:29 268 --ah----- C:\sqmdata03.sqm
2007-12-23 14:29 . 2007-12-23 14:29 244 --ah----- C:\sqmnoopt03.sqm
2007-12-23 14:25 . 2007-12-24 15:05 907,864 --ahs---- C:\WINDOWS\system32\fmyobowy.ini
2007-12-22 14:24 . 2007-12-23 14:24 876,856 --ahs---- C:\WINDOWS\system32\abwdagnw.ini
2007-12-21 14:26 . 2007-12-22 11:28 904,784 --ahs---- C:\WINDOWS\system32\eewskgha.ini
2007-12-21 00:10 . 2007-12-21 00:10 <DIR> d-------- C:\Programmi\Microsoft SQL Server Compact Edition

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 22:59 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\Skype
2008-01-21 22:55 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\BitTorrent DNA
2008-01-19 20:36 --------- d-----w C:\Programmi\QuickTime
2008-01-19 11:01 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\dvdcss
2008-01-19 09:52 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\DVD Shrink
2008-01-14 19:34 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\BitTorrent
2008-01-12 00:32 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\CyberLink
2008-01-09 14:10 --------- d-----w C:\Programmi\MP3Gain
2008-01-07 13:25 --------- d-----w C:\Programmi\Paparazzi
2008-01-07 12:37 --------- d-----w C:\Programmi\DC++
2008-01-07 00:40 --------- d-----w C:\Programmi\Motorola
2008-01-05 23:35 --------- d-----w C:\Programmi\Google
2008-01-05 15:30 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-01-05 15:27 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\UDL
2008-01-01 18:55 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\DivX
2008-01-01 12:18 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\Canon
2007-12-28 21:05 --------- d-----w C:\Programmi\File comuni\Real
2007-12-28 19:21 --------- d-----w C:\Programmi\VirtualDJ
2007-12-27 23:12 --------- d-----w C:\Programmi\BOOMBox Radio Player
2007-12-27 13:00 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Innovative Solutions
2007-12-26 22:47 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\iWin
2007-12-26 22:47 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\Comodo
2007-12-26 22:32 --------- d-----w C:\Programmi\Mahjong Quest 2
2007-12-25 09:13 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Ahead
2007-12-24 23:14 --------- d-----w C:\Programmi\Windows Media Connect 2
2007-12-24 23:14 --------- d-----w C:\Programmi\PC Inspector File Recovery
2007-12-24 22:17 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Nero
2007-12-20 23:13 --------- d-----w C:\Programmi\Windows Live
2007-12-20 23:01 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2007-12-08 18:13 --------- d-----w C:\Programmi\ReflexiveArcade
2007-12-06 22:28 --------- d-----w C:\Programmi\Lavalys
2007-12-06 22:04 --------- d-----w C:\Programmi\GameHouse
2007-12-06 19:29 --------- d-----w C:\Programmi\ewido anti-spyware 4.0
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-03 14:51 --------- d-----w C:\Programmi\File comuni\MAGIX Shared
2007-12-03 14:35 --------- d-----w C:\Programmi\MP3 Downloader
2007-12-03 14:33 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\MP3Downloader
2007-11-27 14:17 --------- d-----w C:\Programmi\DVD Audio Extractor
2007-11-27 14:13 --------- d-----w C:\Programmi\AoA Audio Extractor
2007-11-27 14:09 --------- d-----w C:\Programmi\DVD Audio Extractor2
2007-11-27 14:08 --------- d-----w C:\Programmi\DVD Audio Extractor 2
2007-11-26 12:13 --------- d-----w C:\Programmi\Java
2007-11-23 12:42 --------- d-----w C:\Programmi\MSN Messenger
2007-11-23 12:40 --------- dcsh--w C:\Programmi\File comuni\WindowsLiveInstaller
2007-11-21 21:45 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\F-Secure
2007-11-21 21:45 --------- d-----w C:\Documents and Settings\ziguli\Dati applicazioni\Apple Computer
2007-11-21 21:45 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Backup
2007-11-21 16:31 132,904 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
2007-11-21 16:31 11,304 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
2007-10-23 16:49 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-03 13:11 81,920 ----a-w C:\Documents and Settings\ziguli\Dati applicazioni\ezpinst.exe
2007-08-03 13:11 47,360 ----a-w C:\Documents and Settings\ziguli\Dati applicazioni\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{634B1F24-7B42-56C5-74F5-37A97B71F205}]
2003-08-11 22:25 50176 --a------ C:\WINDOWS\system32\winspooly.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7117D5B6-51AD-4024-8F18-5DC9430CCF2A}]
C:\WINDOWS\system32\ssqpo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7428F943-BC4F-4A39-3B43-AB433C523B34}]
C:\WINDOWS\system32\WebMon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:39 15360]
"Skype"="C:\Programmi\Skype\Phone\Skype.exe" [2007-08-25 20:54 23090984]
"WebCamRT.exe"="" []
"BitTorrent DNA"="C:\Programmi\BitTorrent_DNA\dna.exe" [2007-11-07 15:05 286016]
"BitTorrent Turbo Accelerator"="C:\Programmi\BitTorrent Turbo Accelerator\BitTorrent Turbo Accelerator.exe" [ ]
"MsnMsgr"="C:\Programmi\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" [ ]
"Advanced Uninstaller PRO Installation Monitor"="C:\Programmi\Innovative Solutions\Advanced Uninstaller PRO - Version 8\monitor.exe" [2007-03-05 22:33 1231600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R220 Series (Copia 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.exe" [2005-03-09 05:00 98304]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 14:39 110592 C:\WINDOWS\system32\bthprops.cpl]
"OpwareSE2"="C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 39792]
"RemoteControl"="C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 15:24 71216]
"LanguageShortcut"="C:\Programmi\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 15:21 54832]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"WinampAgent"="C:\Programmi\Winamp\winampa.exe" [2007-10-10 06:28 36352]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [ ]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"!AVG Anti-Spyware"="C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:39 15360]

C:\Documents and Settings\ziguli\Menu Avvio\Programmi\Esecuzione automatica\
zzpgum.exe [2008-01-05 13:44:30 3565]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\kasper~1\kasper~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Dxb40.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Jhg46.sys]
@="Driver"

R0 Dxb40;Dxb40;C:\WINDOWS\system32\Drivers\Dxb40.sys [2008-01-01 13:25]
R0 Jhg46;Jhg46;C:\WINDOWS\system32\Drivers\Jhg46.sys [2008-01-21 23:57]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Programmi\CyberLink\PowerDVD\000.fcl [2006-11-02 15:51]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 13:58]
S3 mbr;mbr;C:\DOCUME~1\ziguli\IMPOST~1\Temp\mbr.sys []
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys []
S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 14:18]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
mysee2 REG_MULTI_SZ Mysee2_Runtime

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{754ff8bc-f3f0-11db-b05a-00e1a7767681}]
\Shell\Auto\command - lwbyxjeki.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL lwbyxjeki.exe

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 23:59:04
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

C:\WINDOWS\system32\CommDrv.sys 8576 bytes executable

Scansione completata con successo
Files nascosti: 1

**************************************************************************
.
Ora fine scansione: 2008-01-22 0:01:33 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-21 23:01:30
.
2007-10-11 13:45:53 --- E O F ---
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 22 Gen 2008 09:58    Oggetto: Rispondi
Ciao ziguli,
per cortesia non aprire nuovi thread, ma continua con questo, ok?
Grazie mille per la collaborazione. Wink

Combofix ha eliminato parecchie schifezze, ma ce ne sono ancora.

  • Scarica VundoFix e VirtumundoBegone e salvali sul desktop.
  • Avvia VundoFix
    Seleziona Scan for Vundo e a scansione terminata scegli Remove Vundo.
    Clicca Yes e alla richiesta di riavviare il Pc rispondi Ok.
    Al riavvio dovrebbe comparire il blocco-note con dentro il log, copia e posta sul forum il contenuto.
  • Ora avvia in modalità provvisoria
    Avvia VirtumundoBeGone e segui le indicazioni a video.
    riavvia il Pc in modalità normale e posta il log.
  • fai queste scansioni con GMER e posta i logs su FreeFileHosting come indicato qui.
  • Fai anche un nuovo log di HijackThis e mettilo qui.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi